Managing Risk, Exploiting Opportunities in a Dynamic Business Environment By: Rose M. Thompson, DBA, MBA, CPA, CGMA
Introduction
T
he increasing uncertainty, volatility, and complexity of the
resilient to change. It is also important for business leaders
global business environment due mainly to geopolitical
in general, and particularly, senior management to develop
tensions, exponential disruptive technologies, cyber
a mindset of thinking strategically about how to manage
threats, regulatory reforms, slowing global growth, money
risks created by the uncertainties in the internal and external
laundering, significant natural disasters, and other emerging
operating environment.
developments create significant potential risks that, if not managed effectively, can negatively impact the ability of
ERM, which is an iterative process involves identifying, assessing,
organizations to achieve their business objectives. This changing
and treating uncertainty and related risks as well as opportunities
risk landscape also presents opportunities that business leaders
that could affect the outcomes of an organization’s objectives.
can exploit to create value for stakeholders. With the increase
Importantly, ERM processes consider risk in the strategy-setting
in frequency, and complexity of risks that organizations now
process and provide the board of directors and managers with
face, it is important to more effectively manage risks while
a better understanding of how risk affects performance. ERM
exploiting opportunities within an integrated risk management
also provides confidence that all levels of the organization
framework.
are attuned to the risks that can significantly impact strategy and performance, and that these risks are being proactively
Although risk management is a proactive process that considers
managed. Leading frameworks such as the Committee of
both upside risk and downside risk, and seeks to minimize the
Sponsoring Organizations of the Treadway Committee (COSO)
impact of uncertainty and negative outcomes while exploiting
framework (2017), Enterprise Risk Management – Integrating
opportunities, its activities are traditionally uncoordinated, ad
with
hoc and siloed. Moreover, risk management focuses mainly
Organization
on operational and compliance related risks, while ignoring
31000:2018 - Risk Management guidelines provide approaches
strategic and emerging risks, the risks most likely to significantly
that can assist organizations to develop the culture, capabilities
impact an entity’s ability to achieve its business objectives.
and practices integrated with strategy-setting in managing risk
Consequently, risk management processes are considered
to create, preserve, and realize value. These principles-based
to be ineffective and not adding value to decision making. As
approaches to risk management are applicable to organizations
organizations navigate uncertainties that create complex and
of all sizes. Although smaller organizations are typically faced
interconnected risks to their business models and operations
with less organizational complexity and bureaucracy, they can
the need for a robust enterprise-wide risk management (ERM)
also benefit from a strategic and structured approach to risk
approach has never been greater. In this dynamic business
management.
Strategy
and for
Performance, Standardization’s
and
the
(ISO)
International
standard,
ISO
environment, organizations need to be more adaptive and Dawgen Global Magazine
19
