Soumettre la recherche
Mettre en ligne
Improving the application of risk management
•
0 j'aime
•
266 vues
K
Karl Davey
Suivre
Paper on risk management culture change and improving the aplication of Risk Managemenrm
Lire moins
Lire la suite
Signaler
Partager
Signaler
Partager
1 sur 6
Recommandé
Revista PM Network
Revista PM Network
DC-DinsmoreCompass
Leadership in a crisis responding to the coronavirus outbreak
Leadership in a crisis responding to the coronavirus outbreak
Graham Watson
Proactive Risk Management
Proactive Risk Management
kevinlu
Solutions to Managing a Crisis
Solutions to Managing a Crisis
aakash malhotra
Common failures of risk management
Common failures of risk management
Surajit Datta
disaster-recovery-online
disaster-recovery-online
Shaktinandan Satyakam
On Risks and Agile Approaches
On Risks and Agile Approaches
Emiliano Soldi
Contribution to PMI article
Contribution to PMI article
HSBC Private Bank
Recommandé
Revista PM Network
Revista PM Network
DC-DinsmoreCompass
Leadership in a crisis responding to the coronavirus outbreak
Leadership in a crisis responding to the coronavirus outbreak
Graham Watson
Proactive Risk Management
Proactive Risk Management
kevinlu
Solutions to Managing a Crisis
Solutions to Managing a Crisis
aakash malhotra
Common failures of risk management
Common failures of risk management
Surajit Datta
disaster-recovery-online
disaster-recovery-online
Shaktinandan Satyakam
On Risks and Agile Approaches
On Risks and Agile Approaches
Emiliano Soldi
Contribution to PMI article
Contribution to PMI article
HSBC Private Bank
PMN1115 Org Agility
PMN1115 Org Agility
HSBC Private Bank
SagaciousThink Overview
SagaciousThink Overview
LouAnn Conner
Ab Initio January 2012
Ab Initio January 2012
Upohan
Impact of Changing World Politics in Managing Risk
Impact of Changing World Politics in Managing Risk
PECB
People Risk Collateral
People Risk Collateral
Rahul Bhan (CA, CIA, MBA)
People Risk Collateral
People Risk Collateral
Rahul Bhan (CA, CIA, MBA)
Best Practice Crisis And Issues Management A Recommended Approach By SMC
Best Practice Crisis And Issues Management A Recommended Approach By SMC
Janet Saunders
Leadership, Intangibles & Talent Q1 2009 Four Groups
Leadership, Intangibles & Talent Q1 2009 Four Groups
Four Groups
Issues management and crisis management
Issues management and crisis management
namakuguten
Securities America Financial Corp.-Monthly Newsletter-3/11
Securities America Financial Corp.-Monthly Newsletter-3/11
Securities America Inc.
THE NEW RELIGION OF RISK MANAGEMENT
THE NEW RELIGION OF RISK MANAGEMENT
Wisnumurti Rahardjo
Crisis management presentation
Crisis management presentation
iChange
Ethan Berman at Risk Metric (A)
Ethan Berman at Risk Metric (A)
Wisnumurti Rahardjo
Stephen Warrilow Slideshow(1)
Stephen Warrilow Slideshow(1)
lynton
Risk Management Infographic
Risk Management Infographic
SAP Analytics
Siegfried addressing current governance and risk management challenges in gov...
