BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

5 Ways Risk Management Leaders Can Move Their Organizations Forward

Forbes Business Development Council

Joe Woods, Global Head of Risk and Reliability Services at ABS Group of Companies, Inc.

Risk-based decision making has always been a complicated task, but the level of connectivity in today’s world has driven that complexity to new heights. And for these purposes, connectivity doesn’t just mean digital connections. As a disclosure, my company ABS Group is one provider of risk management solutions.

Today’s businesses are not only more connected within their own walls—they also have more ties to one another than ever before. For many, their reach extends far beyond the traditional bounds of the community in which they operate or their own bottom lines.

Operations are constantly striving for efficiencies and, in that pursuit, many have employed "just-in-time" delivery models that rely on complex, extended supply chains. These models and others like them can create bottlenecks within the network, expanding the scope of risk analysis within organizations exponentially.

Dramatic changes have recently occurred over a relatively short period of time. As a result, many operators—especially in critical infrastructure—are facing information paralysis.

Operators are now overwhelmed by a never-ending list of consequences—and equally daunted by the prospect of shifting gears to meet these new challenges while maintaining operations. But connecting the dots around risk doesn’t have to be expensive or complicated.

Often, getting started is as simple as adjusting your processes and being open to new points of view.

Let's look at the holistic risk profile.

There are two prevailing schools of thought in risk assessment for informed decision making.

1. Direct resources toward studying the consequences (or outcomes) of a potential event to develop a deterministic analysis based on a selected set of inputs intended to represent the worst things that may happen.

2. Emphasize the study of vulnerabilities, including the likelihood that they initiate an event, by using the classic risk equation: threat, vulnerability, probability and consequences.

Both have merits, but neither captures the complexities of modern business risks in isolation. Consequence-based assessments start with a possible event and work backward, while risk-based assessments start with a broad query based on a specific area, tool or process to draw conclusions about associated risks and look ahead.

The latter often captures more nuance than its consequence-based counterpart. Still, risk-based assessments come with a risk of distorting results, as they may not account for emerging threats, which can lead to improperly weighted variables.

While examining risk through the lens of one variable can get businesses started, pursuing a holistic risk profile is critical to upleveling risk management protocols. Many companies are doing just that as they form the foundation of strategic risk assessment and management practices.

The goal of the profile is not just to know what threats exist or the consequences of a specific scenario but to understand how those risks fit into the company’s larger context and the industry at large. Here are five places to start.

1. Adjust your risk equations.

Traditional risk calculations often stop at “consequences.” Holistic assessments go a step further, accounting for:

1. Threats: What hazards exist in or around the facility?

2. Vulnerabilities: Where might those hazards cause problems?

3. Probability: How likely is a problem to occur?

4. Consequences: What is the cost—financial or otherwise—of such a problem occurring?

5. Relevance: How much does it matter relative to the rest of the identified risks?

2. Prioritize good data.

Risk assessments are only as good as the data that feeds the model. Inadequate or inaccurate data can skew results—and many teams don’t even know it’s lacking.

Faulty or incomplete data leads to faulty and incomplete plans of action—whether you’re using proprietary data or “industry standard” sets. Your assessment can only take what’s in the record into account, so regularly updating policies to ensure accuracy, investing in new systems when necessary and questioning the veracity of legacy datasets are crucial to long-term success.

3. Lean on internal and external experts.

The institutional knowledge of internal teams is integral to accurate profiles, but so is industry knowledge based on exposure to a wide range of enterprises. That’s something that can only come from external experts.

While it can feel uncomfortable to trust outsiders to assess your risk, proximity to operations can potentially cloud results with bias and subjectivity related to what has or hasn’t happened in the past. External points of view can remind managers that avoiding a hazard today doesn’t guarantee the same tomorrow.

4. Be open to feedback.

Another barrier to successful risk management is the human instinct to fall back on familiarity and defend the way things have been done. Holistic risk assessments only work if everyone is willing to work toward the goal of mitigating risk—even if that means admitting the way you have been doing it might not be the best way.

Opening lines of communication between teams can help you get new perspectives on familiar situations and identify hazards you may not have noticed before.

5. Follow through.

There’s a misperception that the work stops with the assessment. While there are certainly reasons to opt out of pursuing a given recommendation, that can’t be the default for leaders pursuing holistic risk management.

Yes, taking steps to balance risks and consequences in assessments helps leaders cut through the noise. However, the point is to support more-informed decision making. Understanding the situation is just the beginning of the journey.

Keep moving.

Managing risk relies on equal parts understanding and action—and both pieces must be continuous undertakings. Risk management is an integral and omnipresent activity in the worlds of infrastructure, finance, tech and more. Once leaders start to make changes, the risk profile changes. It’s an ongoing pursuit that’s constantly adjusting to account for new variables, both internal and external.

Holistic evaluations can help leaders expand scope where needed while limiting extraneous information by contextualizing operations in an increasingly connected and always-changing landscape. More importantly, they can help businesses stay alert to threats that may be on the horizon—but only when leaders are committed to revisiting the process and prioritizing remediation when new threats emerge. After all, the real risk is the one you don’t know exists yet.


Forbes Business Development Council is an invitation-only community for sales and biz dev executives. Do I qualify?


Follow me on LinkedInCheck out my website