A strategic view of holistic risk management

Achieving a holistic and strategic approach to risk management requires a number of organisational measures. Holistic risk managment , written by The Economist Intelligence Unit and sponsored by SAP, investigates the organisational measures companies must take to address the totality of the risks they face.

“Every company in every industry in every country is at the risk of being disrupted or supplanted—like Blockbuster or BlackBerry,” says Michael Kearney, national managing partner of strategic risk services at Deloitte. While it can be difficult to engage senior executives in conversations about individual risks such as succession planning, “there’s not a CEO in the world who doesn’t want to talk about disruption”.

They are right to be concerned. According to the Corporate Executive Board (CEB), a member- based advisory company, 86% of the most damaging risks to shareholder value over the past decade have been strategic risks, such as competitive incursions and falling demand for core products.

Most companies are not equipped to handle these strategic risks, the CEB reports. They may not understand how to audit them, and responsibility for individual risks—such as legal, audit, cyber security and safety—is divided among separate divisions. Even different functions within risk-management departments have their own separate duties.

As a result, there is confusion as to which department is accountable for which risks, and senior managers are forced to wade through numerous, often contradictory reports with
no clear coherence or prioritisation. This slows the process of making strategic decisions and creates a drag on growth, according to the CEB. A survey it conducted in 2014 showed that 91% of organisations are therefore planning to reorganise their risk-management approach.

There is evidence that a holistic and strategic approach to risk management pays off. A
2015 PwC survey “Risk in Review,” shows that over the past three years, 55% of companies deemed leaders in risk management recorded increased profit margins, and 41% achieved an annual profit margin of more than 10%. “When companies focus on this, they have an edge,” says Brian Schwartz, who leads the US governance, risk and compliance practice at PwC. “There is a strong linkage with aligning risk management and strategy to driving performance.”

But achieving a holistic and strategic approach to risk management requires a number of organisational measures. As this report explains, the aim of these measures is to improve cross- organisational communication and to link risk- management controls to the strategic objectives of the company.