Siegfried addressing current governance and risk management challenges in gov...
icgfmconference
VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014
VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014
njhceo01
Guidebook: Optimizing Your Leadership Pipeline
Guidebook: Optimizing Your Leadership Pipeline
DDI | Development Dimensions International
MBWA
MBWA
Computer Aid, Inc
2013 SOPAC presentation understanding hidden risks
2013 SOPAC presentation understanding hidden risks
Karl Davey
2005 Project Management Institute presentation on Risk Management
2005 Project Management Institute presentation on Risk Management
Karl Davey
Risk Leadership
Risk Leadership
Dr David Hancock
Contenu connexe
Tendances
PMN1115 Org Agility
PMN1115 Org Agility
HSBC Private Bank
SagaciousThink Overview
SagaciousThink Overview
LouAnn Conner
Ab Initio January 2012
Ab Initio January 2012
Upohan
Impact of Changing World Politics in Managing Risk
Impact of Changing World Politics in Managing Risk
PECB
People Risk Collateral
People Risk Collateral
Rahul Bhan (CA, CIA, MBA)
People Risk Collateral
People Risk Collateral
Rahul Bhan (CA, CIA, MBA)
Best Practice Crisis And Issues Management A Recommended Approach By SMC
Best Practice Crisis And Issues Management A Recommended Approach By SMC
Janet Saunders
Leadership, Intangibles & Talent Q1 2009 Four Groups
Leadership, Intangibles & Talent Q1 2009 Four Groups
Four Groups
Issues management and crisis management
Issues management and crisis management
namakuguten
Securities America Financial Corp.-Monthly Newsletter-3/11
Securities America Financial Corp.-Monthly Newsletter-3/11
Securities America Inc.
THE NEW RELIGION OF RISK MANAGEMENT
THE NEW RELIGION OF RISK MANAGEMENT
Wisnumurti Rahardjo
Crisis management presentation
Crisis management presentation
iChange
Ethan Berman at Risk Metric (A)
Ethan Berman at Risk Metric (A)
Wisnumurti Rahardjo
Stephen Warrilow Slideshow(1)
Stephen Warrilow Slideshow(1)
lynton
Risk Management Infographic
Risk Management Infographic
SAP Analytics
Siegfried addressing current governance and risk management challenges in gov...
Siegfried addressing current governance and risk management challenges in gov...
icgfmconference
VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014
VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014
njhceo01
Guidebook: Optimizing Your Leadership Pipeline
Guidebook: Optimizing Your Leadership Pipeline
DDI | Development Dimensions International
MBWA
MBWA
Computer Aid, Inc
Tendances
(19)
PMN1115 Org Agility
PMN1115 Org Agility
SagaciousThink Overview
SagaciousThink Overview
Ab Initio January 2012
Ab Initio January 2012
Impact of Changing World Politics in Managing Risk
Impact of Changing World Politics in Managing Risk
People Risk Collateral
People Risk Collateral
People Risk Collateral
People Risk Collateral
Best Practice Crisis And Issues Management A Recommended Approach By SMC
Best Practice Crisis And Issues Management A Recommended Approach By SMC
Leadership, Intangibles & Talent Q1 2009 Four Groups
Leadership, Intangibles & Talent Q1 2009 Four Groups
Issues management and crisis management
Issues management and crisis management
Securities America Financial Corp.-Monthly Newsletter-3/11
Securities America Financial Corp.-Monthly Newsletter-3/11
THE NEW RELIGION OF RISK MANAGEMENT
THE NEW RELIGION OF RISK MANAGEMENT
Crisis management presentation
Crisis management presentation
Ethan Berman at Risk Metric (A)
Ethan Berman at Risk Metric (A)
Stephen Warrilow Slideshow(1)
Stephen Warrilow Slideshow(1)
Risk Management Infographic
Risk Management Infographic
Siegfried addressing current governance and risk management challenges in gov...
Siegfried addressing current governance and risk management challenges in gov...
VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014
VaLUENTiS Nicholas J Higgins 12 Key Differentiators of Leader-Managers 02-2014
Guidebook: Optimizing Your Leadership Pipeline
Guidebook: Optimizing Your Leadership Pipeline
MBWA
MBWA
En vedette
2013 SOPAC presentation understanding hidden risks
2013 SOPAC presentation understanding hidden risks
Karl Davey
2005 Project Management Institute presentation on Risk Management
2005 Project Management Institute presentation on Risk Management
Karl Davey
Risk Leadership
Risk Leadership
Dr David Hancock
Risk Leadership Perspectives Breakfast Risk Manager of the Year Karl Davey
Risk Leadership Perspectives Breakfast Risk Manager of the Year Karl Davey
karld
Insulin
Insulin
Islam Home
VÅRD FÖR EN NY TID – Hur IT och nya arbetssätt kan ge ökat patientfokus i vården
VÅRD FÖR EN NY TID – Hur IT och nya arbetssätt kan ge ökat patientfokus i vården
Centerpartiet i Region Skåne
The use of risk management systems can asist with ERM implementations
The use of risk management systems can asist with ERM implementations
Karl Davey
It 2 r ppt for screencast feb 19
It 2 r ppt for screencast feb 19
joerussellitalian
Risk leadership perspectives Risk Manager of the Year
Risk leadership perspectives Risk Manager of the Year
Karl Davey
Perfect game
Perfect game
Donovan Kron
Advanced Composition
Advanced Composition
zaritmaaa
Quantitative Risk Analysis - Preventing Project cost escalation
Quantitative Risk Analysis - Preventing Project cost escalation
Karl Davey
inflammatory bowel disease and drug used for it
inflammatory bowel disease and drug used for it
Islam Home
antimuscarnic drug
antimuscarnic drug
Islam Home
inflammation
inflammation
Islam Home
ibuprofen
ibuprofen
Islam Home
Pharmaceutical water
Pharmaceutical water
Islam Home
thiazides
thiazides
Islam Home
Thule competitiveanalysis(jrs)
Thule competitiveanalysis(jrs)
James Silvester
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Stanford GSB Corporate Governance Research Initiative
En vedette
(20)
2013 SOPAC presentation understanding hidden risks
2013 SOPAC presentation understanding hidden risks
2005 Project Management Institute presentation on Risk Management
2005 Project Management Institute presentation on Risk Management
Risk Leadership
Risk Leadership
Risk Leadership Perspectives Breakfast Risk Manager of the Year Karl Davey
Risk Leadership Perspectives Breakfast Risk Manager of the Year Karl Davey
Insulin
Insulin
VÅRD FÖR EN NY TID – Hur IT och nya arbetssätt kan ge ökat patientfokus i vården
VÅRD FÖR EN NY TID – Hur IT och nya arbetssätt kan ge ökat patientfokus i vården
The use of risk management systems can asist with ERM implementations
The use of risk management systems can asist with ERM implementations
It 2 r ppt for screencast feb 19
It 2 r ppt for screencast feb 19
Risk leadership perspectives Risk Manager of the Year
Risk leadership perspectives Risk Manager of the Year
Perfect game
Perfect game
Advanced Composition
Advanced Composition
Quantitative Risk Analysis - Preventing Project cost escalation
Quantitative Risk Analysis - Preventing Project cost escalation
inflammatory bowel disease and drug used for it
inflammatory bowel disease and drug used for it
antimuscarnic drug
antimuscarnic drug
inflammation
inflammation
ibuprofen
ibuprofen
Pharmaceutical water
Pharmaceutical water
thiazides
thiazides
Thule competitiveanalysis(jrs)
Thule competitiveanalysis(jrs)
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Succession “Losers”: What Happens to Executives Passed Over for the CEO Job?
