In today’s business world, organisational risk is virtually unavoidable. Have you found that you are properly assessing and managing risk, or do you feel like you are continuously trying to get control? After all, your risk management strategy influences how your organisation operates. You need to comply with market, legal and regulatory requirements, and expectations. The thing about planning for risk is that it can make us fixate on potential threats.
The consequences of not managing external and internal risk appropriately can have significant consequences for the organisation and for individual executives and employees. The Australian Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry is a perfect example. Not only does the fear of mismanagement strike a chord for executives, but the potential for reputational damage to the organisation and themselves, plus the heavy financial impact.
Feel trapped in a vicious cycle?
Many organisations have found themselves trapped in what I like to call the “risk vortex.” They have lost sight of their main goals and guiding principles and instead become obsessed with risk assessment and risk management.
The risk vortex may start small, but it eventually finds a way to negatively affect the entire organisation. When a company spends too much time and too many resources focusing on risk, it also tends to create a restrictive work environment.
Even with our best of intentions and our decisions to provide structure to reduce the effects of certain types of risks, we find ourselves being exposed to other risks. The introduction of processes, systems, and technology capabilities to reduce risk or human errors can create overhead, as well as frustrate employees and even create a culture of mistrust. At times this can cause more harm than the original threats we hoped to protect ourselves against and can conflict with the values and culture promoted.
One of the types of risks created is ‘disengagement’. Many executives’ associate disengagement with productivity and don’t consider the risk exposure. When employees are disengaged, they are at best satisfied with the bare minimum level of productivity and focus. Which is why statistics shared from Gallup’s recent State of the Global Workplace: 2021 Report, that 80% of workers are not engaged or are actively disengaged, is incredibly concerning.
When it comes to disengaged employees in the context of risk, there are three concerns:
- Lack of attention leads to errors and ‘unintentional’ insider threats, which is the most common type making up two-thirds of incidents.
- A lack of situational awareness, they don’t even see there is a risk.
- A low ‘care factor’ if they do identify a threat or vulnerability, they see it as “someone else’s problem.”
This is why disengagement is so important and why you need to take a person-centric approach to reduce your organisational risk profile.
Escaping the Risk Vortex
The way out of the Risk Vortex is through the power of your people. People can create the greatest risk (inadvertently or maliciously) as well as your greatest opportunity. They are essential to navigating your organisation out of the Risk Vortex.
People are at the centre of all risk as it is their decisions, actions/inactions and ability to touch every aspect of your organisation that can determine the potential value or harm that they can bring.
Your risk management approach must support your employee’s ability to perform their functions. If your measures impede employees, they can become frustrated and creative to find work arounds to complete their work, leaving your business exposed.
By engaging and connecting with your people, the right way, you can empower them to be your organisation’s greatest risk management asset.
People naturally become aware of threats to the things that are important to them. Engaged employees want to protect the well-being of their organisation and colleagues. This desire to protect can provide the opportunity for employees to become human risk sensors – proactively sensing risk by raising their concern that something is not quite right.
When people are not engaged, they might see a potential threat and think it is someone else’s problem.
It is only by focusing on risk with and through your people, that are you going to truly solve your organisational risk exposure, navigate your way out of the risk vortex and drive transformational change.
This article first appeared on CEOWORLD Magazine
For more information on risk management, get in touch with us today!