Risk. What Could go Wrong? New Perspectives on Risk: Implications for Governance & for Management

Similar documents
ISO INTERNATIONAL STANDARD. Risk management Principles and guidelines. Management du risque Principes et lignes directrices

Policy Development: The Basics

FIJI COUNTRY DIRECTOR JOB DESCRIPTION

Succession Planning Done Right

IN PRACTICE. Managing Risk in Customs. investment climate. Lessons from the New Zealand Customs Service

POLYNESIA MICRONESIA CLUSTER COUNTRY DIRECTOR JOB DESCRIPTION

Institute For Enterprise Excellence

CHAPTER 1: THE NATURE OF STRATEGIC MANAGEMENT

4 Enterprise-Deep Risk Management

5 Tools to Stay Afloat During Fluctuating Market Conditions.

Criterion-based Monitoring: second-guessing the board s needs is out!

Policy Development: The Basics

B2B Sales in the Modern Age

Agile Introduction for Leaders

FIVE WAYS TO MAKE YOUR SUPPLY CHAIN MORE DYNAMIC

How to Avoid Project Failure?

Synchronous Flow Helping the Countertop Fabricator to synchronize the business system March 2017 Ed Hill

Strategy development is about asking and answering four questions:

What Every Internal Auditor Should Know Perspectives of a Chief Compliance Officer

Exceptional vs. Average: What Top Leaders Do Best

Big data strategy to support the CFO and governance agenda

ATTRIBUTES OF THE 21 ST CENTURY FARM EXECUTIVE. Danny Klinefelter Honor Professor, Regents Fellow and Extension Economist Texas A&M University

How to Turnaround a Company

Fundamentals of Lean Start-Up 1 st Annual RBADD Conference

How Can Trustees Learn to Trust?

Demonstrating Leadership

pwc.co.uk Crisis management

LEADERSHIP AMIDST CHAOS. Dr. James Baird, CAHI, FACHE College Campus Chair, School of Business El Paso, Texas Campus

A SHORT GUIDE TO RESILIENCE FOR NGOs

Institute For Enterprise Excellence

High-Performance Ethics Book Discussion Questions

How Well is HR Supporting Your Business?

FTA Safety Program: Rulemaking Update and Transit Agency SMS Implementation February 27, 2017

Introductions. Enterprise Risk Management. Thinus Nienaber. Why are You here? Where are You coming from? Where are You going?

The 5 Building Blocks of a CAPA Solution. Managing Corrective Actions/Preventive Actions for the Consumer Products Industry

Risk and Resilience Policy

COMPLIANCE TRUMPS RISK

The Critical Role of Talent Analytics in Successful Mergers and Acquisitions

GUIDE. A Modern Communicator s Guide to Corporate Communications

Introducing the Business Model Canvas

THE 5 THINGS SUCCESSFUL COGNIZANT CLIENTS ARE DOING TO TRANSFORM THEIR BUSINESS

Let s chat Succession or sale the once-in-ageneration

The Convergence of Scorecards, Dashboards and Business Intelligence

ACFE FRAUD PREVENTION CHECK-UP ASSOCIATION OF CERTIFIED FRAUD EXAMINERS

PMI Southern Ontario Chapter PDD Ralph Dunham May 26, 2012

USING PR MEASUREMENT TO BEAT YOUR COMPETITORS: A HOW-TO GUIDE

Strategies for the digital leader. Keys to delivering excellence in digital manufacturing today

HSO.COM. HSO Managed Services. 24/7 business availability that works the way you do. Whitepaper HSO Managed Services

Inside of a ring or out, ain t nothing wrong with going down. It s staying down that s wrong. Muhammad Ali

Leadership During Challenging Times by Mark David

THE ITERATIVE ENGAGEMENT MODEL A CALCULATED RISK AND A WHOLE LOT OF REWARD. By Mikhail Papovsky CEO, Abraic, Inc.

HOW TO CREATE A CUSTOMER SUCCESS PLAN. A step-by-step guide to delivering on expectations and ensuring success

Improving the Measurement of Sales Readiness Initiatives

Before getting into the details of our engagement, I d like to ask, what does your company do?

Exploring the Three Horizons Framework How to articulate innovation activity into the future in a consistent, evolutionary and coherent way.

Rebuilding Morale in the Optometric Practice

INTRODUCTION TO LEADING ORGANIZATIONAL CHANGE

If it is worth doing, it is worth doing slowly Mae West CREATING FOLLOWERSHIP DURING CHANGE MARCH, 2011 SUSAN L. NEWTON

Margin Erosion: Process Improvements to Help Close the Gap and Deliver a Profitable Project

Organizational Resilience: what, why, how and how much? Dr Robert MacFarlane Civil Contingencies Secretariat

City of Dover Human Relations Commission Strategic Plan

WHAT IS LEADER CHARACTER AND HOW DOES IT INFLUENCE HOW WE LEAD?