Similaire à Improving the application of risk management
Ateet Kapadia | Simple Tips for Project Risk Management Techniques
Ateet Kapadia | Simple Tips for Project Risk Management Techniques
AteetKapadia
Managing Risk in Uncertain times
Managing Risk in Uncertain times
Chris Fletcher
Enterprise risk management-Yashvanth G Nayak
Enterprise risk management-Yashvanth G Nayak
Yashavanth Nayak
Irm Risk Appetite
Irm Risk Appetite
Hassan Zaitoun
Conversations oneffectiveit management
Conversations oneffectiveit management
Computer Aid, Inc
Building an invisible framework for risk management
Building an invisible framework for risk management
hallowedblasphe76
Change and the Finance Function
Change and the Finance Function
Morgan McKinley
Enterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation Age
Career Communications Group
Management of Risk M_o_R Dubai - Syzygal
Management of Risk M_o_R Dubai - Syzygal
Syzygal
Chaitanya Kosaraju Week 4 discussionCOLLAPSETop of FormHan.docx
Chaitanya Kosaraju Week 4 discussionCOLLAPSETop of FormHan.docx
keturahhazelhurst
Lc Risq One Pager
Lc Risq One Pager
Lita Cuen
WTW-EU-16-PUB-1735 Risk Culture Perspectives_V02
WTW-EU-16-PUB-1735 Risk Culture Perspectives_V02
Mike Wilkinson
Descriptor MetisGRC
Descriptor MetisGRC
Otbert de Jong
Module 15 - Risk Management.pptx
Module 15 - Risk Management.pptx
caniceconsulting
Enhancing Existing Risk Management in National Statistical Institutes by Usin...
Enhancing Existing Risk Management in National Statistical Institutes by Usin...
Светла Иванова
Risk-Management-ppt.pptx
Risk-Management-ppt.pptx
YashuShukla2
Integrated Risk Management Whitepaper - CAMMS
Integrated Risk Management Whitepaper - CAMMS
CAMMS
Common Objectives of the CRO and the CAE
Common Objectives of the CRO and the CAE
Wheelhouse Advisors LLC
as response to this post 75 words if in text cite use reference
as response to this post 75 words if in text cite use reference
mallisonshavon
Let's Talk about Risk
Let's Talk about Risk
Markus Aeschimann
Similaire à Improving the application of risk management
(20)
Ateet Kapadia | Simple Tips for Project Risk Management Techniques
Ateet Kapadia | Simple Tips for Project Risk Management Techniques
Managing Risk in Uncertain times
Managing Risk in Uncertain times
Enterprise risk management-Yashvanth G Nayak
Enterprise risk management-Yashvanth G Nayak
Irm Risk Appetite
Irm Risk Appetite
Conversations oneffectiveit management
Conversations oneffectiveit management
Building an invisible framework for risk management
Building an invisible framework for risk management
Change and the Finance Function
Change and the Finance Function
Enterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation Age
Management of Risk M_o_R Dubai - Syzygal
Management of Risk M_o_R Dubai - Syzygal
Chaitanya Kosaraju Week 4 discussionCOLLAPSETop of FormHan.docx
Chaitanya Kosaraju Week 4 discussionCOLLAPSETop of FormHan.docx
Lc Risq One Pager
Lc Risq One Pager
WTW-EU-16-PUB-1735 Risk Culture Perspectives_V02
WTW-EU-16-PUB-1735 Risk Culture Perspectives_V02
Descriptor MetisGRC
Descriptor MetisGRC
Module 15 - Risk Management.pptx
Module 15 - Risk Management.pptx
Enhancing Existing Risk Management in National Statistical Institutes by Usin...
Enhancing Existing Risk Management in National Statistical Institutes by Usin...
Risk-Management-ppt.pptx
Risk-Management-ppt.pptx
Integrated Risk Management Whitepaper - CAMMS
Integrated Risk Management Whitepaper - CAMMS
Common Objectives of the CRO and the CAE
Common Objectives of the CRO and the CAE
as response to this post 75 words if in text cite use reference
as response to this post 75 words if in text cite use reference
Let's Talk about Risk
Let's Talk about Risk
Improving the application of risk management
1.
