Best practice for managing organizational risk
Blog posted by: Allan Thomson – PPM Product Ambassador, AXELOS, 31 March 2020.
How do organizations identify and mitigate risk at a time of international emergency, like the current Coronavirus (COVID-19) pandemic?
In the circumstances affecting countless enterprises, leadership must find a way to keep “business as usual” going and people functioning while in a completely unique and alien situation.
And what senior executives need to acknowledge is the importance of risk at the corporate, strategic level and how – when risks become issues – they can threaten the organization’s strategic objectives and, at worst, its existence.
The size of an organization doesn’t matter; managing risk must be principles-driven to protect the enterprise. Therefore, the Management of Risk (M_o_R) best practice guidance is principles-based and designed to treat risk as a strategic management discipline.
Managing risk at a time of COVID-19
Right now, in the context of the current pandemic, managing risk begins with individual behaviour: complying with Government instructions to avoid becoming ill, spreading the virus and averting further fatalities.
Organizations are also facing new risks, such as shutting down their operational sites and having employees work remotely.
To understand what the risks are and how to mitigate them, leaders should compile a risk register – basically a tool to document risks – which is designed to “record uncertain events that would affect one or more business objectives”. This should identify and prioritize risks, including:
- Risk description
- Probability of the risk occurring
- Impact on one or more business objectives
- Proximity of the risk
- Risk mitigation
- Risk owner.
For example, the risk register could include information such as:
- If staff don’t stick to social distancing rules, they could become ill with the virus and put themselves in jeopardy
- If the organization doesn’t provide adequate IT support, employees can’t work remotely
- Staff unaccustomed to working from home may be faced with multiple distractions that affect their performance and quality of work.
Having identified several risks in the current climate, organizations need to mitigate them:
Promoting social wellbeing
Organizing online meetings or one-to-one chats with line managers or simply phoning team members to ensure they’re OK are key actions to ensure a business is looking after its people in uncertain times.
Facilitating online working
Though people need to be patient in an abnormal situation, organizations need to ensure their IT systems can handle the volume of people logging on remotely.
It’s important to have a clear point each day or a weekly update when senior management will know exactly what they need to tell their employees/stakeholders and share that information, ensuring it’s both relevant and current.
A question I’ve sometimes heard in relation to managing risk is: “Why are we doing all this risk stuff? It might never happen?”
Nobody can predict the future, which is precisely the point of preparing for and managing risk. If risks become issues, and organizations are ill-prepared, they will ultimately pay for it; not only with dollars and cents but also their brand reputation.
Latest News from
Career progression using project management skills03/06/2020 13:20:00
Blog posted by: Ana Bertacchini – senior project manager, 02 June 2020.
Why control is not a dirty word in PRINCE2 projects01/06/2020 13:20:00
Blog posted by: Duncan Wade – Director, The Human Interface Consultancy, 29 May 2020.
ITIL 4: time to stop and think about a new IT services blueprint28/05/2020 13:20:00
Blog posted by: Royce Dsouza – Division IT Director, Mirion Technologies, 27 May 2020.
How to manage a global team working from home27/05/2020 13:20:00
Blog posted by: Allan Thomson – PPM Product Ambassador, AXELOS, 26 May 2020.
How Technology is changing the way we work26/05/2020 13:20:00
Blog posted by: Rasha Akar, AXELOS Social Media Lead, 22 May 2020.
IT and the CIO: custodians of “employee experience”21/05/2020 17:14:00
Blog posted by: Bob Roark – service management expert at Bobroark.com, 21 May 2020.
ITIL 4 and automation – opening up improvement and transformation20/05/2020 13:20:00
Blog posted by: Charlie Miles – Pink Elephant, 19 May 2020.
ITIL 4: getting in shape for modern service management18/05/2020 13:20:00
Blog posted by: Barry Corless – lead author, ITIL 4 incident and problem management practices, 15 May 2020.