The Art of Risk Management (2017)
16 hours ago
- #risk-management
- #leadership
- #corporate-strategy
- Risk management has become a top priority across industries since the global financial crisis, with surveys showing increased importance and resources devoted to it.
- Many companies risk making the same mistakes as financial firms by adopting overly technical risk-management approaches isolated from daily operations, rather than embedding a risk-aware culture.
- Effective risk management requires dynamic interaction between experts and line organizations, viewing it as a value-creating activity integral to strategy, not just regulatory compliance.
- BCG outlines ten principles for risk management, emphasizing leadership from the top, integration into business processes, avoiding over-reliance on complex models, and fostering a risk-aware culture.
- Risk management should start at the top with senior executive commitment, such as appointing a chief risk officer (CRO), but must be actively supported to avoid being ineffective.
- Risk cannot be managed from an ivory tower; it must be integrated into routine processes like planning and capital allocation, with collaboration across the organization.
- Avoid relying on black boxes or overly complex models; simplicity and transparency in risk assessments can enhance engagement and decision-making, as seen with Chevron's DEMA tool.
- Risk management is intertwined with strategy, addressing both financial and strategic risks, and should align with business goals to create shareholder value, as demonstrated by Infosys.
- A risk-aware culture requires free information flow, open discussions, and continuous improvement, focusing on optimizing risk-return tradeoffs rather than merely avoiding risk.
- Companies should prepare for unknown risks by building adaptive capabilities, use scenario planning to consider upsides, and learn from examples like First Solar, which embedded risk management into its business model.