Systematic Risk Management: Completing the Journey. Neil Gunningham

Reputation and the Board. Guidance for PR Consultants and Board Directors

RISK IN ISO 9001:2015

Enterprise resilience Boosting your corporate immune system

Performance Risk Management Jonathan Blackmore, May 2013

HOW YOUR CAREER BACKGROUND CAN HELP YOU BECOME A BUSINESS ANALYST

CAREER PLANNER WORKBOOK

ENTERPRISE RISK MANAGEMENT THE KEY TO BUSINESS SUCCESS By Phil Griffiths FCA

Strategic Planning in early childhood education centres

Architecture for the Information Age

The Dogma of Moving Minds: Managing Transition. by: Brian Scott

A Facilities Framework for the Small Campus

Exploring the Three Horizons Framework How to articulate innovation activity into the future in a consistent, evolutionary and coherent way.

Monitoring for Learning and Accountability

How to be a CULTURE ARCHITECT. by Laura Hamill, Ph.D.

CORPORATE GOVERNANCE THEORY, SCOPE AND IMPORTANCE

People Are the Key Strategic Resource

OVERVIEW OF NISSAN S TARGET COSTING SYSTEM

Getting more from your Legal Spend - the emerging trends and best practices

Keys to Creating a Culture of Preparedness

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER

BOARDROOM DYNAMICS CASE STUDY

Before You Start Modelling

Basic Principles of Investor Relations. Joseph Hassett

Reducing Vulnerability and Managing Risk. Pre-Consultation Briefing Note for the Europe and Others Group Consultation

EIGHT THINGS PRIVATE EQUITY FIRMS SHOULD CONSIDER WHEN ASSESSING THE CHIEF INFORMATION OFFICER (CIO) DURING DILIGENCE.

Mind the Gap. Ian Travers Process Safety Consultant IAN TRAVERS LTD. PROCESS SAFETY CONSULTANCY

Delivering Value Why Else Are You Doing The Project?

GROW YOUR BUSINESS. gyb 2015 IN THIS ISSUE: Strategy - The Key to Your Success. Know Your Enemies - Taking On Your Competitors. Raising Your Prices

Agenda. Measuring in Traditional vs. Agile. The Human Side of Metrics

Value-based Performance Management Approach & Application

The 10 th Annual Management Accounting Conference

Culture and behaviours Creating confidence in your biggest asset

PROGRAMME OFFICER: EXTRACTIVE INDUSTRIES

Creating an agile control environment

Changing the way we lead

Agile (Project) Management NOT a contradiction

Fraud Risk Management

Transcription:

New Perspectives on Risk: Implications for Governance & for Management Richard Biery, the Broadbaker Group, & Eric Craymer, Partners in Policy Governance Policy Governance is the registered service mark of Dr. John Carver Risk The chance of an untoward effect of a possible change, i.e. possibility of a loss of some sort. What is the probability of the change? What is the probability of a loss from that event? What is the degree of possible loss? What Could go Wrong? 1

Risk is Hot Topic - Why? There s been A continuous parade of organizational failures. Economic failure due to a cascaded series of governmental and organizational practices that were silently weakening the system with final collapse resulting. Natural disasters. Human perfidy with very broad effects. War & Violence The Highly Improbable is Now Included in the Orb of Risk These have been termed Black Swan events because (we think) they are about as improbably as the hatching of a black swan. We are more aware that we are surrounded by uncertainty. Risk is Part of Living As with life, risk is a normal part of business and must be dealt with. What about entrepreneurs? Does the morality of risk-taking vary? How do we approach risk as boards and as management? Especially under Policy Governance? 2

Organization-wide Components of Risk Intelligence Define and understand your business. What is its purpose/intent? - Its ends? How does it gain resources or revenue? What must its processes be to create value (including the creation of assets)? What environment(s) is it in? What are its values while doing all the above? $ Resources Owners Investment $ Intangible Return Organizational control Process Benefits/Results/ Products Ends Income $ What risks are created or the organization exposed to due to the business map? 3

This Provides a framework for Creating a Comprehensive Risk Map (to the extent we can) The risk map allows us to systematically identify risk areas or domains: E.g., Internally generated risks Externally generated risks (From Funston and Wagner, Surviving & Thriving in Uncertainty) Seek to understand the causality system lurking behind each risk. (We must learn to think in terms of systems.) Evaluate the consequences for each risk-related occurrence. Evaluate the probability of each. [Probability] x [Impact] (size of the consequences) provides a commonly used prioritization table or matrix. BUT, also pay attention to improbable but devastating risks. 4

Board Distinct Focus Learn what could happen in the system Determine what would not be acceptable CEO Learn what could happen in the system Address Board Policy preventions Strategic Options: Risk/Reward Risk System SYSTEMIC RISK Policy Governance Distinction Board In Policy: Never Okay &/or Sufficiently Focused Ends Management Systems: ARI of EL Expertise Choices Develop the Range of Actions (both Board & Management) Which Must be Taken to address the Mapped Risk Areas What is to be the Board s role in defining how to approach them? Board decisions culminate in policies - usually ELs, but occasionally an adjustment to an Ends policy to sharpen focus. The remainder of the range of action available and necessary is management s. 5

