Implement a Simplified But Effective Risk Management System

This is the only practical risk management course that seeks to equip you with essential how-to knowledge to develop a simplified but effective risk management system, especially for small-sized organisations or entities. This course sets out the step-by-step simplified approaches and practical considerations for developing and implementing your organisation’s customised risk management system without over-engineering it.

At the end of the course, you will acquire practical but relevant information that will enable you to develop and implement your organisation’s simplified risk management system with minimum effort and with maximum results and outcomes.

This course has been developed based on my in-depth experience working alongside small-sized organisations that have often struggled with putting in place the right-sized risk management practices that are effective and do not take up too much of their time and resources.

What I have often seen (and read) is that many smaller organisations implement the ‘standard’ risk management practices that are commonly found in larger organisations without much thought or understanding as to whether it is fit-for-purpose, and whether it is effective and efficient.

Unfortunately, many of these smaller organisations, especially not-for-profits, adopt these risk management ‘standard’ practices without fully understanding the essence and purpose of risk management, which is to increase the likelihood and extend of their organisational success, and to achieve organisational objectives within their given limited resourcing level.

I am conscious that these small organisations do not have dedicated staff to do risk management.

Instead, identifying and managing their risk, whilst it is an important management practice, is a small part of many other management actions they have to do as part of their everyday work. In most cases, many small-sized organisations do not have money to hire people to do their business-as-usual work.

To overcome many of the issues and challenges faced by small-sized organisations in implementing a robust but effective risk management system that does not take up too much time and effort, I have developed a strategic risk management approach that is both effective and simple.

Let’s avoid over-engineering things. Life is already over-complicated that it has to be.

Having a ‘complicated’ or ‘off-the-shelf’ risk management practice is like using a mallet to kill a fly. And I see it all the time. It is truly a waste of time, a waste of precious limited organisational resources.

The key to implementing a successful and effective risk management system is to ruthlessly implement additional treatments that will only increase the likelihood and extend of their organisational success and achieve organisational goals.

Many organisations that I have been involved in as an independent member of their risk committee, as a board member, and have seen through my advisory work have put so much effort into documenting their risks in a risk register as a compliance exercise that they have neglected the essence of risk management, that is being successful.

There is no discipline in ensuring that additional treatments are implemented within the stated timeframes. There is no simplified way of ensuring that their organisation achieves their stated objectives within the clear boundaries of risk-taking and opportunity-seeking, which is their risk appetite and risk tolerance.

Many organisations have also struggled with articulating and applying the concepts of risk appetite and risk tolerance in their organisation.

Therefore, it is pointless to have a ‘great’ documented risk register with lots of nice or fluffy words when it does not do its job of mitigating the identified risk to an acceptable level of risk tolerance.

There is poor execution and completion of the proposed mitigation actions, which only leads to poor organisational performance.

The only way we know whether an organisation is doing effective risk management is when the organisation is successful and achieves its stretched goals and objectives. Given that risk management is an objective-focused concept, your discussion of organisational performance and risk information must go hand-in-hand.

Great organisational performance must be conducted within the clear boundaries of risk-taking and opportunity-seeking. There is nothing wrong with having lots of critical risks that are well managed in a well-performing organisation.

The reality is that many of the risks documented in risk registers are common risks that organisations may face. There are not many unique risks that would require a new description or analysis.

For me, there is enough historical information available to tell us not to reinvent the wheel in spending too much effort on the content of the risk register, but focusing instead on the actions arising out of documenting, mitigating the risk, and performing well within the boundaries of risk-taking and opportunity-seeking.

Instead, the critical success factor of any risk management action is to focus on action-taking.

The key is to implement all planned or additional treatments to mitigate the risks, commencing with those treatments that are related to the highest level of risk. It requires organisations to ruthlessly implement mitigation actions and religiously track the implementation progress of all proposed treatments, especially those that relate to issues, or known events that is currently in play.

It is pointless to document proposed mitigations actions in risk registers when there is no discipline in completing their implementation. The level of risk will not be reduced with poorly executed treatment actions.

Organisational risk registers should document only effective controls that matter most to either mitigating a downside risk or maximising an upside risk or opportunities. These controls must also be actionable or controllable for the organisation to achieve its objectives.

To be successful in creating an effective risk management system that enables your organisation to achieve its objectives within the boundaries of risk-taking and opportunity-seeking, you need to try a different approach by having a renewed mindset. You need to be creative in your approach to risk management if you want to achieve your objectives.

As the saying goes, “Insanity is doing the same thing over and over and expecting different results.”

If you are expecting a better outcome, I have provided you with the framework and guidance for you to think strategically without wasting any more time and effort. All you need is a renewed mindset to develop something implementable for your organisation, rather than seeing risk management as a compliance exercise.

If you forget everything you have read, remember this – effective risk management will enable you to be successful. It will help you achieve your objectives by implementing the right-sized actions to keep you on track to achieving your objectives.

When you enrol in the course, you will also get a template of a complete risk universe and sample likelihood and consequence rating tables for small-sized organisations in MS Word format.

Who this course is for:

• Board members and CEOs who want to simplify their risk management system and to achieve their objectives and become successful within acceptable boundaries of risk-taking and opportunity-seeking
• People who are struggling or have struggled with implementing an effective risk management system that works in their organisation
• People who want to try something different to revitalise their risk management system
• People who don’t have a lot of time or resources to implement and maintain an effective risk management system
• People who want to simplify their risk management system
• People who want to improve organisational performance through better risk management
• People who are responsible for developing or implementing a risk management system that works
• Risk management professionals who want to improve their current risk management system
• Risk management professionals who want to improve their organisational performance through better risk management