New Manager

Risk Management: Learning to tackle operational surprises

Sivanesh Rajendran | Updated on January 24, 2018 Published on June 23, 2015


Knowing what can go wrong is key to getting things done right

Whenever you see a fatal road accident, do you strap up your helmet or feel this can never happen to you? If you do feel so, you are definitely from a world where ignorance is bliss. In this fast moving world, no one is immune to disaster.

This is true with any business enterprise. In order to be a successful, you need to take risks. That does not mean you should take blind risks; business is all about making informed decisions.

If this sounds familiar, then welcome to the world of enterprise risk management. Every leader, who understands this very nature of business risks, always craves to avoid operational surprises. So how do you channel your efforts to avoid operational surprises?

Every organisation needs to embrace a culture of risk management; just like the culture of TQM, TPM and Six Sigma that transformed the manufacturing sector.

The intelligence of what could go wrong helps getting the right things done.

Organisational culture

An organisational culture of openly talking about risks should be promoted. The thought of considering risk management as a cult of pessimism needs to be grandfathered. A risk-aware organisation has a better understanding about its strength and weakness.

It, however, is not the job of a few individuals at the corporate office. It is the responsibility of each and every individual.

Business users should be trained to consider risk in every activity. Even if the organisation has a designated Chief Risk Officer, he can at the most perform the role of a coordinator to standardise the process. The responsibility to identify and mitigate risks should always rest with business users, since they are the experts of their own process.

In many high-profile scandals, it has been found that people engage in malpractices not to financially defraud the organisation, but to show better performance. The possibilities of performance-related malpractices can be reduced through — Specific, Measurable, Achievable, Realistic and Timely (SMART) goal setting. The culture of looking at failure as an embarrassment needs to change. If there were SMART goals and an opportunity to improve, many of these malpractices would not have happened.

Promoting accountability

Apart from intentional fraud, most other operational surprises are due to oversight, negligence or lack of awareness.

Institutionalising a system of self-audit and self-assessment will promote voluntary compliance and accountability. A neatly designed self-assessment check list should bring out the regulatory and business requirements in a clear and concise manner. A system of self-assessment provides the opportunity of a business issue getting rectified before it goes overboard.

Stakeholders should not be penalised for issues brought to notice through self-audit/self-assessment, rather they should be given the opportunity to rectify. The composition of the organisation’s internal audit team needs to evolve with the business environment.

Moving away from the traditional job description of an internal auditor, the internal audit team should also comprise of engineering, IT and operational experts rather than just finance and audit experts. This is because the focus areas for internal audits are evolving beyond traditional business processes. Niche areas like cyber security and product lifecycle management are also responsible for business surprises as in the case of GM’s India unit violating vehicle emission norms. The Internal audit function within the organisation should be independent and objective. Though the business inputs may be considered, scoping of audits and audit plans should be the prerogative of the Chief Audit Executive as well as the Audit Committee.

The Chief Audit Executive must report to a level within the organisation that allows the internal audit activity to fulfill its responsibilities. The internal audit team should never assume responsibility for implementing a remediation action plan. All these independence requirements ensure that quality audit issues are brought to the notice of the senior management before they become surprises.

Whistle blowers

The most collusive and structured frauds have been brought to notice not because of internal/external audits but through some sort of internal leads. However prudent and diligent the audits, there is still a possibility of structured frauds surviving for years. This necessitates the need to have an efficient whistle blower system. This could be IT driven or manual.

Leads on fraudulent events need to reach the right individual within an organisation before it becomes public. The individual designated to operate the whistle blower system should be a person of high standing and integrity.

The identity of the whistle blower should remain anonymous. The leads gathered should be subjected to an impartial investigation before disciplinary action. This boosts the confidence in the system and ensures that even if the event does go public, the organisation will be better prepared.

There is no panacea to avoid surprises, but little improvements to governance go a long way in reducing the risk.

The writer is a Governance, Risk and Compliance Consultant at the Enterprise Risk Management Practice of Robert Bosch

Published on June 23, 2015

A letter from the Editor

Dear Readers,

The coronavirus crisis has changed the world completely in the last few months. All of us have been locked into our homes, economic activity has come to a near standstill. Everyone has been impacted.

Including your favourite business and financial newspaper. Our printing and distribution chains have been severely disrupted across the country, leaving readers without access to newspapers. Newspaper delivery agents have also been unable to service their customers because of multiple restrictions.

In these difficult times, we, at BusinessLine have been working continuously every day so that you are informed about all the developments – whether on the pandemic, on policy responses, or the impact on the world of business and finance. Our team has been working round the clock to keep track of developments so that you – the reader – gets accurate information and actionable insights so that you can protect your jobs, businesses, finances and investments.

We are trying our best to ensure the newspaper reaches your hands every day. We have also ensured that even if your paper is not delivered, you can access BusinessLine in the e-paper format – just as it appears in print. Our website and apps too, are updated every minute, so that you can access the information you want anywhere, anytime.

But all this comes at a heavy cost. As you are aware, the lockdowns have wiped out almost all our entire revenue stream. Sustaining our quality journalism has become extremely challenging. That we have managed so far is thanks to your support. I thank all our subscribers – print and digital – for your support.

I appeal to all or readers to help us navigate these challenging times and help sustain one of the truly independent and credible voices in the world of Indian journalism. Doing so is easy. You can help us enormously simply by subscribing to our digital or e-paper editions. We offer several affordable subscription plans for our website, which includes Portfolio, our investment advisory section that offers rich investment advice from our highly qualified, in-house Research Bureau, the only such team in the Indian newspaper industry.

A little help from you can make a huge difference to the cause of quality journalism!


Support Quality Journalism
This article is closed for comments.
Please Email the Editor
You have read 1 out of 3 free articles for this week. For full access, please subscribe and get unlimited access to all sections.