Do you have confidence in your risk management?
Maybe I should phrase the question differently:
Do you have confidence in your ability to manage risk?
The difference is huge and important:
- The first question may be interpreted as an assessment of the risk management function. The value of such an assessment is limited.
- The second question should be interpreted as an assessment of how the organization as a whole, not just any risk management function, addresses risk. The value of this assessment is huge.
When I talk about risk, of course I am talking about not just the potential adverse effects of any event or situation on enterprise objectives, but the potential positive opportunities that may be seized.
Often, the effects of a potential event or situation may be a combination of the positive and the adverse. Think about how often it is necessary to consider “trade-offs”. For example, it may be necessary to reduce working capital levels in order to invest in a new venture that will make a contribution to revenue and the bottom line. In this case, management may be increasing the risk that they won’t have sufficient funds for future investments while reducing the risk that they won’t achieve earnings and market share goals.
So, how confident are you that management can and will maintain risk at desired levels?
Is your confidence level 50%, 70%, 90% or something else?
Is that acceptable?
When you assess as acceptable the likelihood of a major failure in your ability to manage risk (given the cost of improving risk management further) you have the risk management you need.
That is the theme of my book, World-Class Risk Management.
Do you agree?
Is your risk of risk management failure acceptable?
Join us for a discussion of effective risk management in April, first in London and then in Chicago. Details are here.