You have probably heard the risk function being called an enabling function. Because it is. It helps the main producing areas of the business to be more successful. When I present to executive teams to give them a picture of enterprise risk management, the first thing I do is dispel any hint of the myth that risk is a compliance function. I stress early, and often, that they should engage with the risk program to be successful! Not to avoid bad things happening.
I go on to plead with them to do as much risk management as is needed to be successful. Not too much or too little. Too much means unnecessary red tape and a drag on the business. Too little and you will be held back by too many surprises.
When designing your enterprise risk framework, you should focus on showing risk as an enabler, not a compliance function. A big part of that is by integrating risk into business-as-usual which I wrote about last week. However, even more importantly, you need to ensure risk is seen as enabling faster and better decision making. I do this by focusing in on:
- Knowledge – Managing risk means making decisions based on the best information available. This means the communication of information up and down the organisational hierarchy and across silos.
- Decisions – Decisions by default are always made under a degree of uncertainty, otherwise a decision would not be required. While all our decisions should consider risk, some decisions need more attention than others. Focus in on the decisions that matter!
- Support – We all have unconscious bias. The risk function helps decision makers manage this, by supporting with insights, the decisions that matter.
- Culture – Behaviours don’t lie. Your framework should be clear on the risk-taking behaviours that are appropriate for the success of your organisation.
Focus on these four areas in the design and implementation of your risk framework and you will be enabling your success.