Risk management has never been as important as it is now, due to the massive disruption to businesses and economies caused by the coronavirus crisis.
According to Atul Vashistha (pictured), founder and chairman of Supply Wisdom, many risk management programs were ineffective even before the pandemic, yet some organizations still insist on using them.
“Pre-COVID risk programs were periodic and reactive in nature – meaning they gave the client a view into the inherent risks of a third-party at a single point-in-time with no early warning,” Vashistha told Corporate Risk and Insurance. “Unfortunately, with this approach, the data quickly becomes stale or even misleading. And without an early warning of risk events, efforts are too late to effectively mitigate risks and avoid costly business disruptions.”
He added that these practices also focused on risk across a limited risk aperture and ignored threats around solutions maturity, clients, governance and more. They also did not take into account location-based risks, which were especially important throughout the pandemic.
“Organizations insist on relying on these outdated risk practices because risk leaders are resistant to change,” Vashistha said. “They fail to understand that new risk solutions – because they are leveraging automation and big data – are actually more effective and cost efficient than their old solutions.
“Adopting new approaches and a new model requires reengineering of their existing processes and has the potential to require changes to their talent mix. The resistance to adoption is that you have to create buy-in from all the groups within the organization. The only way to overcome this is for senior leadership to sponsor the change because they want to see it happen.”
A continuous approach
To adapt to changing times, business leaders must update their risk management approaches, taking into account the various learnings the pandemic has brought to light.
According to Vashistha, leaders can modernize their risk management by adopting a continuous approach. This will allow for early warnings of any changes in the risk environment.
“In order for this to be effective, businesses need to widen the risk aperture to include location-based risk monitoring and other third-party risk categories such as governance, people, compliance, clients and solution maturity to ensure that they see risk coming, no matter the source,” he said.
Businesses must adopt automation and other new tools and services that enable the transformation of risk data into actionable intelligence. This intelligence, he said, will drive efficient and effective risk management decisions.
“Many leading brands are establishing a permanent, proactive risk management program like a risk operations center to continuously monitor for changes and events, assess potential impact, plan risk mitigation actions, track incident resolution and identify risk trends.”
Atil Vashistha founded Supply Wisdom in 2012. He also serves on the boards of the US Department of Defense Business Board (vice chair), IAOP, Shared Assessments, and Zemoga. He has authored three books: The Offshore Nation, Globalization Wisdom, and Outsourcing Wisdom