As I write this Opinion Article I am taken aback to 2005 when I submitted an MBA Dissertation Proposal on Integrating Risk Identification Into Objectives Setting Process (Risk-led Strategic Planning) which was 1st rejected, the reason being there wasn’t much Academic Literature written about the Topic at the Time. I had to motivate and defend my Research Topic which to my delight was eventually accepted.
In 2005, as a prelude to my research on Integrating Risk Identification into an Objective Setting Process, I observed that over the past five years, risk management had evolved significantly. Most companies had developed formal risk management systems, integrating their risk identification processes into their objective setting processes, albeit with varying forms of integration. The Integration of Risk Identification into the Objective Setting Process had been recognized as a crucial step in the Risk Management Process, facilitating the identification of risks that may impact the achievement of business objectives and ensuring the development of plans to mitigate these identified risks. Effective risk management is imperative for the success of any business, whether profit-making or non-profit making.
I made the following groundbreaking observations from my MBA Dissertation Research work in 2006.
The catalysts for corporate collapses, such as the Enron scandal in 2001, are widely attributed to inadequate corporate governance and risk management. This has underscored the critical need for organizations to establish formalized risk management programs to effectively identify and address the risks inherent in today’s business environment.
Organizations that have not integrated their risk management processes with strategic management are less likely to fully harness the benefits of risk management initiatives.
The Risk Identification Process entails identifying potential threats and opportunities that could impact the achievement of objectives. By integrating this process with the Objective Setting Process, organizations establish a foundation to consider risks that could impede objectives, as well as opportunities that should be leveraged when crafting strategies to achieve these objectives.
While objective setting is vital, it cannot foresee how the market and business environment will evolve or anticipate emerging issues. Therefore, Risk Identification provides crucial input into the Strategic Management Process, enabling organizations to navigate unpredictable and turbulent business climates.
Employing techniques such as facilitated workshops or interviews enables managers to identify and evaluate potential business risks.
Once risks have been identified, it is essential to describe them in a manner that clearly identifies the potential event and its impact on objectives. This enables a comprehensive analysis of risks in relation to their impact on the achievement of objectives.
Integrating Risk Identification is instrumental in addressing the failure to identify risks, acknowledging potential threats, and integrating risk mitigation strategies with strategic actions.
Organisations should employ industry- or organization-defined techniques to identify events that may pose risks or offer opportunities.
Integrating the Risk Identification Process into the Objective Setting Process is crucial to ensuring that risk management becomes an integral part of the Strategic Management Process. This integration is a valuable approach, preventing misalignments with the Budget and Strategic Planning Processes, and ensuring that strategic plans encompass necessary actions to mitigate risks, thereby contributing to the achievement of objectives.
The success of this integration within individual business entities hinges on the culture and capabilities of their employees.
A Risk Management Process Developed in 2005 as part of an MBA Dissertation Titled: Integrating Risk Management Into Objective Setting Process. https://researchspace.ukzn.ac.za/bitstream/handle/10413/1102/Ndlela_Ngqalabutho_2007.pdf?sequence=1
An Integrated Risk Identification Process was developed in 2005 as part of an MBA Dissertation Titled: Integrating Risk Identification Process Into Objective Setting Process. https://researchspace.ukzn.ac.za/bitstream/handle/10413/1102/Ndlela_Ngqalabutho_2007.pdf?sequence=1
It is essential for Risk Management Professionals, to acknowledge the value of existing knowledge developed over the past 20 years before formulating new risk management approaches. This understanding prevents the recycling of outdated ideas as fresh insights. The world requires forward-thinking Risk Management Leaders with the foresight to anticipate and shape the future by addressing potential threats and opportunities today. Whether a CEO, Sales Director, Engineer, or administration staff, each individual plays a crucial role in driving their organization towards success. As a Risk Management Leader, one must possess the conviction to stand out and not succumb to conventional practices. It is imperative to differentiate between Crisis Management and Risk Management.
The term ‘Education’ holds more than just the connotation of enlightenment; it can also denote indoctrination. Many visionary leaders argue that the current education system leans towards indoctrination, focusing on ‘What to Think’ rather than ‘How to Think.’ Such a system often restrains our ability to innovate and think independently.
One of the most significant weaknesses in Risk Management is the failure to promptly identify, escalate, and mitigate risks.
RiskForesights.COM is of the view that managing risks is inherent to Human Beings as well as in the Animal Kingdom, it is as old as Human Kind and an Integral Part of our lives. Managing Risks effectively is the ability to timely anticipate both threats and opportunities lying ahead that may either prevent or enhance the achievement of our Vision, Plans to Achieve our Vision and taking pro – active actions to mitigate or exploit the Risks identified. It is interesting to note that George Bush (Junior), Barack Obama, and Bill Gates anticipated a Pandemic like COVID – 19 but nothing was proactively done to Mitigate The Risk perhaps because the World just wished it away. The Greater Part of the World only reacted when the Risk had materialized and had become a Crisis.
Risk management failures are widespread in both public and private organizations, largely due to a pervasive lack of expertise in risk management. This becomes evident when supposed “leading risk management” professionals classify existing weaknesses and threats as risks, many of which have already escalated to crisis levels. As one business leader aptly described, this is akin to focusing on the rear-view mirror instead of looking ahead. Furthermore, the inadequacy of risk management skills is apparent in the tendency to only recognize threats as risks, often overlooking the opportunities that lie ahead.
Based on a Dissertation I completed in 2006 titled “Integrating Risk Identification Process into The Objective Setting Process” (Ndlela_Ngqalabutho_2007.pdf (ukzn.ac.za), and my experience in managing risks over the past 20 years, here are some basic logical lessons in enhancing an organization’s decision-making and strategic planning capabilities. To illustrate how to integrate risk management into decision making and strategic planning, we will use a FinTech start-up as a case study.
