IRMSA Risk Report: Let the accountability begin

 
By Riaan Bekker, Force Solutions Manager at thryve

The latest South Africa Risks Report from the Institute of Risk Management South Africa (IRMSA), its 6th edition, once again is interesting and captivating. At first glance, it might appear as if the report rehashed the same general risks as its predecessor a year ago. But significant risks don’t evaporate overnight, and we should continue to ask how to address them. In that context, the new report offers considerable insight.

There are many new themes in the report, but I’ll focus on a specific thread that speaks to what we provide at thryve. As with previous years, IRMSA identified technology as both a key solution and a major threat. The threats manifest through cybersecurity and digital disruption, yet both can be remedied with the support of technology.

Technology provides options both for near-term threats as well as big picture and far horizon projections. To illustrate this, let’s explore some of the report’s suggested remedies and how this aligns practically with technology.

Consistently mobilise and publish evidence-based data that illustrate the many cases of want and wastage that recur because of unethical leadership in all sectors of our society.

This is the first treatment to the first top risk in the report, namely a lack of ethical leadership. The principle underlying this treatment, and several others that follow, is to galvanise accountability. Technology can’t make people accountable, but it can track their performance. A well-integrated technology service can smooth processes, so people use them, and it can analyse performance data over multiple sources to create outcome metrics. If an organisation uses an integrated reporting platform, particularly to calculate risk, it can enforce accountability effectively.

Significantly strengthen technical competencies in all areas of public, private, labour, and civil organisations.

South Africa risks becoming a prime example of governance failures. The above treatment is the first for those ongoing governance shortfalls, but how do we strengthen such technical competencies? Training and mentorships are essential, as is the role of the board and company leadership to take governance seriously. The previous strategy for evidence-based data will help. Beyond that, an integrated technology platform will equip skilled individuals with real-time data and the capacity to explore information in more depth. These will create more profound knowledge, which is vital for significantly strengthening technical competencies.

Hold people accountable for performance.

A treatment to root out deeply entrenched corruption, this relates strongly to the first point around accountability. I won’t labour the point, other than to say that using evidence-based leadership to tackle unethical leadership will also have an impact on anti-corruption efforts.

Set up proper governance controls and monitoring systems to ensure appropriate service levels and manage the potentially higher corruption risk.

This specific treatment proposes to rectify problems with the National Health Insurance (NHI) scheme. Yet, it could fit with most of the risk scenarios presented in the report. Again resonating with the ongoing theme of accountability, this remedy is all about knowing what you don’t know. A multilateral and ubiquitous platform with refined processes can establish proactive governance control and monitoring across any organisation.

Leverage technology to ensure control of information, service levels, and costs across the value chain.

The value chain has become an important part of governance. It receives a lot of emphasis on best-practice guidelines such as KING IV, not to mention legislation such as BBBEE. You can’t turn a blind eye to your supply chain’s behaviour anymore, nor do you want to. There are many efficiencies if your supply chain is optimised – and many risks if it isn’t. Companies typically avoided this requirement because it was too complicated. But a modern integrated platform can reach securely into a value chain, giving the tools for your suppliers and partners to participate as you need them to.

Incorporate “smart-tech” into risk decision making and internal audit processes.

I mentioned earlier that technology presents both opportunities and threats. This treatment is in response to one such risk, the rise of disruptive technologies. If you can’t beat them, join them – that is the gist of this treatment. Yet it’s not as complicated as it sounds. “Smart-tech” refers to automation and other places where machines can help speed up decision-making. All that power resides in a technology platform. If you applied any of the other treatments mentioned above or below, you also open the door to introduce smart tech. Many of those features are already baked into the platform.

Cybersecurity awareness training is critical as most vulnerabilities are caused from within an Organisation.

Cybercrime returns this year as a leading threat. Adopting a technology platform won’t fix your security problems. But it can help significantly to secure your data, as well as track and audit your environment if something went wrong. A good platform enables your people to engage the new activities we associate with work today, such as remote access or working away from the office, while lowering the risks of cybercrime. It also creates opportunities to train staff in new security habits as they learn how the new platform works. If you want to address security, consider upgrading to a risk management platform that can incorporate security as part of its change-management training.

I admit I picked treatments that make sense for what we offer at thryve. But many of the interventions align naturally with integrated risk- and business-management platforms. They wouldn’t be feasible without such platforms.

thryve provides and calibrates such platforms for risk and governance, as well as other business areas such as customer relationships and financial requirements. This class of software creates overlaps between silos and aggregates data from disparate sources such as spreadsheets and online data lakes. They create that elusive ‘single version of the truth’ that in its absence has been adding to the many risks facing South Africa today.

If you want to tackle the most considerable risks facing your business and the country today, it is imperative to use digital technology to its full effect. Business platforms such as Salesforce and Riskonnect render that effect, provided they are honed and adjusted to work with your environment. That’s where thryve comes in: we are experts at customising, deploying and maintaining a business platform for your operations, without you incurring technical-debt or long-term lock-in.

South Africa’s threats are serious, but the treatments are ready to take action. Get the jump start on those threats with an integrated business platform.