Senior executives continue to wonder why they are continually
surprised by certain incidents or events that take place within their
enterprise. Operational Risk exposure is hard to manage, without a
robust risk management system that is constantly monitoring the business
environment you operate in and the people that work within that
environment.
If you asked any CEO of a Fortune 500 company about their current financial condition or market position they would be able to answer with confidence and with valid facts and figures to support the statements.
Yet if you were to ask the same CEO, about their current exposure to Operational Risks, you may get a "Deer in the Headlights" look, followed by less than confident facts about their proactive, preventive or defensive strategies to address:
They are continually asking for more effective risk management systems from the organization and the CEO should be well versed in what, where, who and why they are addressing the threats and the likelihood of these events taking place.
The point is, as the CEO you have no idea when the next significant business disruption is going to take place that impacts the organization. Therefore, the CEO and the enterprise must accept the fact that these Operational Risk events are going to occur, and when they do, the CEO must know what to do immediately and who to assist them with the incident before them.
So if this is the case, that you as a senior corporate leader agree that you can't ever know where or when the next threat is going to take place, then the question presents itself, what are you and the enterprise doing "Today" to mitigate the threat or prepare for the response?
You see, every day is a training day and if the organization is not testing itself in some place or some way, the next incident that presents itself could be the final blow. The event that brings the entire enterprise to it's knees or the failure that changes the entire world's perception of who you are and what you represent.
With the stakes that high, wouldn't you want to know what people in the organization are doing each day to manage risks in their business unit, department and section? What are the contingency plans and when was the last time they were exercised? Is once a year enough, based upon the speed of change in your business environment? Maybe not.
Are you Indispensable? To your employees, your shareholders, your customers? The fact is that you and your organization are not as ready as you could be and you are not as indispensable as you want to be.
There are plenty of examples out there on the planet however, that make sense to model or examine and to learn from based upon the way they behave in the marketplace and the value they bring from being so consistent, reputable and resilient to all that the risk environment can throw at them. They are not perfect, but maybe close:
Of the top 25 industrial corporations in the United States in 1900, only two remained on that list at the start of the 1960s. And of the top 25 companies on the Fortune 500 in 1961, only about six remain there today.
Some of the leaders of those companies that vanished were dealt a hand of bad luck. Others made poor choices. But the demise of most came about because they were unable simultaneously to manage their business of the day and to build their business of tomorrow.
Today we take a moment to step back and view the longer arc of history. We’d like to share some of what we have learned—sometimes in humbling ways—on our journey so far.
A century of corporate life has taught us this truth: "To make an enduring impact over the long term, you have to manage for the long term."
If you asked any CEO of a Fortune 500 company about their current financial condition or market position they would be able to answer with confidence and with valid facts and figures to support the statements.
Yet if you were to ask the same CEO, about their current exposure to Operational Risks, you may get a "Deer in the Headlights" look, followed by less than confident facts about their proactive, preventive or defensive strategies to address:
- Governance, Regulatory and Compliance (GRC)
- Employee Ethics, Malfeasance, Fraud and Corruption
- Continuity of Business Systems Operations
- Supply Chain Cyber Resilience
- Litigation and Class Action Suits
They are continually asking for more effective risk management systems from the organization and the CEO should be well versed in what, where, who and why they are addressing the threats and the likelihood of these events taking place.
The point is, as the CEO you have no idea when the next significant business disruption is going to take place that impacts the organization. Therefore, the CEO and the enterprise must accept the fact that these Operational Risk events are going to occur, and when they do, the CEO must know what to do immediately and who to assist them with the incident before them.
So if this is the case, that you as a senior corporate leader agree that you can't ever know where or when the next threat is going to take place, then the question presents itself, what are you and the enterprise doing "Today" to mitigate the threat or prepare for the response?
You see, every day is a training day and if the organization is not testing itself in some place or some way, the next incident that presents itself could be the final blow. The event that brings the entire enterprise to it's knees or the failure that changes the entire world's perception of who you are and what you represent.
With the stakes that high, wouldn't you want to know what people in the organization are doing each day to manage risks in their business unit, department and section? What are the contingency plans and when was the last time they were exercised? Is once a year enough, based upon the speed of change in your business environment? Maybe not.
Are you Indispensable? To your employees, your shareholders, your customers? The fact is that you and your organization are not as ready as you could be and you are not as indispensable as you want to be.
There are plenty of examples out there on the planet however, that make sense to model or examine and to learn from based upon the way they behave in the marketplace and the value they bring from being so consistent, reputable and resilient to all that the risk environment can throw at them. They are not perfect, but maybe close:
Of the top 25 industrial corporations in the United States in 1900, only two remained on that list at the start of the 1960s. And of the top 25 companies on the Fortune 500 in 1961, only about six remain there today.
Some of the leaders of those companies that vanished were dealt a hand of bad luck. Others made poor choices. But the demise of most came about because they were unable simultaneously to manage their business of the day and to build their business of tomorrow.
Today we take a moment to step back and view the longer arc of history. We’d like to share some of what we have learned—sometimes in humbling ways—on our journey so far.
A century of corporate life has taught us this truth: "To make an enduring impact over the long term, you have to manage for the long term."