Home > Risk > Questions to ask about GRC – #2: Harmony

Questions to ask about GRC – #2: Harmony

Continuing the discussion from:

Questions to ask about GRC – Part 1

Questions to ask about GRC – Part 2, question 1: Strategies

Here is the second of the 12 questions that can be asked about GRC.


2. Does the organization work in harmony, sharing information and working towards shared goals?

Do the culture, systems, processes, and structure of the organization provide both the will and the capacity to move the organization in the same direction?

  • Do the board and executives work as a team or are individual members competing for position and power? This question can be extended into groups and project teams as well.
  • Is there sufficient sharing of individual and group objectives so each executive (and manager) can help the other?
  • Do the different areas of the business communicate with each other, or are they in isolated offices and virtual silos and keep information to themselves as a source of power?
  • Are the executives rewarded for team or individual performance? What will drive actions if there’s a conflict?
  • Does the employee performance recognition and appraisal process encourage or discourage teamwork? For example, do employees compete for a top rating, potentially sabotaging each other? (See this article for a commentary on how a “stack ranking” process is judged by some as having been a disaster for Microsoft.)
  • Is there a single ‘source of truth’ or do different organizations maintain different numbers (e.g., for revenue pipeline)?
  • Is risk information shared, so each area can see how risks inter-relate and how they impact each other?
  • When it comes to the allocation of resources (budget, people), is it based on ‘community’ priorities? Are departments willing to share their resources when needed by another?

I welcome your comments and views on this issue.

  1. Ehtisham Syed
    July 18, 2012 at 11:43 AM

    Hi Norman, external constituents (investors, partners, suppliers, society etc.) are another important set of stakeholders that need to be aligned with the corporate strategy to achieve the vision. Your thoughts?

  2. Norman Marks
    July 18, 2012 at 12:57 PM

    Ehtisham, that’s an interesting observation. Certainly all elements in the extended enterprise need to work in partnership.

  3. July 26, 2012 at 9:21 AM

    I agree with Norman’s focus areas re: successful risk management. I propose another.
    “Information” sounds neutral. Supportable. Examples: what were the sales, what projects are R&D working on, what were the product returns last quarter, results of customer satisfaction suveys, etc. It is the decisions based on this information that lead to company performance and risk management. How organizations regard critical thinking skills is another predictor of satisfactory risk management. How many times have we been in meetings where the meeting leader presents a decision, the rationale – and there are other opinions, interpretation of information that remain unsaid because it is “incorrect” or impolitic to voice them. “That service isn’t in line with our brand image.” “That approach will cause problems with our distribution channel, or cannibalize sales from another product launch.” Read Dilbert any given day for an example we’ve all lived through. Any number of organizational failures could have been avoided if critical thinking skills were valued and considered.
    Critical thinking is simply another wrinkle on innovation. It’s the critic who asks “why aren’t our parts standardized?” or “why do we have such an inefficient system?”
    This can, of course, go too far and degenerate into protracted (and futile) efforts to please everyone. But I think that how an organization values and manages critical thinking is another predictor of good risk management, and likelihood of success.
    Norman’s use of the word “harmony” is prescient. Notice he didn’t say “unison.” It’s the different notes (the right notes!) that make for harmony, and a tune we want to listen to.

  1. August 1, 2012 at 1:48 AM
  2. October 9, 2013 at 12:43 PM

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: