Can you spot the shark-like risks in the murky waters of risk management?
Every company has its own version of a shark — something lurking beneath the surface that could be a threat to the organization.
If your business is reliant upon tourism in a beach community, the last thing you want to hear is someone yell, “shark!”
That’s exactly what happened to the Cape Cod tourism industry the past several summers. While your organization might not be threatened by actual sharks, the situation is a metaphor for a larger issue in business. Every company, in every industry, has its own version of a shark — something lurking beneath the surface that could be a threat to the company.
For a logistics business, a “shark” could be a road accident. For a food processing company, maybe it’s a contamination issue. Health care organizations might consider it to be patient safety. Whatever your business is, you likely have your own shark-like risk.
But, in keeping with our metaphor, that doesn’t mean you have to be afraid to stick your toe in the water. The right tools and approaches can help you identify, mitigate, and manage the risks that pose the biggest threats — even the ones that haven’t yet reached the surface.
How to spot the sharks
The business environment has evolved drastically over the past five to 10 years. Remote work is commonplace. We rely on technology to do almost everything. Digital mediums have made it even easier to do business on a global scale. That evolution has changed the risk landscape. Cybersecurity is now a huge issue. Oversight of remote workers and contractors brings new employee laws and conditions into the picture. And business functions dispersed across the globe make it harder to maintain control and transparency into all business activity.
Risk management practices, however, generally haven’t evolved with the landscape. Many organizations are still dependent on traditional approaches, which are unable to assess or address risk on a broad scale because ownership is decentralized. The product team is focused on handling risks most pertinent to their work, legal is focused on ensuring compliance, IT is focused on protecting against cyberattacks, and so forth. With each department using its own methods to track, monitor, and document risks — often using spreadsheets or other static mediums — it’s virtually impossible to get a clear, accurate, and real-timeline of insight into the true impact of risk on global objectives.
Cultivating a risk-aware culture through integrated risk management (IRM) is your best line of defense for mitigating and managing risks both below and above the surface. With the right technology, IRM can centralize risk ownership, pull key insights from all functions, and illustrate the relationships of threats across all departments in a visual and actionable way. By bringing that intelligence together into an integrated view, you can make better decisions and drive stronger risk management performance because the entire company is on the same page and proactively communicating as to where risks lie and the short- and long-term impacts.
Keep the sharks at bay
Consider the health care industry, where patient safety is a shark-like risk. Mitigating and managing this risk starts with a robust patient safety event reporting system. Since you can only fix what you know about, the more safety events you can capture, the better.
Old-school paper-based systems, however, make it difficult to collect and share accurate information. These forms can be hard to find or confusing to complete, which discourages reporting in the first place. Even when an event is reported, the information won’t do anyone any good if it goes into a file or lives in a disconnected system.
Integrated risk management technology makes it fast and easy to report a patient safety event. Mobile access and simplified forms mean more incidents get reported — and the data submitted is both accurate and complete. All patient safety event information is in one place, so you can spot early warning signs and concerning trends. This data then can be seamlessly linked with claims administration, patient experience, peer review, and more for a holistic view of safety and the impact across the board. When you know where your weaknesses are, you can focus your efforts accordingly — and keep those sharks at bay.
Every company has its own shark-like threats circling beneath the surface. And many of these “sharks” have gotten bigger, meaner, and have more teeth. But with the right tools, approaches, and mindset, you will be equipped to keep these “sharks” away from your shores.
Jim Wetekamp (riskonnect@corporateink.com) is CEO of Riskonnect, an integrated risk management software solution provider. Opinions expressed here are the author’s own.
Related: