New Strategies for Managing Risk are Mandatory in Today’s Business Environment
Published: Feb, 2016 in industryweek.com
By: Srini Ramabhadran and Mieke Jacobs
Risk-based planning is a familiar concept for most companies. Many business leaders realize that the right operational risk management (ORM) system helps to lower operating and auditing costs, reduce operating loss, increase customer and staff satisfaction, optimize insurance coverage and premiums, and promote compliance with regulatory requirements. Also, the operational discipline cultivated as part of an effective ORM system allows leaders to maintain consistency and reliability while maximizing efficiencies throughout their manufacturing and production processes. But recognizing the importance of risk management doesn’t always translate to having an effective strategy or system in place. Adopting a strategic approach to ORM can ensure the optimization of resources while maximizing risk reduction. Not all ORM strategies are the same, nor should they be. Organizations must develop a strategy that complements their business model and operations. This requires a solid understanding of the specific risks they face, as well as the people they employ, and then fully integrating the system into the company’s day-to-day operations.
Risk Is Not Universally Defined
Risk is assessed by evaluating the potential for incidents along with the degree of impact they could have on an organization should they occur. That means enterprises face a wide spectrum of potential risks, ranging from high frequency/low severity risks to low frequency/high severity risks, and everything in between. The range of risks may vary between one company and another depending upon several factors, such as physical location, prevailing culture, competency and operating discipline. Given the wide range of potential risks and a limit on the resources that a company can devote to risk management, it makes sense to adopt a strategy that assigns appropriate effort to potential risks. There is no one- size-fits-all approach to mitigating the risks a company faces, and it is simply not practical to address all risks with the same level of intensity.
Companies have had success adopting what dss+ refers to as a “differentiated risk” approach. This strategy ensures that appropriate effort and resources are expended based on the specific risk profile of the industry and business in which a company operates. This results not only in optimal risk management for an organization, but also ensuring value for the investment, giving companies a competitive advantage in their business sector (see figure 1 on the PDF). Successful ORM lies in identifying, evaluating and controlling losses and differentially managing associated risks.
Understanding the Human Element to Risk
Despite the well-intentioned efforts around risk management systems and organizational work processes, incidents can still happen. That’s because people design, operate and maintain an organization’s assets, fleets, and equipment – and people aren’t perfect. dss+ research shows that 82 percent of incidents within the workplace can be attributed to poor decision- making. One way to reduce incidents is to understand what influences employees’ decision making.
Companies can enhance safety performance in particular by understanding the behavioral characteristics of their workers. Employees make decisions based on what they think and feel. There is also a social context that factors into decision making, which includes the social norms and unwritten rules that influence an individual’s or team’s behavior. Understanding mindsets and behaviors can help companies create a performance culture that can achieve superior results. Often, the impact these behavioral contexts has on outcomes is significantly undervalued.
Integration is Essential
When managing operational risks, it is tempting to assign only technical solutions to problems or risks that arise. However, an exclusive focus on worker and process safety elements is inadequate. And while companies that actually consider behavioral impacts on incidents and focus on managing and reducing risk rather than simply driving compliance to systems or procedures are the most effective, neither technical solutions nor behavioral solutions alone are sufficient to fully address operational risks. What is optimal is an integrated approach (see figure 2 o the PDF) that addresses all the elements of a successful ORM system:
This integrated approach allows companies to protect their people, their assets and ultimately, their bottom line.
The Goal – Cultural Maturity
For an organization to perform at the highest levels in the context of risk management, each and every employee, from the C-suite to the shift worker, must possess a commitment to operations that go beyond merely reacting to incidents to actively preventing them. Achieving this cultural maturity is the true measure of the strength and effectiveness of a company’s integrated management system.
When DuPont experienced a plateau in corporate safety performance in the early 1990s, then- Chairman and CEO Ed Woolard commissioned a study that found the maturity of the safety culture at DuPont had a direct impact on safety performance (as measured by total recordable injuries). This relationship came to be illustrated in the dss+ Bradley Value Curve™.
In the last two years, our experience with clients has shown that companies that have evolved toward a more mature risk culture of interdependence reap the dual benefits of reduced incidents and improved productivity. They are able to mitigate risks while maximizing opportunities for sustainable value creation. They also are able to allocate appropriate time, attention and resources to deliver improved performance. Based on these findings, we’ve developed the DuPont™ Bradley Value Curve™ that adds the Dimension of operational excellence and provides a more holistic picture of the impact cultural maturity can have on productivity (see figure 3 on the PDF).
Seven Steps to a Successful ORM Program
Today, companies that want to deploy an effective ORM program face a number of headwinds. In recent years, rapid shifts have occurred in the operational landscape of many organizations, particularly those in the industrial sector. Companies are now more global than ever with larger and more complex supply chains. They need to manage an expanding list of regulatory requirements, and the explosion in social media means their activities are scrutinized more closely than ever before.
Most notably, it is increasingly difficult in today’s environment for organizations to secure adequate funding necessary to ensure their ORM strategy continues as an ongoing program. Research recently conducted for dss+ by independent consulting firm Verdantix found roughly two out of every three organizations (65 percent) claimed lack of available budget was a significant barrier to securing funding for ORM programs.
Based on this research, in which 75 senior leaders across eight industry sectors spanning 10 countries were interviewed to determine their perceptions of ORM strategies within their organizations, dss+ recommends seven steps companies should follow to implement a successful ORM program:
Developing effective ORM programs to successfully mitigate risk should be a priority in today’s competitive business environment. It requires that companies not only structure a program that is unique to their business operations and engrained into the day-to-day activities of every employee at every level of the organization, but also that enterprises make an ongoing commitment to ORM despite the many challenges they currently face. Companies that adopt a long-term view and take the necessary steps to implement ongoing ORM programs today will reap the benefits of a safer and more successful organization in the future.