How to put Resilience on Your Risk Management Radar
Since early 2020, you’ve probably focused on managing COVID risks for your business. But has that blinkered you from tackling other risks and building resilience? If so, you’re not alone.
According to software platform Dataminr’s survey, Australian businesses’ biggest distractions for this year are:
COVID (67%)
Staffing (45%)
Supply chain (40%)
Cyber crime (40%)
Climate change (25%)
Unknown risks (20%).
Businesses unable to identify risks
A key issue is almost a third of businesses don’t invest in risk resilience, the Dataminr survey found. Those that do invest are more proactive about risks - known and unknown.
The Organisation for Economic Co-operation and Development defines risk resilience as strengthening a system’s capacities and resources to address the root causes of crises. This helps organisations cope with risks, stresses, and shocks. That’s even the case where risks have yet to come to light, so they are difficult to anticipate. Think back to your pre-pandemic business continuity plan – did it cater to a coronavirus-type scenario? According to Australian Cybersecurity Magazine, only half of such plans did.
Has COVID made your business more comprehensive and continuous in gauging risks that could impact your business? Does your approach appreciate risks are evolving in complexity, too?
Top business risks for 2022
While Dataminr’s report offered insights into business leaders’ concerns for this year, it’s interesting to see how they compare with the top 10 risks. Protiviti, a global consulting firm, surveyed almost 1,500 C-suite executives and board members across the globe to come up with these dangers:
Impact of pandemic-related government policies and regulations on business performance
An organisational culture that doesn’t work to identify and escalate risk issues swiftly
Greater likelihood of staff working remotely
Expectations about diversity, equity, and inclusion are moving faster than organisations can respond
Need to adapt business models for the ‘new normal’ catapulted by the pandemic and social change
Implementing risk preparedness
It’s much easier to identify these risks and their potential impact, though, if your business has real-time tools embedded in your workflows. Cyber risks are pertinent here. For example, cyber hackers can dwell in your IT system for up to 20 days before your systems can detect them. This gives them time to hold your data or operations to ransom.
Australian businesses can also build resilience in these ways:
Review risk management procedures, policies, and processes to decide what’s most important
Consult with internal and external stakeholders to identify, analyse and evaluate risks using past events, plus possible future trends
Dedicated staff across multiple functions to steer and implement risk management.
Don’t rely on external experts and resources
Undertake scenario planning, including exploring unknown risks across business functions
See risk as an opportunity to combine flexibility and preparedness in their operations
Be proactive. Invest in technology for real-time insights to empower staff
Debrief after risk events occur and document what worked and didn’t.
Consider, too, how much time your board or senior management meetings spend on risk and split that into proactive and reactive approaches. Taking a risk-management lens to their priorities could be an eye-opener. For more on this, listen to McKinsey’s podcast on the board’s role in preparing for extraordinary risk.
See this useful Australian Government guide for businesses to assess and manage risks.
Reach out to us to ensure your business is fully insured
There’s a range of resources, approaches, and strategies for taking a more holistic risk-management approach. Securing customised insurance cover gives you an extra layer of protection from various business risks.
We’re here to guide you on the intricacies of risk management and building resilience.