Transcript From Conformance to Performance: Using Integrated Risk

From Conformance to Performance:
Using Integrated Risk Management to
achieve Organisational Health
Ms Stacie Hall
Comcover National Manager
Outline







Risk – What is it?
Risk – different perspectives
Integration – the ‘Holy Grail’
Features of effective risk management systems
Improving the level of risk management integration
Opportunities for integration
Characteristics of a risk management team
Risk – What is it?
“The possibility of events or activities
impacting adversely on achieving
organisational outcomes”
Risk - Different Perspectives
Strategic
Operational
Compliance
Emerging
Strategic Risks
• Focus is on managing risks that impact key outcomes
• Opportunities – the other piece of the puzzle
• Identify both as part of the strategic planning process and
allocation of resources
• Treatments usually whole-of-organisation, and are
resource intensive
Operational Risks
• Focus is on managing risks that impact individual
programmes and projects
• Treatments involve ‘management’ disciplines
including planning, monitoring, reporting, project
management
• Issues:
– Treatment approach can lack integration/silo approach
– Treatments ‘internally focussed’
Compliance Risks
• Focus is on managing risk to organisation’s
reputation (and avoiding breaking the law!)
• Treatments involve formal policies, detail processes,
specific staff training
• Has the attention of senior management
• Issues:
– Often ignored until something goes wrong
– Perceived as non-value-adding
e.g. ‘Check the box’
– Opportunities for integrating rarely utilised
Emerging Risks
• Can be strategic, operational or compliance
• Challenge is to respond quickly and assign accountability
for managing
• Leading organisations look for emerging issues before
they become public crises
Integration – the Holy Grail
• Ultimate goal is optimise organisational
outcomes/performance
• Underlying goals
– Behavioural change
– Comprehensive risk management framework and
processes
• What does integration look like for your
organisation?
Features of Effective Risk
Management Frameworks
• Processes and culture incorporate strong risk
management emphasis
• Systematic approach to risk analysis
• Ability to learn from past experiences
• Adequate resourcing to deal with emergencies
• Reporting system to Board level / independent
Features of Effective Risk
Management Frameworks
• Continuous evaluation of risk management framework
• Horizontally integrated (cuts across silos)
• Processes are ‘convenient’
Comcover’s Awards for Excellence
in Risk Management
•
•
•
Purpose: To develop a culture of risk management across
the Australian Government
Recognises exceptional and inspiring examples of risk
management
Demonstrates how essential risk management is to the
success of Australian Government agencies
Comcover’s Awards for Excellence
in Risk Management
Findings from 2007 Awards:
• Stronger governance structures are helping to clearly
identify the responsibility for managing risk
• Better reporting frameworks are helping to ensure risks
and their treatment strategies are communicated to
senior executives, committees and boards regularly
• Engagement with key stakeholders is becoming more
prevalent
• Greater collaboration between agencies and stakeholder
groups
Improving the Level of Risk
Management Integration
• Keep it simple – people will do what is convenient
• Get the Board on board
• Sell the benefits of integration
– Reduces competition for resources
– Single process  multiple outcomes
– Provides big picture
• Embed the risk assessment process into business
planning process
Improving the Level of Risk
Management Integration
• Identify and lobby key influences
– e.g. CEO, CFO, Senior Executive and Boards
• Get stakeholder buy-in through consultation and
participation
• Keep it dynamic
• Use common risk language and concepts
• Communicate, communicate, communicate!
• Identify and train risk experts
• Include risk management responsibilities in job descriptions
and performance agreements
Opportunities for Integration
• Business Planning
– Incorporate risk analysis via templates, workshops
– Align risk planning cycle to business planning cycle
• Compliance risk management
–
–
–
–
Underlying strategic risk: reputation
Stakeholders – common to strategic risks and operational risks
Processes generally exist
Cuts across organisation silos
Opportunities for Integration
• Operational risk management
–
–
–
–
Underlying strategic risks: performance and reputation
Stakeholders often disparate
Processes often localised
The silos start here!
• Possible solutions:
– Look for opportunities to standardise processes
e.g. project and contract management frameworks
– Analyse sources of risk to identify common/shared risk drivers
= efficient resource allocation for treatments
– Leverage operational improvement initiatives
e.g. innovation and quality forums
– KPIs and reporting
Characteristics of a
Risk Management Team
•
•
•
•
•
•
•
•
Accessible and approachable
First person to call with a good idea or problem
Engaged at beginning of a process / project
Have ‘access–all-areas’
Have senior executive support
Results driven
Ability to get best out of people
Creative thinkers
Questions?