Mapping Your Business Risk Profile

by Ligia Twaman.
Share
|
Homepage | Submit your article | Contact | TOS
More articles on management  

You are here: Categories » Business » Management

Conducting business has always been a risky proposition, and all businesses have some tools in place to manage risk. Companies insure against losses, institute safety, health, and environmental procedures, lobby governments, hedge currencies, trade commodity futures, and protect their IT systems with firewalls and other measures. But generally these decisions are silo-based: managed by plant managers, country managers, finance departments, and IT administrators. While these may have sufficed in the past, they are inadequate in the era of interdependent risk. No one department or business unit (or even one company) has the peripheral vision needed to manage these risks.

What’s more, the trend in corporate governance reform over the past few years means that more corporate boards have new legal responsibilities for enterprise-wide risk management. Since the mid- 1990s and particularly after the accounting scandals at Enron, WorldCom, and others, standards bodies in Australia, New Zealand, Canada, Germany, the United Kingdom, and the United States have all emphasized the board’s responsibility in identifying and managing business risks.

Facing greater risks, many businesses are at a loss, and ask questions such as: “What can we do about acts of God or terrorists?” or “Aren’t my competitors just as vulnerable as I am?” They may believe that they cannot afford to take risks, or, having taken risks already, they cannot afford to invest in risk mitigation, believing that it will increase their costs, slow them down, and make them less competitive. Managing risk, however, is about becoming more flexible and competitive, not less. Risk must be examined in the overall context of corporate strategy and market opportunity, but the old adage still applies, “There is no reward without risk.” As a result, companies are turning to strategic risk management to improve outcomes while continuing to actively engage a volatile global business environment. More than just a checklist of safety measures, a strategic risk management approach identifies the core processes that drive a company’s earnings and monitors both internal processes and external events to ensure that risk and reward are continually reevaluated and rebalanced. It is a dynamic approach demanded by a dynamically changing global business environment. The ultimate goal is, through an iterative process, to help companies evaluate their risk management process in the context of a structured “stages of excellence” approach.

Rather than cataloguing all the possible risks a company might face, the first stage in strategic risk management is to understand the company’s internal processes in order to isolate the most relevant and critical risks. Once a company understands its own internal vulnerabilities, it can monitor the external environment for danger signs and then begin to create mitigation and contingency plans accordingly. While companies may not be able to prevent disasters, they can reduce the impact by understanding how their operations may be affected.

The goal is not to eliminate risk altogether (an impossible proposition) but to develop operational resilience, foster the ability to recover quickly, and plot alternative courses to work around the disruption. While global corporations are vulnerable to many of the same risks, each company has a unique risk profile. There are five key steps in the development of this profile:

Prioritize earnings drivers. The first step is to identify and then map a company’s earnings drivers, which provide operational support for the overall business strategy. These are the factors that would have the biggest impact on earnings if disrupted, and a shock to any one could endanger the business. For example, a financial services firm might depend on information technology to the extent that even 10 minutes of downtime could have a major impact on earnings. A consumer products company depends on its brand reputation.

Identify critical infrastructure. The next step is to identify the infrastructure —including processes, relationships, people, regulations, plant, and equipment—that supports the firm’s ability to generate earnings. Brand reputation, for example, might depend on product quality control processes, supplier labor practices, and key spokespeople within the firm. Research and development might depend on specific laboratory loca tions, critical personnel, and patent protection. Again, every company is unique, and even companies in the same industry will prioritize their drivers differently. The goal is to identify the essential components required for the earnings driver. One way to do this is by asking, “What are the processes which, if they failed, would seriously affect my earnings?”

Locate vulnerabilities. Having mapped the critical operational infrastructure, the next step is to identify the main vulnerabilities. What are the weakest links, the elements on which all of the others depend? It could be a single supplier for a critical component, a border that 80 percent of your products must cross to get to your key markets, a single employee who knows how to restore data if the IT system fails, or a regulation that makes it possible for you to stay in business. Vulnerabilities are characterized by:

• An element on which many others depend; a bottleneck

• Processes with no alternatives

• Association with high-risk geographic areas, industries, and products (war or flood zones, or economically troubled industries, such as airlines)

• Insecure access points to important infrastructure

Notice that the focus is still on the internal processes rather than potential external events. In many ways, the impact of a disruption does not depend on the precise manner in which these elements fail. Whether your key supplier fails because of a fire in a plant, an earthquake, a terrorist attack, or an economic crisis, you may have the same response plan.

