Risk Management: A Process or a Way of Life?

From the Project Management 2.0 Blog
by
New technologies, concepts, and Web 2.0 tools are popping up everywhere. How can you use them to help your project team collaborate, communicate - or just give your project an extra boost? [Contact Dave]

About this Blog

RSS

Recent Posts

What To Expect When Your Stakeholders Are Expecting

8 More Templates to Save You Time

What's The WORST Thing a PM Can Do?

9 Amazing PM Templates

Coded Messages > What Are "Project People" Really Saying?

Email Notifications off: Turn on

Categories: Interviews, Risk

Situation: You organization needs to take risk management a lot more seriously.

We recently spoke with Loren Padelford, Executive Vice President & General Manager at Active Risk. The folks at Active Risk talk a lot about establishing an "Active Risk Culture" at your organization - really making risk management a way of life, rather than a set of sterile processes. As a concept that sounds interesting, but how does it really work? Loren offers some clarification in his responses below.

 

How much difference can having a "Risk-Aware Culture" have on a business? Can you compare it to simply having Risk Management processes in place or even just using general policies to manage risk?

The difference between risk awareness and simple risk management is immense. In a risk-aware culture, risk is part of everyone’s daily activity. Most firms would argue that they have a risk management “process” or “policy” in place, but a risk-aware culture means that risk is analyzed to a granular level - where it has the most impact. This means that every single person within an organization, from the CEO to the finance department to the newest project manager, not only understands their risks, but implements and uses risk management on a daily basis. If everyone understands that their role has a component of risk management involved and that risk management needs to be practiced every day, than the organization’s ability to understand its risk at a more in-depth, mature level, increases.

We’re seeing and research is showing that organizations with higher levels of risk maturity have improved in profitability, enterprise value, and opportunity generation.”

 

Q.  Could you describe how a Risk Aware Culture is established?  What are the top 3 (must do) components of the process?

Establishing a risk-aware culture can be a relatively simple process if the organization, on an individual level and as a whole, is committed. Having executive level support is number one. Having the CEO involved in the process and actively understanding his or her own role as a risk manager is a must. Without senior level support and daily involvement, risk is seen as optional and a risk-aware culture will not be achieved.

Secondly, an effective risk management process must be goal-focused. In order to draw employees into the process, each individual in an organization needs to establish tangible goals that they want to achieve through risk management. Risk needs to be a valuable process to the people who do it every day and setting goals will show them how effective risk management is in helping them achieve their goals more quickly.

Finally, organizations must be careful not to over-complicate its risk management. In order for risk to take hold in a culture and become engrained in everyday activity, it must consist of simple tools and remain focused on the risk that really matters to each individual’s goals and objectives.

 

Q.  How "Risk Mature" does your organization have to be to establish this sort of culture?  Are there pre-requisites to keep in mind?

Because risk is an ongoing process, there is absolutely no threshold for risk maturity. Organizations that want to become more risk mature simply need to focus on the three attributes mentioned above – executive support, setting goals and keeping the process simple. If an organization achieves these things, they will find themselves in a position where the company starts to pull in risk awareness naturally, instead of finding it pushed onto them.

 

Q.  When is it inappropriate to establish this sort of culture? In which industries is it more difficult?

Because every industry encounters risk on a daily basis, it is never inappropriate to establish a risk culture.

Additionally, every industry has a certain requirement to take risks in order to create opportunity. Of course, all industries have their particular challenges and some are more complicated than others, but there is never a time and place when risk is an inappropriate process to engage as a core component of a company’s strategy.

 

Q.  Given your company's deep experience in fostering effective Risk Aware cultures, could you tell us what this takes from a staffing and a tool perspective?

From a staffing perspective, the organization must have executive-level support. I cannot stress this point enough: the Chief Executive Officer must also serve as the Chief Risk Officer. They will be the educator of risk throughout the organization and translators of the goals and objectives of the business. They are not only imperative to the success of the process, but they are the cultural enablers bringing risk to an organization-wide level.

Without the right tools, it’s nearly impossible to execute risk management well. Organizations should look for tools, like Active Risk’s ARM solution, that provide a centralized hub for all risk information, so that the defined Chief Risk Officer is able to own the risk management process. This tool should integrate seamlessly into existing systems and processes, and have the ability to be personalized to each user’s needs.

The most successful organizations are the ones who have taken the approach of giving individuals high power and highly capable, yet simple to use tools to support risk management as a daily activity in business. These are the organizations that reap the rewards of a risk-aware culture.

_______________________________________________________________________________

About Loren Padelford

Loren is responsible for all customer-facing activities at Active Risk including sales, marketing, services, partners and customer success.

Loren has a broad track record of success in technology, advertising and business services. Prior to joining Active Risk, Loren was Vice President of Strategic Alliances and Global Sales Director for Dyadem International, a leading enterprise HSE software provider. Loren was a key member of the leadership team and instrumental in the growth of the business, which led to the acquisition of Dyadem by IHS (NYSE:IHS) in April of 2011. Prior to Dyadem, Loren was National Sales Manager at Recall Corp, Sr. Director of Sales & Account Management at advertising firm Uthink and started his career selling photocopiers with Ricoh Corp.

Loren holds an MBA in Marketing from the University of Liverpool Management School, a Bachelors of Psychology from the University of Guelph and is a Certified Sales Professional.

 

Posted on: November 30, 2012 10:27 AM | Permalink

Comments

Please Login/Register to leave a comment.

ADVERTISEMENTS

I have made good judgements in the past. I have made good judgements in the future.

- Dan Quayle

ADVERTISEMENT

Sponsors

>