The nature and type of risks facing the organisation:

One of the main challenges facing managers in today's constantly changing business environment is dealing with uncertainty and creating a risk-focused culture within their organisations. New technologies, new concepts (such as social media and web 2.0), and changing market dynamics are all presenting managers with both threats and opportunities.

This uncertainty has the possibility of creating or destroying customer value and shareholder value, strengthening or weakening brand reputation and above all increasing or decreasing the organisation's competitive advantage.

Understanding the nature and type of risks facing the organisation is the starting point to a successful creation of a risk-focused organisation. With an ever changing business environment comes an increased number of risks. Though risks can be identified separately, for example, supply chain risks, people risks, catastrophe risks, IT risks, reputation risks, country risks etc. one way of identifying these risks is by grouping them into the following sub-categories :

Strategic Risk: This involves analysing and evaluating the effect of competition, customer changes, industry changes, global expansion, potential mergers and acquisitions, product mix, markets and locations of operations on the business.

Operational Risk: This involves analysing and evaluating the ways in which the organisation achieves its goals and objectives. In other words, you are looking at the daily activities and processes and identifying whether they are still viable or they need improvement. For example, this involves looking at processes, information gathering, analysis & its storage, emergency response procedures, protection against external events such as natural catastrophes and disaster recovery policies.

Financial risk: This involves analysing and identifying the effect of interest rates, inflation rates, foreign exchange rates and the availability of credit on company cash flow, return on investment, credit rating and profitability of operations.

Legal risk: This is risk pertaining to regulation, compliances and lawsuits for an organization. This also involves identifying all the rules and regulations that the organisation is bound to, ensure that they are being followed to avoid paying non-compliance penalties. The starting point could involve looking at your industry standards set by your industry's regulators.

Environmental risk: What is the impact of your organisation's activities on the environment? This involves looking at levels of your carbon footprint, pollution levels (noise, odours and light), environmental compliance in all locations, natural resources damage and ongoing monitoring and management.

Social risk: This looks at your organisation's impact on human beings, both from an internal and external perspective. Areas investigated may include, anti-discrimination policies, safety of products, product reliability and quality, sexual harassment concerns, training and education of employees and hiring and promotion practices. The key is developing and maintaining a positive relationship with both your internal and external stakeholders.

Making risk management every employee's everyday business:

The process of identifying, analysing, evaluating and managing risks within the organisation should not be solely left in the hands of senior personnel. Although senior management have the overall say in the deciding the destiny of the business, they might not possess all the knowledge about the risks facing the business. Thus they need the input of other management personnel and the employees.

In creating a risk-focused culture, managers should:

# Move away from a silo-based thinking of managing risks: This means instead of making say the finance department focus only on financial risks and the IT department on IT risks only, an integrated approach (Enterprise Risk Management) should be pursued. This avoids looking at organisational risks in silos but from a broad perspective. This also promotes co-ordination between various functions of the organisation.

# Promote ongoing monitoring and management of risks: Risk management is not a one-off process that is done say once a quarter or twice a year. As the macro-economic environment is always changing, so are the risks to the business. When risk management becomes an everyday business and its importance raised within the organisation, the whole culture is going to change and embrace risk management as a value enabler.

# Encourage training and education of employees: Both employees and managers need to be fully equipped and aware of recent developments in risk management. By sending employees on short courses or industry conferences, their knowledge of risk management is refined and they can use that acquired new knowledge for the betterment of the organisation.

How else can managers foster a culture that is risk-focused?

Views: 1208


You need to be a member of GlobalRisk community to add comments!

Join GlobalRisk community

Comment by Naj Hirani on October 5, 2020 at 5:10pm

I agree with the comment on adding Project Risks as this an area that could introduce new risks during and even after the project if not managed appropriately with a Project Management Risk Framework and Governance model.

In addition, risks identified within Internal and External Audit Reports should be included and addressed as part of the Risk Identification process.

Naj Hirani

Comment by Kokou LOLO on July 22, 2020 at 6:56pm

Insights on risk issues showed that lack in risk awareness as well as risk aversion can bring an organization to serious downturns. Creating risk focused organization requires as the post states it, the involvement of the overall organization members. And as the management of change in organizations, all the staff has to be involved from inception to the definition of principles, policies, the risk assessment and it's management.

When every staff is concerned as part of the organization, management has to find a way to involved him on the management stage as an individual. This said, he feels himself to really be part of the whole and important for the hole. Working on staff members psychology, can help align risk management goals with the general corporate goals. 

Comment by Dr Zheng Junjin on April 4, 2019 at 5:38pm

As a marketer, I see risk in terms of internal and external factors. The internal factors being the strengths and weaknesses of the various functions within the organisation e.g. finance, production, sales etc; the external factors being the opportunities and threats of the acronym PESTLE. Besides this, Porter's Five Forces can all be seen as risks unto itself - strategic and tactic e.g. risks from clients, suppliers, competitors and substitutes. 

Comment by Hermann Noll on April 10, 2018 at 4:32pm

Very interesting article to promote a real risk culture in the organizations. I only can suggest to add Project Risks. The impact of these risks, normally, has effects in all the categories listed but is recommended to manage them from an integrated point of view.

Comment by alik bhattacharya on April 4, 2017 at 2:03pm

One important aspect to be risk focused by any organisation, besides day to day monitoring of risk aspects of any organisation, Risk Audit by external agency on regular interval(depending upon organisation size and business profile) could be implemented by the management.

Comment by Alao ismail Akinkunmi on March 31, 2017 at 10:09am

The article has analyze more and shed light the best principle to be adopted by a going concern organization to more progression if actually follows it with due process.

Comment by Mohamed Labib Sadek on February 6, 2016 at 4:12pm

The article is interesting and i can say that the difference between the successful organization and the non successful one is how much efforts are exerted in adopting continuous improving / promoting risk management culture! In other words, deep/serious adoption of risk management implementation or slow death!

Comment by Sylver Kyeyune on October 2, 2010 at 11:28am

Am totally in agreement with your opinions. Keep up man...

Our Sponsors

Would you like to reach over 90,000 + Risk Professionals? 



Current Partners Include:





Join GRC Inner Circle - Get Top Risk Resources, Member Support PLUS become our patron

Business Exchange

If your organization delivers products and services that bring value to our members, you are welcome to join our partnership program.

Companies are welcome to setup a business profile page in our Multimedia Business Directory. You will get full control of the page and can include cutting edge possibilities – videos, adverts, presentations, white papers, job offers, Press Releases, product information, company blog, news feeds and more.


Our Knowledge Partners

Request our MEDIA KIT

Our Twitter feed

© 2020   Created by Boris Agranovich.   Powered by

Badges  |  Report an Issue  |  Terms of Service