Martin Pergler shares an article on risk management that was recently published in StrategicRiskEurope.com.
Why timing is everything when it comes to effective risk management
In the second of our new #ChangingRisk ThinkTank series, Martin Pergler explains why timing is so important when applying risk insights to strategic decision-making.
There is much discussion over how institutions should do risk management. In addition to who should be doing it, what is it (risk management… even risk itself) and why it is necessary.
Much less is said about when to do risk management. And yet timing is everything. Institutions that mistime their risk efforts stumble into traps, create useless bureaucracy, miss opportunities, and even risk developing a ‘cry-wolf’ syndrome.
Let’s start with two valid but dissatisfying answers to the When question:
A periodic process, culminating in Board signoff. An efficient, just-in-time risk management process that delivers the freshest information for the Board to fulfil its risk oversight responsibilities at prescribed intervals (eg annually) sounds perfect.
In reality, such a process also encourages a compliance mindset: Preparation timelines are short, thoughtful diversions are unpopular, and surprises en route to checking the box are mostly unwelcome.
Making this the principal vehicle for explicit risk management is better than nothing, but chances are low that such an approach will result in any major “aha” moments, or that any tradeoffs will be improved as a result.
All the time. It is fashionable to opine that risk is omnipresent and that thoughtful risk-taking is crucial. And so risk ought to be on the agenda every single moment, especially in a volatile, uncertain, complex and ambiguous (VUCA) world.
That is undoubtedly true. It is important to nurture an institutional culture where everyone has the knowledge, tools, and empowerment to think about risk in everything they do.
And yet, “all the time” is an unsatisfactory answer since the intended question is probably, “When should we step back and think about risk more systematically, beyond what we try to do all the time?”
Key points include:
- Anticipation of major decisions
- The organisation’s core value-creating processes
- When the ambient environment or the institution’s objectives change
Access the full article, When to think about Risk Management, on Balrisk.com.