The question that needs to be answered here is ‘what’. What steps does an organization need to take in order to value risk performance? The question of ‘why’ is not an issue.
The relationship between businesses and stakeholders – investors, insurers governments, communities, and employees -constantly evolve due to changes in expectations. Today, it is estimated that the average lifespan of a corporation is just 15 years compared to 75 years in1955. Defining an organization’s strategy, material risks and controls is becoming increasingly challenging, particularly for those on the critical path of the decarbonization economy. Those who will succeed in managing these risks will share one important thing in common: the ability to demonstrate and value risk performance.
Understanding the levers that affect the value of risk performance requires a deep understanding of risks that are material to a business. This in turn enables a corporation to take a data-driven approach to managing their business and implement strategies to mitigate the impacts of these risks.
The question that needs to be answered here is ‘what’. What steps does an organization need to take in order to value risk performance? The question of ‘why’ is not an issue.
The question of ‘how’ is more strategic in nature. To answer this question, organizations must build capabilities and capacities to the do the following:
1. Design – Resilient business models, assets and systems.
2. Detect – Systematic capabilities to identify weak signals, new information and changes in context.
3. Decide – Real-time capacity to intervene, adapt and measure the effect of sustained change in the organization.
4. Disclose – At an individual level, make risk performance information available that is relevant, context rich and time.
To answer the ‘what’, we have set out 5 key steps for an effective Risk Performance Roadmap:
1. Change - Declare Purpose, Materiality, and Objectives to be clear on why your organization exists, who it serves and what is important to you.
2. Context - Define the external risk factors and internal value chains that will help assess whether your organization is meeting its objectives and purpose.
3. Capability - Determine what needs to be measured and who needs to act across the organization for material risks.
4. Capacity - Deploy technology across an organization that makes risk information accessible and useful for key decision-makers and stakeholders.
5. Communication - Decentralize the way your organization’s story is told to better engage, learn and grow.
While the combination of the ‘how’ and the ‘what’ may seem logical, the process of implementing these across an organization will require a significant commitment from leaders, focus from management, and the involvement of people from all levels. As the old saying goes, a plan without a strategy is a nightmare, a strategy without a plan is just a dream. You need both to undertake the journey to valuing risk performance.
