In 2009 the article, Top Ten Risk Management Lessons and Trends from 2009, identified 10 risks and trends that were considered critical for organisations across the globe. We thought it was time to revisit these risks to see how applicable they are today.
1. Social networking
Risk Newstand has a dedicated feed searching for social media articles on the web and provides a heat map of articles across the world regarding social media.
The heat map details that the usage by organisations of social media has continued to grow and we are not seeing any signs of this risk diminishing in importance, particularly in the USA and Australia.
Some of the articles included in this feed during 2012 detail that organisations internal policies and procedures are becoming critical components of an effective mechanism to educate and inform their employees about social media and how to use social media, such as LinkedIn, Twitter and Facebook, as a competitive advantage.
We expect to continue to see social networking on the list of key topics for all organisations.
2. Cyber risk
This will forever be a hot topic from a risk perspective. The hackers of this world get smarter ever day and the networks they have established enable the easy sharing of their techniques and tools.
Cyber risk though extends beyond hacking attacks, to include compromises designed to obtain insider information, customer records and details for usage in perpetrating fraud. With all these different types of cyber threats, it is not surprising that this risk is an ever present hot topic.
3. Baby Boomer retirement (knowledge transfer & loss risk)
There have been a number of recent articles such as this recent article in AdelaideNow, “Older workers can fill the gaps“, highlighting the ongoing risks surrounding mature workers leaving organisations and taking their knowledge and experience with them. This knowledge transfer & loss risk could become an achilles heel for many organisations as they continue to deal with economic uncertainty and rising workforce costs. Mature workers could provide the transitional expertise for many organisations to navigate the risks of today and be better prepared for the risks of tomorrow.
4. Regulatory restraints
Organisations will continue to feel and experience the regulatory response to the global financial crisis (GFC) and the commercial events since the GFC for many years to come. Citizens of many countries are now able to be more active through social media, thereby increasing the government and regulatory response pressure. This means that this particular risk remains on the radar for all organisations across the globe.
5. Government privatisation
As detailed in our original posting this is definitely happening but perhaps in a less impactful manner than originally expected in 2009. Therefore, from a global perspective this has probably shifted outside the top 10 for most organisations.
6. Disruptive threats
This particular risk has definitely risen in potential with constant examples of models being changed through disruptive technologies and models. In particular, it is some of the smaller, nimbler players that will have the biggest impact and it is going to be important for incumbent organisations to consider how to stay in the game. To counter this risk we are seeing many organisations developing their own internal “Start-ups” so they can compete in an ever changing environment.
7. Workers’ compensation insurance
As detailed in our original posting, this has not become a significant global risk and therefore would not be in a top 10. Interestingly though, this is a risk that can easily be forgotten in risk assessments and that does make it a potential “blind-side” risk.
8. Medical costs for workers’ compensation
Consistent with the workers compensation insurance risk, this is another risk that would not be in our top 10.
9. Employment litigation
This is probably an ongoing “watch list” risk rather than a top 10 risk. Litigation in general, particularly in times of economic stress, can become a mechanism utilised to achieve organisation instability. This is particularly evident in the technology industry at the moment. From an employee litigation perspective, this is currently not a key risk but is once again a risk to always keep in mind.
10. Conduct Risk
We have renamed this risk from 2009 from “The employee non-disclosure risk” to conduct risk. This is the eternal risk for all organisations, as every day decisions and processes occur and therefore process errors are made. Human beings respond to their surroundings and the organisation culture in how they deal with these events. Every organisation must ensure it understands that errors happen and people may try to hide what they have done. This is even more present in cost reduction times where employees feel insecure in their roles. The focus must be on providing assurance over key activities/controls from a risk perspective, encouraging and rewarding escalation of incidents and issues, and employee education on culture and behaviour.
In addition to the 10 risks detailed above, we considered two additional risks in the 2009 article.
11. Human carelessness
As detailed in 2009, although we have moved to a world of computer automation humans are still involved in almost every process. Therefore the risk of human carelessness increases in proportion to the automation of activities, the expectation of multi-tasking and the merging of personal and work life. In 2012 this risk has only increased in probability.
12. Innovation for innovations sake
In 2009 we highlighted a fear that organisations change & innovate almost everything because it is fashionable rather than for a true customer purpose. This type of innovation creates risks on the operations of the business as well as the customer experience and employee frustration. In 2012 the continual pressure to innovate, simplify and improve processes, particularly to reduce cost and wastage, increases the ever present risk of error and failure. Organisations must manage the expectation of change with a balanced approach to manage the business risks associated with that change.
So, in four years what have we learnt?
The analysis we did on an article on the Top 10 Risks and Trends for 2009 could just as easily be an analysis of the top risks for 2013! Risk management may be evolving but it is clear that the risks faced by organisations across the globe are ever present no matter if it is 2009 or 2013.