For any Board, a Policy Approach Must Be Used. All a board has is its words. The usual board approach to governance (reacting and asking questions) reveals the vulnerability of such an approach when it comes to dealing with risk. Risk MUST be addressed proactively. Risk must be addressed with both the breadth and detail to assure sufficient preparation. The Policy Governance principles concerning the construction of policies beats all others and is most effective. Risk areas can be clearly defined. Policy specificity can be adjusted to the level of detail desired by the board (to the point where any reasonable definition will satisfy the board). The nested hierarchical approach provides seamless protection (more later). Conceptualization of the Policy Governance Nested Policy System By way of reminder The Policy Circle is the Intellectual Property of John and Miriam Carver 6

The Board Must Decide Both How Wide and Deep to Go in addressing Risk via Policies. For example, although risks to the environment are encompassed within the broad scope of the typical global EL policy, it is not further addressed directly or explicitly in the usual policy template. Does the board have sufficient concern (and knowledge) to craft more specific policies addressing risks to the environment? Should ends policies be focused further to avoid a risk from a too broad End? (Because Ends are prescriptive, their language has a focusing, or targeting, effect.) Balancing Control And Freedom FREEDOM CONTROL RESULTS FREEDOM CONTROL RESULTS The Target Effect of Prescriptive Language Ends These.. Focus these Subordinate Ends Instrumental Ends Procedures and Process 7

The Protective Nature of the Executive Limitation (Proscriptive) Policy structure There is freedom within the limits, the opposite of a targeting effect - to hit the center. This is unique to Policy Governance lower level global policy policy Policies dealing with a specific concern Think of it as a ship with multiple interior protective hulls, each hull protecting an increasingly specific area. There are risks that you do not want at all Therefore, There Are Two Ways for the Board to Get It s Arms Around Risk To Achieve Sufficient Policy Protection Focus your Ends Create more, and more specific limitation policies (more inner hulls) until you can accept any reasonable interpretation 8

Management Develop deep understanding of the risk environment - map the risk system that lies behind the elements on the map. Develop operational definitions of the necessary effects to be achieved regarding each area of risk Prevention or avoidance, ( What does prevention look like?) Mitigation - reduced severity (What does mitigation look like? - Reduced probability, reduced severity.) Response (to mitigate consequences) (What does a mitigated consequence look like?) Design the execution plan and carry it out. Combining Short Term and Long Term Thinking to Optimize Risk Strategy Quality of Short Term Thinking All Short Term Thinking Reactive Mgmnt Desired strategy Visionary w/o ST Reality Long term thinking Monitoring If management has done a careful and thorough operational definition, it becomes the monitoring report s Reasonable Interpretation. The importance of a good reasonable interpretation 9

Monitoring Management must have an assurance system that the risk plan has been effectively executed. This includes early detection systems, Manuals, Training, and Sufficient practice, And the operational discipline to impose and maintain the risk response processes. (Including indicators of the integrity of the system that addresses risk.) A quality Monitoring Report is absolutely essential to assure a board of compliance (and that risk management is occurring). In our experience, the weakest part of the PG system for a board is inadequate monitoring reports. They are brief and perfunctory. The Reasonable Interpretation does not reveal sufficiently how much management really knows concerning effecting compliance with the policy. And the board does not know enough to judge the quality of the RI. The value of the report s data hangs on the value of the RI. Therefore, get expert advice! Whether it concerns fraud detection and controls or is about drilling for oil. 10

Advice from the Literature and Our Experience for Management & Bd. Sufficient margin and reserves (including redundancy) are critical, especially in unpredictable times. In times like these ramp up your margin significantly. Don t neglect attention to achieving as much prevention as possible. Even rare events and failures will happen. Short term and long term thinking must be optimally synthesized. Don t sacrifice one to the other. The board must have its own crisis plan and know who it is going to call on as consultant. Response planning and practice is vital. Early detection warning systems are vital for intelligent risk response systems. Denial & inaction in the face of information that something has, or is, occurring creates additional risk. When something is too good to be true it usually is. Believe that and check it. Too much risk aversion is a significant risk. Lack of financial strategy creates risk. Failure to think about sustainability is a risk. Failure to reconsider your business model regularly is a risk. Lack of operational discipline creates a significant risk, whether you are a military organization, a McDonald s, or a church! Because you don t see it or it hasn t happened doesn t mean it is not about to happen. 11

Transparency (truthfulness) and communication are vital in response planning. Humility and intense curiosity are great protections. - Seek to understand. Listen to bad news and don t shoot the messenger. Scan your horizon constantly. Admit you don t know everything. Think before reacting - usually. There may be more going on than you think. Simply reacting may make things worse. Questions Contact Info: Richard Biery - rmbiery@broardbaker.com Eric Craymer - eric.craymer@policygovpartners.com It s hard to get people excited about prevention unless failure has an immediate and serious consequence. Funston and Wagner, pg. 189 The less immanent the treat, the harder it is to mobilize people to deal with it. Ibid. The primary weakness when it comes to assessment; you don t know what you don t know. Ibid. pg. 160 12

Values provide an essential frame of reference for decisionmaking and responses. Without common values the enterprise has no North Star by which to navigate. Ibid. pg. 225 13

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback