Answering the ‘How’ and the ‘What’ for An Effective Risk Management Roadmap

The question that needs to be answered here is ‘what’. What steps does an organization need to take in order to value risk performance? The question of ‘why’ is not an issue.

August 15, 2023

The relationship between businesses and stakeholders – investors, insurers governments, communities, and employees -constantly evolve due to changes in expectations. Today, it is estimated that the average lifespan of a corporation is just 15 years compared to 75 years in1955. Defining an organization’s strategy, material risks and controls is becoming increasingly challenging, particularly for those on the critical path of the decarbonization economy. Those who will succeed in managing these risks will share one important thing in common: the ability to demonstrate and value risk performance. 

Understanding the levers that affect the value of risk performance requires a deep understanding of risks that are material to a business. This in turn enables a corporation to take a data-driven approach to managing their business and implement strategies to mitigate the impacts of these risks.

The question that needs to be answered here is ‘what’. What steps does an organization need to take in order to value risk performance? The question of ‘why’ is not an issue. 

The question of ‘how’ is more strategic in nature.  To answer this question, organizations must build capabilities and capacities to the do the following:

1. Design – Resilient business models, assets and systems.

2. Detect – Systematic capabilities to identify weak signals, new information and changes in context.

3. Decide – Real-time capacity to intervene, adapt and measure the effect of sustained change in the organization.

4. Disclose – At an individual level, make risk performance information available that is relevant, context rich and time.

To answer the ‘what’, we have set out 5 key steps for an effective Risk Performance Roadmap:

1. Change - Declare Purpose, Materiality, and Objectives to be clear on why your organization exists, who it serves and what is important to you.

2. Context
- Define the external risk factors and internal value chains that will help assess whether your organization is meeting its objectives and purpose.

3. Capability - Determine what needs to be measured and who needs to act across the organization for material risks.

4. Capacity - Deploy technology across an organization that makes risk information accessible and useful for key decision-makers and stakeholders.

5. Communication - Decentralize the way your organization’s story is told to better engage, learn and grow.

While the combination of the ‘how’ and the ‘what’ may seem logical, the process of implementing these across an organization will require a significant commitment from leaders, focus from management, and the involvement of people from all levels. As the old saying goes, a plan without a strategy is a nightmare, a strategy without a plan is just a dream. You need both to undertake the journey to valuing risk performance.

Michael Hartley is the Managing Director of IK Mining & Energy. Michael's 20+ year career as a risk and performance professional has spanned 6 continents, multiple complex sectors (e.g. mining, oil & gas, construction and manufacturing) and various organization levels (operations to executive/board level). It is his mission to make risk and performance information accessible and useful for internal decision makers as well as external stakeholders.

Expert Insights

Three Steps for Changing Risk Management

Change and the three core steps of initiate, effect and sustain, that organizations must address when going through any transformation.
Michael Hartley
August 31, 2023

How Risk Management Must Change

Knowing that risk management has to change and knowing 'how' and 'what' to change about risk management are two different things.
Michael Hartley
August 25, 2023

Helping Make Sense of Democracy - From Clear as Mud to Clear as Day

Democracy is messy at best. And in turbulent times, it is ever more important for media to provide clarity for audiences—voters—trying to make sense of what’s happening.
Matt DeCourcey
November 28, 2023