Improving the Application
of Risk Management: Moving from a ‘Name and Blame’ to ‘Name and Gain’ Culture Karl Davey CEng MIEE Head of Risk Management Strategic Thought Limited The Old Town Hall, 4 Queens Road London, England SW19 8YA karl.davey@strategicthought.com Risk management is not just about processes and INTRODUCTION methodologies. It is also about people and their involvement in the objectives of having such systems. This paper explores why risk management It is a fact that all projects and business endeavours often fails to deliver against defined performance face uncertainty. The need to address these sources criteria and looks at methods of improving the buy- of uncertainty and increase the likelihood of success in and commitment to making risk management is not only common sense but also good business work as promoted. practice. To this end many organizations seek management techniques to address these issues and, as a result, see risk management as the answer to FOREWORD this problem. Recent history is full of high profile and news worthy project/business failures. In many of these Today, risk management is widely publicised as a cases the quality of risk management has been process which seeks to give organizations an edge in questioned and blamed as a contributing factor. Of today’s uncertain and competitive environment. It is more significance, where project and business risk also generally accepted that the benefits of risk were identified, the lack of effective mitigation management provide, for example: rendered the value of risk and opportunity identification meaningless • greater understanding of project or business objects or goals; But why does this happen? Many organizations involved in failures claim to undertake risk • more realistic business and project planning; management and have developed processes based • improved management of project and business on widely published best practice guides or costs; and, international standards. A common conclusion that can be drawn from the lessons learned, however, is • more effective communication within an that having a risk process and system in place is organization. only part of the solution. If commitment and understanding, as to why risk management is It is therefore fundamental that a collaborative risk important to all participants’ goals, is lacking and a culture be developed to allow an organization to team has not bought into the full risk process, effectively address the problems and opportunities including mitigation actions, the risk management they may face. Unfortunately the farthest many process will fail. organizations travel in creating a positive risk-aware culture is in developing detailed risk management processes, publishing them on their websites and TABLE OF CONTENTS mandating their organization or teams to “just do INTRODUCTION……………………………….…1 it”. PROMOTING BUY-IN TO THE RISK PROCESS…..3 TECHNIQUES TO GAIN INVOLVEMENT………...5 SUMMARY…………………………………........6 1 0-7803-9546-8/06/$20.00© 2006 IEEE 1 1 IEEEAC paper #1001, Version 6, Updated Oct, 28 2005
2.
However, all too
commonly, an often overlooked From understanding how individuals perceive and area of the risk process is the human element. For react to the risk process we can see where processes risk management to be truly effective, individuals go wrong. from all levels of the enterprise must be involved throughout the process and ideally from the outset of the endeavour. This means involving people and their opinions and perceptions. After all, isn’t risk ent management just another part of good people and mitm project management? Com No Many organizations spend valuable resources developing what, on paper, appears to be an ctive effective risk management process. But when In-effe ement exposed to their employees the process never Po operates as intended. Why is this? Surely the Manag Ident or ificat process couldn’t have been that wrong to start with? ion ks k Ris The problem is a combination of people, the risk process and its shortfalls. The solution is simple in concept. Those involved within the organization just Wea don’t see the value of the process and why it is necessary. Are people’s performance measured upon their involvement in the process? Most of the time Where the risk management process goes wrong the answer is no. And these busy people have enough to do without having to also think about how to solve difficult problems! One major cause for poor perception of risk management relates to risk management being considered a “black art”. Granted, risk management As a risk consultant, often called in to address these does sometimes appear subjective. So we need to issues and address why the process is not working understand how to verify or input data and interpret as intended, the feedback from interviews with staff the results more consistently and objectively. Also, can be very enlightening and forms a basis for the since we are dealing with uncertain events, which considerations management should consider when may or may not happen, we need to be able to implementing a risk aware culture. Similar measure the effectiveness of our process. And comments come up often, regardless of the industry another major issue relates to the view that risk or size of company. These comments generally management is a complex and specialist share a theme that relates to understanding why the management technique that needs to be performed process is not important to them: by expert risk managers. With all of these perceptions, the result can be a gradual withdrawal from a process that was designed to help, not hurt, • I’m too busy running the project. the business. • We manage risk anyway. Therefore, we must ensure that our processes • What’s in it for me? encourage understanding, buy-in and commitment to in • Risk always focuses on the negatives. order to achieve shared objectives from the offset. If we fail to do this, the risk process will spiral into • It’s a paper exercise. disrepute and become untenable. • It’s of no real value; it’s just maths and statistics. • It doesn’t solve real problems. 1 0-7803-9546-8/06/$20.00© 2006 IEEE 2 1 IEEEAC paper #1001, Version 6, Updated Oct, 28 2005
3.
