Business Leaders Need To Reconsider How They Assess Risk — Here’s How
About a year ago at this time, it would have been hard to imagine how a virus could disrupt every economy in the world and send us back seemingly decades in terms of GDP growth. But that’s where we are now. This shared experience has illustrated the systemic risk of simply existing in this world.
You can’t just worry about your enterprise, your sector or even your supply chain — which is outside your company. You need to be aware that we are in a world that’s interconnected.
Many of us weren’t prepared for Covid-19. We underestimated our risk because business leaders tend to focus on things like their assets, capital structures and markets. We don’t — or didn’t — think about how something of a global nature like a pandemic might impact us.
There already has been a lot of discussion about how the pandemic taught us how to collaborate and connect better. That’s all true. But I think if the pandemic taught us anything it’s that our operating models were too simplistic. They were not resilient because we didn’t think about greater systemic risks such as pandemics and how those risks could shut us down.
Now that we have all seen how such world events can have a massive impact on our businesses, here are some ideas on what we can do to be better prepared for the future.
Think About Different Risk Profiles
Businesses, organizations and people study economies, countries, cultures and business practices. Those are all things on which we still focus. But we didn’t stop to think about what else is out there that we have to consider and the consequences of those events.
One thing that’s clear is that as business leaders, we have been too narrow in our thinking about risk. We need to expand how we think about and plan for risk.
For example, the Wharton School advises companies to “determine whether they’re taking the actions necessary to mitigate political risk.” The Wharton authors deem this important because the way political events alter the value of an investment or even economic outcome hit a high post-World War II in the years spanning 2016 to 2018. They say the “pandemic and resulting geopolitical tensions and volatile country policy environments are likely to dwarf that previous high.”
Take A Holistic Approach To Identify Risk
Traditionally, organizations have approached risk management using a siloed approach.
The risks identified by the finance department would be different than those called out by the distribution, human resources, IT, legal or sales departments, for example.
But risk doesn’t fall cleanly within one discipline. Be aware that risks may fall between silos.
Manage Risk By Running Risk Scenarios
Once you identify the types of risk that are lurking in the world, you’ll want to run scenarios.
This will enable you to assess how bad various scenarios could be. Most businesses didn’t run risk scenarios on a pandemic, so leaders didn’t have a sense of the kind of risk it represented.
There’s still time to do this because the pandemic is not going to go away any time soon. Everybody thinks Covid-19 has an end date. It doesn’t. It’s already mutated and has new strains. And the pandemic isn’t the only new risk on which you need to run scenarios.
Reinvent Your ERM Wheel — Or At Least Revise It
Now is also a good time to adjust your enterprise risk management (ERM) approach.
Ask yourself what your ERM wheel looks like in our new normal where business is forced into more online, virtual relationships, etc. Cybersecurity likely has its own ERM wheel given the new operating models that are exponentially increasing the ecosystem necessary to conduct business.
Going forward, it should have a massive new sector called pandemics and other global events.
As the saying goes “if you fail to plan, you plan to fail.”