The Organizational Drag of Risk Management Must be Diminished

The Organizational Drag of Risk Management Must be Diminished

Regulators and organizational leaders were largely unprepared for the 2008 financial crisis, but reacted strongly after it occurred. This has led to a situation in which risk management’s operational drag in most large firms has now become too big and has to be reduced. A 2014 paper by CEB shows data taken from its members that only 6% of time spent by audit departments on risk types is spent on strategic risks. While this category is responsible for 86% of the significant losses in market value over the last 10 years. And on the other hand, no less than 52% of time is spent on financial, legal and compliance issues, while such issues only account for 5% of all significant market value losses.
The conclusion is that nowadays risk departments are looking for risks in all the wrong places. In reaction to market turmoil, companies have been increasing their governance and risk management budgets. But an excessive or even exclusive focus on risk prevention and formalized risk management processes has created an unintended consequence referred to as “Organizational Drag”. Organizational drag is a situation of slowed down decision making and execution in organizations, making them less agile and less effective. Many companies have become risk-averse, have duplicated risk efforts in various risk departments, and put too much focus on the risk management process instead of the people who are the biggest source of risk.

Recommended Changes in Risk Management by CEB are:

1. INCORPORATE RISK MANAGEMENT IN STRATEGY FORMATION, establishing a healthy risk appetite.
2. COORDINATE DISPARATE RISK INFORMATION FOR DECISION MAKERS, for example asking operational managers only for what is really needed - and only ask them once.
3. MANAGE HUMAN BEHAVIOR AS PART OF THE RISK MANAGEMENT PROCESS, for example screening people - not just processes - for risk indicators and involving more people in the decision-making and risk assessment process.

⇒ Do you agree that the focus of risk management:

• Has become too operational and process-oriented (financial, legal and compliance issues), and
• Should move from the defense (value protection) to the offense (value creation)?

Thanks in advance for sharing your opinion!

Source: Reducing Risk Management’s Organizational Drag, CEB, 2014.

		Steven Cooke
	Risk Management Misdirection Yes, of course companies should focus on value cre (...)

		Love Lonnroth Management Consultant, Sweden
	Risk Management Should Be Lean or Agile Thank you Jaap for bringing up an important issue. (...)

		Stephanie Dolan Entrepreneur, United States
	The Customers' Trust of your Business Personally, I believe if we tabled just for a mome (...)

		Keatsen LIU Professor, China
	Risk Management not Only an Organizational Drag Thanks for this hot topic. Risk Management is not (...)

		jorge anibal hoyos hoyos Manager, Colombia
	Everybody Must Execute Risk Management At every level, component, procedure into the comp (...)

		Dr Robin C Hesler Canada
	The Organizational Burden of Risk Management The subject refers to "strategic" which means to m (...)

		Juan Manuel Ugarte Professor, Mexico
	Avoid Over-regulation of Risk Management Thanks to the Editor for the discussion of this to (...)

		ELIZABETH DELGADILLO UBALDO Professor, Mexico
	Risk Management Not Only About ISO 31000 It is very important today in all companies that t (...)

		jorge anibal hoyos hoyos Manager, Colombia
	Everybody Must Be Educated on Risk Management I think all people must be taught how to identify (...)

		Barney Wade Howard Manager, United States
	Risk Management is Needed But Not Need not be Complicated Today more than ever this topic is a hot one. Howe (...)

		Juan Manuel Ugarte Professor, Mexico
	Proportionality of Risk Management As I wrote @earlier, criteria such as proportional (...)

		Briolett Manager, Canada
	Risk Management & Business Ethics If businesses acted with integrity there wouldn't (...)

		Kasper Hiddema Student (University), Netherlands
	Best Practices for Dealing with Risk in Organizations Indeed in the wake of a crisis, both regulators an (...)

		Jaap de Jonge Editor, Netherlands
	History of Risk Management in Business Banks Until the 1980s, business and investment ba (...)

		John Maddalena
	Involve Risk Champions in Strategy Meetings for Risk Implications Agree with the views in the topic. While I apprec (...)