The real risks: the ones not in the typical list of top risks
This is the time of year when people are rushing to share the top risks to organizations across the world.
Those lists include such items as cyber, political change, economic instability, and so on.
Here’s a different type of list.
It’s comprised of risks that are perhaps the most critical but, for whatever reason, rarely figure on any risk register (those awful devices) or other ERM report.
They are not in any particular order.
- Bad decisions, for any number of reasons such as involving the wrong people; relying on gut experience instead of information; failing to act; and so on
- Poor information flowing to decision-makers and the board (it may be out-of-date, slow, incomplete, indigestible, wrong, or simply off the mark)
- Hiring the wrong people
- Not having sufficient people
- Lack of teamwork
- Lack of shared goals
- Legacy systems that make the organization lack agility
- Bureaucracy that slows decisions and stifles ingenuity and innovation
- A bully of a CEO
- Executives who don’t listen
- Poor morale
- High turnover of staff
- Failing to fire poor customers
- Ignorance of new technology that could disrupt the business
- Being excessively risk averse
- An ineffective internal audit function
- An ineffective risk management function
- A legal function that does not provide quality advice when it is needed
- A CFO who does not get involved in the business and its operations
- And so many more
I welcome your thoughts – and additions of risks that are too often overlooked, usually for political reasons.
HAPPY NEW YEAR!