I have just been quoted in an article in Norman Mark’s blog – ‘How Do You Determine Whether the Risk Management Process Is "Effective"?
This was my response: Effective risk management is when each risk event identified is examined through the lens of both the direct loss to the firm and indirect losses that may arise because of damage to the firm’s reputation associated with the event.
My definition has evolved from working with clients where I could see the imbalance the risk management process i.e that too much attention was placed on financial losses.
Those readers who received my Powerlines newsletter Nr. 89 dated Nov 2009 will recall my article ‘One Event, Multiple Stakeholder Impacts’ in which i showed the danger of how one event could have multiple stakeholder impacts.
That is the type of danger that exists when you do not view a risk event and put it through the stakeholder lens.
a While ago I worked with a client where it soon became apparent that too much attention was given to financial indicators and not enough to intangible measurement. As I explained to the client there is was a need to "balance the yin and the yang" of the risk management approach in the company.
This comment emphasizes both "hard" and "soft" sides of risk management. The hard (yin) includes committees, policies & procedures, quantitative assessments, reporting, limits, audits and systems.
The soft (yang) reflects awareness, people, skills, integrity, incentives, cultures, values, trust and communication. Both sides are essential to a sound program and a sound reputation.
Is your risk management system adequately balanced?