PROMOTING BUY-IN TO
THE RISK PROCESS Asking individuals to contribute at early stages of an endeavour demonstrates that their involvement and opinions are valued and is a key part of a risk The key to successful risk management (and in fact manager’s role. any management process) is a shared desire to succeed because this brings both personal and team satisfaction. From this flows a willingness to learn, Evaluation – “Simple”, “sensible” and comply and contribute. So it is necessary to ensure “comprehendible” are keywords at this stage of the risk we develop (or enhance) a risk management process process. As mentioned earlier, some risk processes are that encourages contribution from all parties over complicated by organizations and can lead to a involved in the project or business endeavour. lack of understanding, of the meaning and substance of results, by those involved in the project. This loss of understanding can lead to increased costs, time and We must take a number of carefully considered steps effort trying explaining the risk process rather than and develop an internal risk environment that gains the actually managing the risks that have been identified. contribution of those in our business. If we look at any standard risk process from the simplest perspective, To develop a sensible understanding of the risk issues then we can identify and simply some improvement within the organization, simple-to-use techniques areas to make increased buy-in more achievable. should be applied. Risk weighting factors and scoring/assessment criteria need to be developed and Identification – This is the first key step of the risk agreed upon by the key stakeholders of an endeavour. process. Undoubtedly, we will have identified risks from our documentation, assumptions, business plan or V High -25 -24 -23 -22 -18 5 11 18 19 21 25 tender response. However, we should also talk to those 5 2 people who are, or will be, actively involved in the High -21 -20 -17 -16 -15 4 10 14 20 24 project or business organization/enterprise: those that Probability Med need to make things happen. -19 -14 -13 -12 -9 3 8 13 17 19 23 9 7 Low -11 -10 -8 -7 -6 2 7 12 16 22 Shareholders Shareholders V Low -5 -4 -3 -2 -1 1 6 9 15 17 18 25 Board Board Customers Customers V High High Med Low V Low | V Low Low Med High V High Risk Level Probability Impact Diagram (Opportunity and Threat) Management Risk Risk Suppliers Management Suppliers System System These then need to be consistently applied across an organization and customized only to reflect projects or business endeavours which differ in terms of duration, Staff Staff Regulators Regulators budget or scope. Auditors Auditors Risk Lifecycle – It is often all too easy to purely focus on the big risks: those that sit at the top of the risk list. Risk management stakeholders But are we missing something? Are there risks that We, therefore, need to include all key stakeholders demand immediate attention that may not be at the top from all levels of the organization. History and lessons of the risk register? By also understanding when the learned from previous projects provide an extensive risks we face will occur, we can make better use of our source of risk information. The experiences of resources. individuals in our organizations offer a living, Significant value can be delivered by listing both the breathing knowledgebase that can identify possible big risks that occur in the next 6 months and the risks from experience and possible strategies to address smaller risks which can be cost-effectively managed them. It only takes one individual to identify an within a specific time frame. opportunity to benefit from a risk mitigating action in another part of the business for the real value of integrated risk management to be made. Management – The key to successful risk management has always been MANAGEMENT! For 1 0-7803-9546-8/06/$20.00© 2006 IEEE 3 1 IEEEAC paper #1001, Version 6, Updated Oct, 28 2005
4.