Develop responses. After mapping its risk profile, a company will have detailed knowledge of its operational vulnerabilities and how these relate to its strategic goals and earnings. Simply understanding these vulnerabilities at the enterprise level will clarify critical decisions. The decision to move production from South America to China, for example, will have a clear impact on the company’s risk profile, as will a decision to adopt new corporate social responsibility standards. But completing a risk profile will also bring to light opportunities to reduce risk while at the same time indicating the value to be gained. Risk mitigation plans can be put into two broad categories: flexibility and redundancy. Flexible responses generally require advanced planning but little or no upfront investment and include:

• Identifying alternate suppliers

• Identifying alternate modes of transportation

• Using products designed for rapid switching of components

• Adopting manufacturing designs for rapid switching of products

• Having multiple (flexible) locations for various tasks

• Identifying additional production capacity

• Cross-training employees

Redundant solutions, on the other hand, generally require an investment in capacity that may not be needed and include:

• Increasing inventory

• Developing a cadre of alternate suppliers

• Preparing back-up IT and telecom systems

• Holding unused capacity

• Fostering long-term supplier contracts

Monitor the risk environment. For each vulnerability, there will be a number of potential responses. In order to evaluate which responses are most appropriate, it is necessary to look at the external environment. To be sure, some risks—notably, the wild cards, such as a worldwide pandemic or a simultaneous resurgence of terrorism in several countries—defy easy countermeasures. But most other risks—those that affect a specific country, region, or industrial sector—are manageable. By gauging the likelihood of various events, the company can evaluate how much to invest for each vulnerability. A company’s risk profile is constantly changing —economic and market conditions change, consumer tastes change, the regulatory environment changes, as will products and processes. It is essential that the company’s risk map change in tandem, implementing an early warning system so contingency plans can be activated as soon as possible. Although a detailed development of a company’s risk management profile is a fairly elaborate process, a simple self-assessment can quickly identify the largest gaps.

Clearly, being able to reduce the costs of a disaster is a major benefit of risk management. But risk management is much more than an insurance policy that kicks in after disaster strikes. By understanding the relationship between corporate strategy and risk profile, corporations can ensure that they are not taking unnecessary risks, while at the same time reducing the potential impact of essential risks. Through flexibility and redundancy, companies can react quickly to changes in the marketplace, whether those changes are as common as varying consumer demand or as rare as political revolutions. The agility that results will ultimately allow corporations to maintain their equilibrium and come out on top, even in a world perpetually out of balance.

Share
Leave a comment or ask a question
Total comments: 0

Management Disclaimer

  • The e-articles directory is not responsible for any and all copyright infringements by writers and authors. If you suspect the information contained by this page for any copyright infringements, please contact us to investigate the issue
The Four Management Initiatives - For many enterprises, the challenges have been met by pursuing four management initiatives: 1. Provide systematic and comprehensive knowledge management distributed widely thro (more...)
Successful Leadership Made Easier - One can come up with a lot of ways on how a leader can be successful; however, I suggest it can be boiled down to 6 things. In order for a leader and their followers to be assured of success they (more...)
Sustaining Service Quality Performance - An essential element in sustaining a vibrant service quality culture is for staff to repeat successful service performance consistently into the future. The top service quality leaders use the inva (more...)
The 7 Proven Communication Steps to Improve Customer Service Performance - Here is a common challenge that leaders encounter: An employee's overall performance is solid. However, the employee is not using one particular skill or set of skills necessary to deliver high-qua (more...)
7 Trade Show Secrets on How to Create a Stand Out Booth - Trade shows can be a wonderful source for developing a supply of new leads for your sales cycle. If you are new to the trade show circuit however; beware of jumping right in without doing some ho (more...)
Brief Description of contract manufacturing - An organization capable of manufacturing or purchasing all the components that needed to produce a finished device or product. It involves the process of making of subcomponents or products for o (more...)
Corporate Events Management In The Benelux Countries - When it comes to corporate events, those holding their meetings in Belgium, the Netherlands or Luxemburg are spoilt for ideas. With centuries of history and culture, outstanding sports and leisur (more...)
Buying and Selling Used Office Furniture Saves Your Business Money - Buying the new furniture is not always a good decision every times. It's sometime better to use used furniture which is in good condition & save assets. Looking to cut your expenses a (more...)
Art Management Career Outlook - As knowledge of the arts and other cultural activities grow in abundance in subsequent years, the entertainment industry evolves along with the rise of many forms of art and other kinds of amusemen (more...)
Art Management Job Description - Becoming an Art Manager They go under different names. You may call them artists' representatives, agents, managers or consultants. Under all these titles the art management job description (more...)
 
free content
    Copyright © 2006 - 2012 e-articles.info.
The texts, articles and tutorials in the directory are property of their respective owners and authors.