Have you valued in euros your Company's total risk exposure?
Do you know the individual risks of each of your activities?
Do you know whether actions have been taken or are planned in order to reduce these Risks?
Do you know how much these actions cost?
Have these actions followed a "proper" approval process regarding their costs?
Do you have information on how much the actions ultimately reduced your inherent Risk? Was the decision to implement them correlated with this?
Have you set a level of risk you are willing to take and why (Risk Appetite)?
Do you know if and how and how much the risks you identified directly impact your Strategic Objectives?
Do you have all this information in a Report?
How many company Managements need and want such a Report? Without a doubt ..all of them! Does this kind of information cost a lot? NO !
Company officials themselves are most often very well aware of their own Risk positions, probably much better than the wisest external consultants, but lack the framework to communicate them properly to those who are interested and/or to the required recipients of risk analysis and to manage them effectively. Companies often lack not the knowledge but the methodological process to take a holistic approach to risk in order to achieve a positive outcome in every activity.
The most probable reason for the above situation is that, not so much the Risk Officers, but the Management lack sufficient information and awareness that by ensuring a better depiction of the real facts they ensure in essence that they are moving more effectively towards achieving their Strategic Objectives.
But the Tools are also missing. Even the companies that are taking steps in this direction often use the wrong tools. Traditional tools, EXCEL spreadsheets for example, don't serve because:
They are not collaborative.
They do not integrate workflows.
They do not send automatic notifications when actions are required.
They don't automatically generate dynamic reports and dashboards based on user preferences and the level of information they want to see (Summary, Analytical).
They do not display classified data depending on user authorizations.
They require many man hours in consolidation, and reuse and most importantly,
They are tools used for many other processes in the organization, users are used to them and are NOT able to change their culture.
And this leads to serious consequences on very serious issues even in the healthiest organizations, and there is the phenomenon that the Board of Directors:
Is not informed in time of the most important risks they face.
Is faced with impacts on shareholder value that could have been anticipated.
Does not have a meaningful crisis management plan.
Fails to provide accurate and complete information to investors.
The most effective solution is the adoption of a dedicated ERM operational risk management information system.
E-ON RIBIA is an integrated ERM system, designed to serve the objective of Risk Management. It includes all the necessary tools to highlight high-risk areas and provide the companies and organizations that use it with analysis and extensive information, contributing significantly to their performance and sustainability.
Most importantly, it is a collaborative system that, with its embedded processes and workflows, changes the cultures of organizations, contributing to transparency and direct information and with the most reasonable cost.
Comments