Risk management is an easy enough concept for most—the process of identifying, assessing and controlling threats to an organization’s capital and earnings. But perhaps it is because it seems so simple, that many companies fail to successfully manage their risk.
Here are 3 common risk management failures and the warning signs:
1) Unnecessary risk taking
Reckless risk taking is when parts of the organization are taking chances on decisions that the board of directors or executive management neither understand nor approve. Companies need to better understand more disciplined risk taking during periods of rapid growth and favorable markets. Management’s reliance on decision-makers without limits, checks and balances and without independent monitoring and reporting is not a smart move, as is not understanding the risks inherent in their activities.
2) Inefficient or nonexistent risk assessment
This mistake happens when risk assessment activities are not identifying the critical enterprise risks effectively, efficiently and promptly. Often times, nothing is happening after a risk assessment is completed, beyond sharing the most current list of risks with company executives.
3) Believing an inability to measure means inability to manage
Many believe that if they cannot measure risk, they also cannot manage it. This is not an excuse to do nothing in terms of understanding and addressing risk. Because inability to measure a risk will not make it go away, it is important companies have an improved understanding, awareness and resulting communication of the risk to better monitor it.
Even with advanced technology and better understanding of risk assessment and prioritization, there are still many obstacles to managing risks effectively. Here are a few more obstacles involved in risk management and tips on how your business can overcome these.
I totally agree with this post. As a computer-based panic button system company, I deal with this issue often. It saddens me to know there are so many companies out there that are unprotected. What’s worse is most do not consider any of these security initiatives a priority.