In order for risk management to be successful in any business, it is vital to develop an enterprise risk management (ERM) strategy so that risks your business are faced with – on a daily basis – are dealt with efficiently. Mike Wilson, Enterprise Risk Management Consultant, agrees: “Fuelled by the financial crisis, the advantages of a robust enterprise risk management process – and the subsequent mitigation strategies – have come into their own over the past few years.” Fortunately, this is perfectly achievable if one goes through a number of steps.
How to develop an ERM strategy
Developing an efficient and robust ERM strategy all starts with the people you choose to spearhead your company’s ERM efforts. Says Wilson: “The inculcation of a successful ERM culture into an organisation is dependent on the appointment of a strategic thinker with the political will to challenge the status quo, working within a framework to identify opportunities and mitigate threats.”
So how do you make sure that you hire people who are the best people to carry your risk management strategy forward? In the interview, suggests Will Staney who is the head of global recruiting at Glassdoor, structure the questions that you ask them very carefully. “Rather than asking applicants about their values, using behavior-focused questions solicits information about how they’ve handled situations in the past.”
Why does risk management fail?
There are a number of reasons why risk management practices fail in business. However, there are three main areas that have been identified:
- Businesses act in siloes. Every department sees risks as only affecting a particular area of the business. They do not realise that each department’s risk equally affects the other parts of the business.
- Individuals in business do not take a long-term view when it comes to risk. They are concentrating on what is happening in the business at the current moment rather than looking to what could happen in the future.
- Cloud technology – which makes the risk management process smoother – is not being embraced by business.
Riskonnect’s Governance, Risk and Compliance (GRC) module is custom designed to assist you with managing your risk in your business. Click here to find out more and contact the thryve Riskonnect team for further information at the Contact Us page.