Managing operational risk still remains one of the struggles faced by management. The era of managing business risk function by function is long gone.
In today’s dynamic and competitive environment, aligning business strategy with risk management is key to achieving improved business performance.
Integrating operational risk management with the rest of the business units is the way forward for those organisations that aspire to be market leaders in their respective fields.
One of the mistakes made by many business leaders is allowing functional managers to concentrate only at those risks within their functions. For example, the marketing manager focuses only on risks specific to sales and marketing; the finance manager focuse only on financial risks; the IT manager focuses only on risks specific to IT investments.
The problem with this approach is that, most of the risks involved are organisation-wide. They are interrelated and have an impact on the entire business as opposed to one business unit. Managing risks especially on this silo-based approach often results in duplication of effort and resources.
For an organisation to achieve its goals and targets, there is need to have minimal disruptions to the operations of the business. Operations are the oil that keep the organisation flowing smoothly towards its objectives and goals.
However, in achieving the targets set, there will always be hurdles to overcome. Hurdles in the form of various risks. For example, a breakdown in the payments processing system, natural disasters, fire, fraud, employee strike or the departure of key employees can have far much damaging consequences on the business.
A case in point is the Gulf of Mexico oil spill which has cost BP huge amounts of money as well as put the brand image of the company at risk. BP is being accused of not having acted properly before and after the spill to reduce the damage caused by the spill. Most analysts claim that BP failed on their operational risk management.
Another example, is the 2010 Honda labour strikes at at one of the car manufacturer’s production base in China, which resulted in the the company shutting down the affected base and in turn suffer huge financial losses.
Thus, a firm’s ability to integrate risk management firmwide may mean survival in today’s and tomorrow’s more volatile and dynamic industry.
Therefore, in order to manage and mitigate the impact of operational risk events, businesses should:
- Ensure that there is visibility and transparency when it comes to risk management. This means, they should be able to identify all the risks within the business and evaluate the potential consequences of those risks in the context of all risks faced by the business.
- View risk management as a bsiness decision support function and not a rule-keeping function. True risk management is not a regulatory matter.
- Align technology, people and processes to achieve integrated risk management.
Operational risk management should be a seen as practice that unifies different business functions to achieve goals and take the organisation to the next level, rather than as a practice which meddles with the affairs of the other business units.
Instead, operational risk management exposes the links between the various functions of the business, thereby allowing co-ordination towards the achievement of business objectives.