Every year, we spend billions of dollars on risk management initiatives, often without any subsequent assessment of the effectiveness of those risk treatments.
The volatility of recent years has rightfully called into question the effectiveness of current risk management processes. Investors, regulators, managers and the general public are all seeking greater accountability into both the positive and negative impacts of risk on organizational and societal future performance. The downstream impacts of the Japanese tsunami on the nuclear power industry, the Greek currency crisis, volatility of global financial markets and the rise of China and India are all examples of issues that require nothing but the very best risk management decisions that we can make.
Figure 1: Performance benchmarking doesn't always bring good news
Why bother with benchmarking?
The recent economic downturn has provided numerous examples of poor risk management performance, and the next one will be no different. The speed with which some major corporations meet their demise in each calamity rocks the confidence of investors. In many cases, the public has little if any, warning before the collapse of these organizations. Only when the impact of management mistakes crystallizes on the balance sheet (and when it is far too late to do anything) does the full magnitude of problems become clear.
Making an effort to benchmark can mean the difference between an average performance, or even failure, and a 'best in class' performance.
Figure 2: Some reasons and results why we should bother with Risk Performance Benchmarking
Managers and leaders at all levels are accordingly becoming increasingly accountable to their stakeholders for the delivery of key outcomes most effectively and efficiently. And risk management is no different in this respect.
The release of ISO31000 Risk Management Standard in 2009 heralded a new era of potential standardisation which, among other things, can help organizations measure the quality of their risk management and to do ‘apples to apples’ comparison from year to year or across industry sectors. The first step, however, is to build a risk management performance scorecard and, unfortunately, ISO31000 standard is relatively silent on exactly how to do that.
Being successful in terms of achieving objectives requires thoughtful and consistent optimization of resources and an ongoing process of improvement. Key Performance Indicators (KPIs) and performance scorecards are indispensable tools in this quest to establish, measure and achieve the best possible performance.
Keen to learn more? If this is something you want to delve into further, my book on risk performance benchmarking addresses a number of proven methods, examples and guiding principles for developing effective KPIs and scorecards to support and optimise the management of risks.
It builds on 50 years of experience in building risk management performance in a range of industries. Between us (Julian Talbot and Miles Jakeman), we have built risk performance tools for resources companies in Africa, the aviation sector in Asia, the $30 billion Australian Department of Defence and a host of other organisations. The tips, tools and lessons from these experiences have been condensed into this single practical book. It's almost free and you can find some of the templates on my website for free.
Past performance is not an indicator of future results. Plagiarism is the highest form of flattery. Please feel free to copy and paste as, and when, you see fit. All rights reserved under the International Copyright Conventions. No part of this article may be reproduced, replicated, reiterated, duplicated, retyped, transcribed by hand (manuscript or cursive), read aloud, recorded on audio tape, platter or disk, lip-synched, stored in a retrieval system, or transmitted in any form or by any means, including genetic, chemical, mechanical, optical, xerographic, holographic, electronic, stereophonic, ceramic, acrylic, or telepathic except by people who will use it for the forces of good. It may also be copied by anyone who posts an Amazon or media review (after reading the book painstakingly all the way through before writing their reviews.) without prior written permission from the authors (or the Wizard of Oz if you can't contact us).