risk management to
succeed we must do something Risk Management Lifecycle Timeframes about the risks we have identified and evaluated. This Trigger Expiry requires us to involve people in the process; and their Date Date contribution will be crucial to the success of our Resolution Date Impact Period endeavour. To gain full and effective buy-in at this Mitigation stage, it is important that we develop appropriate management actions. By appropriate I mean a real Time Control/ Fallback Planning action that is neither too detailed nor too general to be Management Period of value. A management or risk mitigation action has Plan Start Date Plan End Date to be a real task that is both measurable and realistic Planning the lifecycle of a risk to achieve. Often known as “SMART” risk management, a mitigation action must be specific to the issue we seek to address, measurable in terms of the perceived goal, achievable and realistic to achieve, TECHNIQUES TO GAIN INVOLVEMENT and have tangible results. Finally, the action must be As well as having a process that closely involves timed, a predefined window of opportunity in which people from the outset, there are a number of other soft the risk can be addressed. techniques which we should use to further encourage involvement and continuous contribution throughout There are also risks that we will choose to not to an endeavour’s lifecycle. manage and those that will occur no matter what we do. It is important that we plan for the worst: develop Involvement – Encouraging involvement within the contingency and recovery plans. These fallback plans risk process needs to penetrate all levels of an need to be treated like normal actions and regularly organization. Highlighting the benefits of participation reviewed to ensure that they remain valid and have not and involvement is core to this process. This visibility been superseded by other events. means that such things as naming successful individuals in board meetings, management team reviews and in dispatches emphasizes the importance WHAT ABOUT THE POSITIVE ASPECTS OF of the activity. Leading from the top is very important. RISK? The board needs to be involved in this process especially considering recent corporate governance and Another reason why individuals groan at the sight of internal control requirements, which state than the the risk team is that, unfortunately, risk management is board must be aware of the risks to their business. often perceived as only being negative: risk management generally concentrates on the need to find Another method of increasing involvement is to reward potential problems. In this case, risk management is positive input to the risk process. Many companies seen in a pessimistic light and the risk team then can already reward individuals who identify ways of always be seen as the bearers of bad news. increasing productivity or realize cost savings. There is no reason why this should not be expanded to risk But risks can also contain positives. A risk could either management because, through risk management, an be a threat to our endeavour or it could present us with organization may avoid massive potential cost an opportunity to increase business value. By increases, realise savings and identify opportunities to attempting to identify both the threats AND significantly improve how a business is managed. opportunities, risk management can be seen as helping to realise benefits – not just as a tool used to identify Champions – Although this article has said that risk problems. By actively seeking benefits the process can management should be pursued by all, it is essential to be seen to add even more value, the risk team as more have key sponsors and employees that have the positive contributors (not negative) and this will help necessary authority and budget to initiate and manage produce a much more positive risk culture at all levels change. Ideally, the sponsors should also include a of an organization. board member and a director whose responsibilities include risk management and has the authority to operate across operating divisions. If employees are aware that risk is taken seriously by senior management then they themselves will see it is in their best interest to participate in and contribute to the risk process. 1 0-7803-9546-8/06/$20.00© 2006 IEEE 4 1 IEEEAC paper #1001, Version 6, Updated Oct, 28 2005
5.
