Risk and Culture
My good friend, Jay Taylor, recently had a piece published in the Private Directors Association newsletter. Culture: The One Element Most Critical For The Board’s Management Of Risk makes some interesting points.
After pointing out the need to ensure an appropriate culture by referencing some management gurus, he shares 6 questions for board members to ask of management.
- Is the CEO active in creating the culture for the organization? Is he or she modeling the right behaviors?
- Is there appropriate tone at the top, both during and outside of board meetings?
- During strategy, product, and investment discussions, is there transparency around business assumptions, openness to respectful but challenging views, and identification of emerging risks to the business model beyond the immediate planning horizon?
- Is there a willingness to bring forward bad news? Is there an understanding that failure may occur, but the business cannot grow and prosper without taking smart risks?
- Has the board established clear expectations for timely identification and handling of risk, particularly those around business goals and objectives? Is there clear risk ownership?
- Not everything should be filtered through the CEO. Are other executives and risk owners present at board meetings and allowed to take questions directly?
I would add a few of my own. These are questions the board should address to the CEO:
- How would you describe the organization’s culture?
- What do you see as an effective culture? Is it about ethics, risk, teamwork, or more?
- Is it acceptable? How do you know? If not, what are you doing about it?
- Are you getting objective feedback that tells you whether the culture is really the way you think it is?
- How do you make sure it remains the way you need?
Jay also shares eight red flags that may indicate that when it comes to risk, the culture is not what you desire.
These are all good, and I am sure you could add a few more.
But let me ask you, as I have in other posts, isn’t there more to culture than how risk, ethics, and compliance are addressed? Isn’t culture the driver of optimal performance as well?
I welcome your views.
PS – my thanks for Jay for recommending my World Class Risk Management book.