Developing the Organization’s Risk Profile

The Annual Meeting of the World Economic Forum in Davos, Switzerland kicks-off next week and runs from 26-30 January 2011.

This is a gathering of global leaders from many fields to discuss issues and challenges facing livelihood, global businesses and the economy.

According to the organizers of the summit, the theme for this year is Shared Norms for the New Reality. We now live in a world that is not only increasingly complex and interconnected, but also experiencing an erosion of values and principles that undermine public trust in leadership as well as future economic growth and political instability.

Having witnessed and endured the worst Global Financial Crisis since the Great Depression of the 1930s, there is no doubt that identifying and tackling risks tops the goals of CEOs, Politicians, Entrepreneurs and NGOs.

Of main concern are environmental risks, financial risks (such as sovereign risk, currency instabilities/wars, and global inflation), IT risks (WikiLeaks, Cyber Wars, Fraud) and pressure on basic resources such as food, water and energy.

Global leaders have come to the realization that in an increasingly interconnected world, weaknesses in the global economy can easily lead to rapid contagion, hence the need for governments and global businesses to work together.

As a result of the Global Financial Crisis, many businesses and governments have experienced the sharpest fall ever in global economic activity and are keen to learn from the events and not repeat the same mistakes again (poor risk management).

Identifying and managing risks at a macro-economic level to improve business performance requires businesses to have a ‘holistic’ view of their operating environment.

That is looking outward and across the organization as well as at individual activities.

This will help you establish the relationships between your organization and its operating environment and also reveal the interdependencies of individual activities and the horizontal linkages.

So how can organizations successfully develop their risk profiles?

The first step in developing the corporate risk profile is a broad understanding of the operating environment.

This involves ongoing analysis of both the internal and external environment( Political, Economic, Social, Technological, Environmental, Legal) in order to identify threats and opportunities to the business.

By collecting information and knowledge at both the corporate and operational level, you will be able to understand the various risks your organization is exposed to, their source (external or internal), their likelihood, and their potential impact on people, reputation, program results, decision making, real property etc.

Evaluate current status of risk management. This involves assessing current risk management culture, risk management processes and practices to determine if adjustments are necessary.

Looking at factors such as decision making structures, planning processes, infrastructure, knowledge, skills, experience, risk tolerance, strategic direction as well as external factors is key in assessing your organization’s current risk management capacity.

Involve personnel from other departments other than finance when profiling risks. Conducting brainstorming sessions, workshops and meetings or allowing people to go away, identify business risks in their own time and then later present their findings are another useful way of risk profiling.

Risk management is an enterprise wide activity and should not be designated to only one department. Every employee and stakeholder should play a role in identifying and managing risks.