Visibility – The
visibility of risk management within an importance that the organization places on risk organization is extremely important to promoting a risk management from day one. Another couple methods to aware culture. The profile and importance of risk improve risk management commitment and management within an organization has to be contribution is to introduce brief risk awareness demonstrated. This can be achieved in a number of lunchtime seminars and/or formal training for key ways. For example, a statement on risk could be project members. included in an organization’s dispatches, intranet or newsletters. Statements that highlight the importance New Technologies – Use of web-based technologies of risk management and provide examples of its and company intranets are also becoming common success in the organization increase awareness. In the practice. They may be used to effectively provide past we have seen vast improvement in risk awareness information on risk management best practice, and the on many projects and organizations by encouraging the benefits and progress achieved to date across placement of risk posters around an office. distributed geographical environments. Some elements can include details of management techniques, These posters should be simple: they should list the top contribution areas to allow feedback to be quickly risks (threats and opportunities) for a set period, communicated back to the risk team, and lessons highlight ownership and propose management’s learned from risk management in other business areas. activities to mitigate the risks. This can act as a constant reminder to the potential issues that could The risk manger’s toolkit needs to support and use drive a project or organization off-track. Also included technologies that add value. The use of web-based risk on the poster should be the successes achieved to date. management tools allow all stakeholders to view These successes such as risks avoided, opportunities information that is relevant to their level, understand realised and management activities completed should the relevant risks they face now and in the future, and be highlighted as they positively communicate how a share that information across all levels of the team is succeeding with their collective objectives. organization. Finally, people obtain satisfaction from positive promotion of their value to the business. So, if they have contributed positively to help resolve an issue they should also publicly receive the credit. Communication – Providing a framework for effective communication is essential for any business process. This is especially true for risk management, which requires an environment that is open and provides an information-aware blame-free culture. To this end it is important that we assertively communicate about risks and issues by letting colleagues know of any risks that have been successfully addressed. In other words successes should be highlighted to show the process works. Likewise, if things go wrong, the failures or missed deadline should be openly discussed and the reasons for failure learned. Defensive behaviour by any team member should be actively discouraged and managed with positive encouragement, action and behaviour. Web-based, risk management system Training and Education – Lack of understanding within an organization or team is often a reason for ineffective process adoption. Understanding can be increased through education and training on risk management processes – whether on an in-house or formal training course. Many organizations run training courses for new employees on company procedures. A section of this training that included risk management awareness would emphasize the 1 0-7803-9546-8/06/$20.00© 2006 IEEE 5 1 IEEEAC paper #1001, Version 6, Updated Oct, 28 2005
6.
complex to be
effective and has been working with a SUMMARY number of major companies to develop and champion risk processes which encourages contribution from all In summary, when attempting to gain contribution to a stakeholders. process, the people cannot be overlooked. A combination of soft techniques and a formal process Karl has also been responsible for developing the risk must be adopted to engage and demonstrate the management chapter for the Association of Project importance of individuals to this critical function. Managers (APM) Project Pathways publication and was involved in developing the ‘Implementation of Aiding the creation of a risk-aware culture can be Risk Management’ Chapter for the new APM Project achieved by the sensible use of briefings, workshops Risk guide. and including a risk management discussion in progress meetings. Leaving risk management as the last agenda item during a meeting often means that it never get discussed. This sends a message to the team that it is not important; so serious consideration to this should be taken into account when meeting agendas are set. Encouragement should be given to the team to bring ideas forward even if they are outside of their areas of responsibility. And a team ideally should include all stakeholders in the endeavour: suppliers, customers, partners, subcontractors, regulatory authorities, etc. A change in culture may be required. An organization needs to establish a blame-free environment that allows and encourages the airing of potential issues. Managers at all levels need to demonstrate that risk identification is extremely valuable to the business and something that needs to be embraced by all. Finally, it must always be remembered that the key to risk management is management! The process will fail if management and end-user commitment/contribution is lacking, and risks are not efficiently identified, assessed, managed and pursued to their acceptable conclusion. BIOGRAPHY Karl Davey CEng MIEE of Strategic Thought Ltd is the Head of Risk Management and leads the Active Risk Manager Consultancy Team. Karl has over 12 years of in-depth and practical experience in the application of proactive risk management across organizations and on major projects – both in the Defense and commercial sectors. Karl regularly lectures on risk management and has provided proven risk management training for universities and clients in the UK, North America, Australia, New Zealand and Japan. Karl believes that risk management does not have to be 1 0-7803-9546-8/06/$20.00© 2006 IEEE 6 1 IEEEAC paper #1001, Version 6, Updated Oct, 28 2005