Strategic risks can do serious damage to an organization, very quickly. These risks can compromise supply chains, facilities, technology, talent, capital, reputation, and basic drivers of value. Yet they fall outside most enterprise risk management (ERM) programs and are difficult to quantify, monitor, and manage. To address these risks, leaders need new perspectives and approaches. They need tools for scanning the environment, tracking developments, and visualizing risk data. And they need to prepare effective responses, because responsibility for strategic risks resides at the C-suite and board levels.
Risk transformation can enable an organization to elevate risk from a functional capability to an enterprise responsibility that permeates the entire organization. When that happens, risk is no longer seen as the domain of the risk manager or the safety department function. Instead, every business unit, function, an individual becomes accountable for and capable of addressing the risks with their purview. This enables the organization to more effectively implement strategies and achieve goals while addressing risks and complying with regulations.
- Strategic risks and “value killer” risks, and why they are difficult to identify, measure, and manage
- How risk sensing and other technologies can assist organizations in detecting and tracking strategic risks
- Why preparing responses to strategic risk events is useful, even though the actual events can rarely be predicted
- Why simply meeting regulatory requirements or confining risk management to the function with that name leaves a company exposed
- The roles of the business units, risk management, and internal audit in risk transformation
- As this publication explains, customers, investors, regulators, and other stakeholders do not expect management and the board to predict future events. But they do expect them to prepare the organization to recognize and respond to strategic risk events.