Observations of Risk Management Maturity – from First Attempts to High Reliability Organisations

http://laborlawyerkc.com/contact/ This post presents a reflection on the journey of a business from first attempts to best practice risk management.  It is drawn from Peter’s observations of companies over a 25 year period – and is prepared in the hope that decision making teams can identify where they are on the journey and identify a good pathway forwards for their businesses.

http://humanreconstruction.com/could-there-be-dangerous-chemicals-in-your-drinking-water/ The interactive graphic below shows this maturity pathway – run your mouse pointer onto each point to activate the hot-spot – which will open up an explanation / provide more data on the key points.  You can click here for another version of the graphic.

go here The key points in a concise list are:

  • Identification – decision makers identify that too many things are going wrong and can’t be managed just by having good people on board.  This aligns with the Vulnerable / Reactive steps in other models;
  • Resistance – the risk approach is seen by people in the business as another improvement initiative in a long line of similar adventures – an additional point it is the point where there is push back against the attempted change to a risk aware organisation;
  • Overload – everyone embraces the benefits of understanding and controlling risk – and work diligently to identify more and more problems with more and more required solutions (controls and actions).  This aligns with the Compliant phase of other models – and is the start of generating large volumes of documentation – which generally makes commitments to do more than is possible;
  • Restart (Repeats) – the whole system becomes unworkable so a task force is put together to try and solve the problem.  This is a step in most organisation’s journey – with lots of discussion and best practice discussions occurring – but the generally observed output of the process is a new risk assessment tool and replacement of the incident database – two activities which reset the organisation to commence back towards over-load but do little to “clean up” the body of commitments already generated;
  • Critical Controls – are identified as a potential way out of the risk soup that has been created – but their selection is typically intuitive.  This lines up with the Proactive / Resilient phases in other models – and is definitely a step forwards but still leaves many exposures in the compliance and traceability of documents;
  • Data Focus – the incidents, near misses and problems collected as part of implementing a risk management approach is information rich – and is now accessed in a way that yields the most value, until finally the whole combines in;
  • Pathways – which crystallize all the myriad of data points into powerful models for how the business could end up suffering a loss, provide a manageable suite of controls with critical controls highlighted and supported and are “fact backed” so that decisions made have the best chance of success in avoiding high consequence losses – keep an eye on this blog for more documentation on data focus and risk pathways which are a major focus for the ORM team with their clients at the moment.

average cost of viagra per pill It would be remiss of me to not offer to assist you in understanding more about this model – so please feel free to contact me for more information and expansion on these points.


Leave a Reply

Your email address will not be published.