Analyzing Your Current Position: Setting the Stage for Future Success
It is crucial to gain a comprehensive understanding of your strategic baseline and risk maturity levels before envisioning the future of your business or organization. Utilize powerful tools such as PESTLE analysis, SWOT analysis, and Porter’s Five Forces framework to assess your current position in relation to your desired destination. By leveraging these tools, you can gain valuable insights into the FinTech landscape, whether it pertains to your country, region, or the global market. Conducting at least a PESTLE and SWOT analysis will provide key insights into existing business conditions, which may later manifest as potential risks. This thorough analysis sets the stage for informed decision-making and proactive risk management.
Option / Scenario Formulation:
At this stage, you are formulating options and carefully weighing the available options to make a well-informed decision. Strategic Risks that you have identified should guide your decision-making process. Unlike Operational Risks, there are no strict rules on how to identify and assess Strategic Risk Scenarios. However, having a thorough understanding of the current environment through methods such as PESTLE Analysis, SWOT Analysis, and PORTER’s Five Forces will provide you with valuable information on variables that could potentially evolve into Threats or Opportunities in the next 3 to 5 years, or even longer. For example, the young population in Africa presents opportunities over the next 5 years for the youth who will be comfortable using FinTechs as banking platforms.
It is crucial to analyze current global, regional, country, and industry risks to identify Opportunity Risks for which you will need to develop solutions. For instance, FinTechs can develop solutions to minimize the imminent Digital Devide in 3rd World Countries by creating accessible solutions for the poorest of the poor. Born digital and global FinTechs are better positioned to develop solutions that can prevent cyber attacks in the financial services industry.
When formulating your vision at this stage, it should be informed by global, regional, country, and industry risks, as they may present opportunities to exploit in the medium and long term. These risks should also inform the strategic objectives you formulate. For instance, setting up new operations in a country as part of its strategic intent to become a leader in 4IR Technologies and introducing tax incentives for tech companies. At this stage, having an understanding of the resources required to optimize downside risks and/or to exploit identified opportunities should inform your decision about where you want to go.
Choosing the Right Direction – Option Selection:
In this phase, you solidify your vision and determine your focus areas and strategic objectives to accomplish it. It is crucial to have a clear understanding of the risk scenarios associated with your vision and its related strategic objectives. A comprehensive comprehension of strategic risk scenarios will enable you to establish SMART strategic objectives. For instance, understanding a risk scenario linked to extended economic stagnation due to the prolonged impact of COVID scars will significantly influence the strategic objectives set for your FinTech start-up.
Key to Success – Rallying Support and Securing Resources:
When determining the financial and non-financial resources required for the successful implementation of your plans, it is crucial to incorporate risk optimization and exploitation action plans. These plans should seamlessly integrate into your strategic blueprint and operational plans. Avoid unnecessary separate risk registers monitored by a dedicated committee. Instead, when communicating and cascading your strategy, ensure that significant risks, risk optimization, and exploitation plans are an integral part of your strategic or operational plan.
Now What – Execution:
It is crucial to incorporate Risk Management KPIs into your organization’s annual performance plans. As you oversee the execution of your strategy and make necessary adjustments, be sure to incorporate risk optimization and exploitation plans. Evaluating and reporting on the effectiveness of your risk management initiatives should be an integral part of both your strategy and operational performance reports. Avoid developing separate, redundant risk management processes that do not contribute value to business management.
Developing a Culture of Effective Risk Management:
Achieving success in integrating risk insights into decision making and strategic planning relies heavily on upskilling your employees in integrated risk management. Additionally, it requires senior management to demonstrate a commitment to this culture and establish clear risk management KPIs that are an integral part of all employees’ performance management and development system.
An Illustration of Integrating Risk Insights Into Decision Making and Strategic Planning Processes
Concluding Remarks
While there are those who argue that Imagination is more important than existing knowledge, it is evident that the display of intellectual poverty by some risk management professionals who recycle old concepts as new ones is concerning. This lack of innovation does not contribute anything new to existing risk management knowledge and should be discouraged. Failure to do so could result in risk management being perceived as a mere compliance requirement or a money making scheme, rather than a facilitator of business success.
As we move forward, it’s crucial to steer clear of the “Poor Sculptor Syndrome,” where individuals blame their tools for subpar work instead of focusing on honing their skills. It’s essential to question why the 12 Risk Management Concepts, clearly outlined in a 2005/06 research, are still being recycled as “new” risk management knowledge. We need to conduct a thorough diagnostic to understand why, even two decades later, these concepts have not been fully integrated into some organizations’ decision-making and strategic planning processes. Part of the answer lies in the following risk management improvement opportunities:
Enhancing Risk Management Skills and Capabilities in Early Learning Stages: It is imperative for institutions of higher learning to incorporate basic strategic planning and integrated risk management modules into all certificate, diploma, degree, and postgraduate programs. In the African context, business schools should emulate their American and European counterparts by introducing integrated risk management modules in all MBA programs, along with offering risk management short courses. Managing risks should be ingrained as a fundamental aspect of life and culture, transcending beyond a select few individuals.
Integration of Risk Management KPIs: Organizations should seamlessly integrate risk management key performance indicators (KPIs) into their overall KPIs. Furthermore, every employee within an organization should have specific risk management KPIs as an integral component of their individual performance and development.
Transparency and Disclosure in Risk Management: The culmination of an effective risk management program lies in the timely identification of risks and the proactive, effective optimization and/or exploitation of these risks. It is high time for regulatory authorities to mandate organizations to disclose their top 6 to 10 risks and their efficacy in managing these risks, encompassing both downside and upside risks.
Your article helped me a lot. what do you think? I want to share your article to my website: gate io