How to put Resilience on Your Risk Management Radar

Since early 2020, you’ve probably focused on managing COVID risks for your business. But has that blinkered you from tackling other risks and building resilience? If so, you’re not alone.

According to software platform Dataminr’s survey, Australian businesses’ biggest distractions for this year are:

• COVID (67%)

• Staffing (45%)

• Supply chain (40%)

• Cyber crime (40%)

• Climate change (25%)

• Unknown risks (20%).

Businesses unable to identify risks

A key issue is almost a third of businesses don’t invest in risk resilience, the Dataminr survey found. Those that do invest are more proactive about risks - known and unknown.

The Organisation for Economic Co-operation and Development defines risk resilience as strengthening a system’s capacities and resources to address the root causes of crises. This helps organisations cope with risks, stresses, and shocks. That’s even the case where risks have yet to come to light, so they are difficult to anticipate. Think back to your pre-pandemic business continuity plan – did it cater to a coronavirus-type scenario? According to Australian Cybersecurity Magazine, only half of such plans did.

Has COVID made your business more comprehensive and continuous in gauging risks that could impact your business? Does your approach appreciate risks are evolving in complexity, too?

Top business risks for 2022

While Dataminr’s report offered insights into business leaders’ concerns for this year, it’s interesting to see how they compare with the top 10 risks. Protiviti, a global consulting firm, surveyed almost 1,500 C-suite executives and board members across the globe to come up with these dangers:

1. Impact of pandemic-related government policies and regulations on business performance

2. An organisational culture that doesn’t work to identify and escalate risk issues swiftly

3. Greater likelihood of staff working remotely

4. Expectations about diversity, equity, and inclusion are moving faster than organisations can respond

5. Need to adapt business models for the ‘new normal’ catapulted by the pandemic and social change

Implementing risk preparedness

It’s much easier to identify these risks and their potential impact, though, if your business has real-time tools embedded in your workflows. Cyber risks are pertinent here. For example, cyber hackers can dwell in your IT system for up to 20 days before your systems can detect them. This gives them time to hold your data or operations to ransom.

Australian businesses can also build resilience in these ways:

• Review risk management procedures, policies, and processes to decide what’s most important

• Consult with internal and external stakeholders to identify, analyse and evaluate risks using past events, plus possible future trends

• Dedicated staff across multiple functions to steer and implement risk management.

• Don’t rely on external experts and resources

• Undertake scenario planning, including exploring unknown risks across business functions

• See risk as an opportunity to combine flexibility and preparedness in their operations

• Be proactive. Invest in technology for real-time insights to empower staff

• Debrief after risk events occur and document what worked and didn’t.

Consider, too, how much time your board or senior management meetings spend on risk and split that into proactive and reactive approaches. Taking a risk-management lens to their priorities could be an eye-opener. For more on this, listen to McKinsey’s podcast on the board’s role in preparing for extraordinary risk.

See this useful Australian Government guide for businesses to assess and manage risks.

Reach out to us to ensure your business is fully insured

There’s a range of resources, approaches, and strategies for taking a more holistic risk-management approach. Securing customised insurance cover gives you an extra layer of protection from various business risks. 

We’re here to guide you on the intricacies of risk management and building resilience.