Saturday, 16 February 2013

Role Of The Board In Conscious Risk Management


Thursday 21 December, 2006
by Steven and Chutisa Bowman
Most Boards (and staff) of organisations misidentify and misapply risk as something that needs to be protected against, something to be feared. This mindset towards risk effectively neutralises and denies the possibility that risk can be a great strategic advantage, enabling the unlocking of creative and innovative opportunities.
Risk is not inherently right or wrong, good or bad. It is more about the things that happen outside our expectations that might have an impact on our ability to achieve the strategic initiatives of the organisation. Understanding risk will unlock invisible opportunities. Risk is strategic advantage, not a compliance issue. 
One of the great gifts that Boards can give their organisation and constituents is that of embedding the analysis of risk in all decision making and discussions around strategy. The analysis of risk is simply the question "What are the risks inherent in this activity, and how can we turn these risks into strategic advantage?". What would it be like if all staff viewed risk as strategic opportunity, and actively looked for risk in all activities?
To be able to ask this question with conscious awareness, however, Board members and staff need to recognise some fundamentals of risk management as it relates to their responsibilities.

Fundamental 1: There are three distinct types of risk 

  1. Hazard risk.

    Which can be the threat of negative things happening. This is the most commonly understood aspect of risk, and often the only type discussed around the Board table. This is the risk of someone getting injured, physical risks such as things falling down, denial of access, earthquakes etc, and is most often the type of risk that is insured against.
  2. Opportunity risk.

     Which can be the possibility of positive things not happening. Opportunity risk is where the decision is too long in the making, and the opportunity is lost or forestalled (often characterised by "lets give it to a committee to look at"!!!) or the opportunity is not recognised in the first instance because it does not fit the fixed point of view of that organisation ("that's not the way we do it"). Opportunity risk is characterised by conservative and slow decision making.
  3. Uncertainty risk.

     Which can be the potential that actual results do not equal anticipated results. Uncertainty risk can include the lack of take up of a new product, or changes to a regulatory environment that impacts on your business, or the reliance on one source of income that fails to deliver (eg reliance on a funding contract, or the annual conference).
Any discussion and identification of risk needs to take into account all these aspects.

Fundamental 2: The Board's role is to agree on and monitor the three or four critical risks facing the organisation 

One of the five key functions of any Board is to agree on the three or four critical risks facing the organisation, ensure that management is monitoring those risks, and that there are robust treatment strategies in place to manage those risks.
The Board does not need to monitor all risks, only those that are critical to the organisation. The staff need to identify and manage all risks.
Regular Board reports that analyse these critical risks, their monitoring and treatment provide the Board with strategic information regarding the key drivers of the business. The Boards role in monitoring these risks is not to ensure they don't occur, but to turn these risks into strategic advantage.
"The lack of embedded risk management practices within the governance structure of an organisation is regarded as one of the highest risks facing an organisation"

Fundamental 3: The Board is responsible for approving and monitoring the risk management policy 

This responsibility is among one of the Board's most important, as it commits the Board and the organisation to best practice risk management.

Fundamental 4: Establsh key performance indicators (KPIs) for the Chief Executive Officer

One of the most effective ways to ensure that staff, especially the CEO, treat risk as the strategic advantage it can be, is to establish one or two KPIs for the CEO that reflect the risk monitoring and management responsibility of that position. This tends to focus attention.

Fundamental 5: Embed risk into the strategic discussions and analysis of the Board 

Risk awareness can best be embedded in the organisation if some simple guidelines are followed:
  1. When conducting strategic planning, conduct a SWOR (not a SWOT) analysis ie Strengths, Weaknesses, Opportunities and Risks. These risks can then be added to your risk library, and provide further opportunities for identifying strategic advantage.
  2. Only accept project plans or action plans if a risk element has been added to the project plan. For example, an action plan might have the headings of:

    • Scope
    • Start date
    • Finish date
    • Project Manager
    • Resources
    • Success Measures
    • Ethical implications
    • Risk (Once the risk has been identified, the management of that risk is quite easy)
  3. When deliberating on decisions at the Board meeting, ask the risk question: "What are the risks inherent in this proposal, and how can we turn these risks into strategic advantage?"

Summary

How risk is defined and acted upon is all a matter of choice of the Board and the CEO. These leaders can choose to view risk as bad, complex and to be avoided, or as a strategic advantage that is easy to manage once identified, and that can enable the organisation to undertake activities that others might not even consider.


Source:ceo-online.com
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)