Blog

Enterprise Risk Management – When not doing ‘risk’ is risky! By Ed Balfour

As businesses globalize and operate in an ever more interconnected (think social) world, consumers and stakeholders can wield great power from a keyboard! Combine this with the pace of technical innovation and disruption (cyber, fintech etc) it is no surprise that traditional ways of viewing risk have started to change.

Risk is nothing new of-course. Most businesses already operate with basic risk management principles, some better than others. However these principles still seem to be grounded in ‘old school’ thinking. A recurring theme from the current Australian  Royal Commission into banking is the seeming lack of managing risk at board level. Risk in terms of strategic value rather than just as a set of negatives, can now be much better defined. Friend and business partners of HPS, Greg Hutchins, CEO of CERM, a US based risk expert spoke to me about this. According to Greg, all US federal agencies have been tasked to develop and comply with a formal enterprise risk management framework to become core to that agencies operation. Greg suggesting that risk frameworks could replace core ISO standards such as ISO9001 (quality). With an apparent 70% of current ISO9001 certified businesses still to transition to the latest ISO9001:2015 edition of the standard, it will be interesting to see how this evolves. Especially given the re-emphasis of risk in the latest ISO updates.

Implementing a formal risk management framework allows you to be smarter about defining specific risks and how these affect (positively not just negatively) the ability for your organisation to meet your business objectives.

According to a Deloitte-sponsored Fortune risk management survey in 2017, a value-focused strategy can help organizations create value and improve performance.

I asked HPS founder and risk management advocate Peter Holtmann to comment. You can listen to my interview with Peter here. The key takeaway is that not ‘doing’ risk is risky!

The good news is that organisations such as CERM and HPS can help you. If you are a risk manager who needs more assistance with preparing for ISO31000, HPS solution partners iComplied tool is a great solution. Melbourne based Kiran Bhagat, Managing Director iComplied comments “Our tool is simple, flexible and cost effective.There is no setup required, minimum training and we help you with scheduling your audits as we already have the ISO31000 checklists in the iComplied Checklist Library”. To preview an actual ISO31000 Gap Audit Report click HERE.

The advantages of completing your ISO31000 Audit in an App are:

  • Instant, real-time reporting
  • System Notifications with email reminders
  • Automatic assigning of CARs
  • Ability to add comments, images and documents
  • Printing and emailing instantly

If you would like to start automating your audits, Kiran and the team at iComplied invite you to contact them for a DEMO or simply SIGN UP for a complimentary trial.

Author:

Edward Balfour, Associate HPS. The views contained within this article are expressly the sole opinion of the author unless otherwise stated. April 2018.

 

Sources: Greg Hutchins, CERM, News Outlets – banking royal commission, Deloitte – risk survey 2017. View survey results here. Kiran Bhagat, iComplied

Leave a Comment

Your email address will not be published. Required fields are marked *