How to pick the right tools for assessing risk
More and more, organisations are faced with increasing levels of assurance being required around risk management. Many struggle in the defensible and effective presentation of that assurance. One such tool being the risk register and associated risk matrix. This is something I’m particularly passionate about and something I look forward to addressing at the National Risk Management Forum 2017 at the Hilton Hotel in Sydney on Friday, 15 September.
I will be challenging delegates to pick the right tools for assessing their risk, based on the required depth of analysis and the level of assurance required by stakeholders. Sounds easy but it’s not. It’s the first critical step in establishing an effective risk context, and unfortunately one that most people tend to ignore — preferring to go straight to a risk matrix or risk register in a ‘tick the box’ approach — because it's the status quo.
Risk management is about the journey, not the destination. That is, we need to focus on the process of managing risk, over the simplistic presentation of cut and paste data that forms the smoke and mirrors that too often, risk reports represent. True defensibility lies in the intent to reduce risk to as low as reasonably practicable, and having the evidence to support it.
Using a risk matrix and risk register can be highly effective, not only in providing assurance, but also for assisting in making informed decisions — but only when the methodology and process behind the development of these tools and techniques is sound!
For example, is there a direct correlation between your organisation’s risk appetite statement and associated tolerances and the risk criteria used in your risk matrix? Is your risk register designed around the assurance parameters required by the stakeholders wanting the document? Is your register “really” operationally “living and breathing”? I will be working with delegates at the forum to answer, in detail, these questions and more…
Risk management is always evolving, and we need people with the right blend of technical skill, know-how and a deep commitment to the profession. I love helping organisations and industries take risk with diligence, because without it, we stop evolving, we stop dreaming. But the challenge is to ensure these organisations — and indeed risk professionals — take risks with the robust due diligence and defensible practice. Equipped with the right tools and techniques, we can shift our focus back to the real objective, not just pumping out reports for the sake of ticking boxes.
I encourage any professional with operational risk responsibilities committed to fast tracking their professional development to come along to the National Risk Management Forum 2017. You will be face-to-face with the top risk professionals in the country. Take this opportunity to learn from their experience and gain insight into the practical tools you need to help you manage risk in your day-to-day environment. I look forward to meeting you on Friday, 15 September in Sydney.
There’s still time to register — book today!