Managing risk at the speed of business
Dennis Cox posted a question on LinkedIn: “What do you think is the greatest issue facing risk managers this year? There are so many to choose from – which do you consider to be the greatest risk of all?”
I think this is a vital question and am sharing my reply for your consideration and comment.
Dennis, this is a fascinating question. Forgive me for saying this, but I believe the biggest risk is that risk professionals become complacent – or their organizations become complacent – and believe they have completed their ERM journey. I am a fan of Felix Kloman, who has been a risk professional as long or longer than anybody. He continues to describe himself as a student of risk management, because he (and those in how network) continue to learn how to improve our processes and practices.
In particular, I am concerned with the large number of organizations who appear satisfied with periodic risk assessments – annual, semi-annual, or quarterly. Risks emerge or grow in proportion with increasing speed. In addition, the time management has to react to potential adverse events or opportunities is getting smaller.
I believe risk has to be part of how every decision is made in running the business, and risk information has to be provided in a digestible form: information that is timely, current, reliable, complete, and relevant.
I call this “managing risk at the speed of business”.
Managing the business in real time but understanding current risk only at periodic intervals is like driving down the road and only looking at the traffic every 5 minutes.