Risk management can easily become a money pit of time, expense, and resources. Many organizations have spent millions just trying to get to a point of relative security and planning, only to find that they are in fact underprepared for some eventualities. This article by Michael Herrinton looks at what maturity looks like in practice, citing top performing companies and what separates them from the rest of the pack: setting risk strategy, embedding risk management, optimizing risk functions, and improving controls and processes:
Following in the footsteps of top performers in these four key areas is not easy. Little will happen without the right tone from the top and the commitment to change the culture of the business. Senior executives will need to change the way they incorporate risk considerations while making key business decisions. They will need to communicate openly with all stakeholders about what that change looks like and what it will mean. And most importantly, they need to be consistent and hold the organization accountable for risk management in all they do. For companies looking to take their risk management practices to the next level — to reach beyond compliance to address the issues that can add strategic business value — there is no better time. It will take a multi-pronged effort, but companies that choose to move their risk management practices up on the maturity scale have an opportunity to boost profitable growth and outperform their peers.
Will it be easy to institute the four key areas mentioned in the article? Probably not, but keeping them in mind whenever you have the time and resources available to revamp your risk management will certainly give you a head start on increasing the maturity level of your risk management processes.