In business, risk is like cholesterol. There are good and bad strains. Just like in health news, where bad cholesterol makes the headlines, the negative risks that face large organizations dominate — from cybersecurity threats and widespread employee misconduct to the latest round of geopolitical instability. Senior executives, as a result, tend to focus much of their attention on these negative events to the detriment of their growth ambitions.
“They oftentimes feel the need to play it safe either because they are overwhelmed by too much information or because they overweigh the risks attached to big decisions,” says Matt Shinkman, risk practice leader at CEB, now Gartner.
Expanding an organization’s risk appetite may be an unfamiliar role for some CROs
Chief risk officers (CROs) and other enterprise risk management (ERM) leaders are in a position to ease these concerns and join in with corporate strategy to help colleagues gain greater confidence in high risk and reward projects.
Read more: Efficient Growth: The New Finance Mandate
Position ERM competencies early
Expanding an organization’s risk appetite may be an unfamiliar role for some CROs. Attempts to allay corporate risk aversion have been widespread since the early days of recession recovery. Unfortunately, many of these conversations have happened within functional silos. The results are redundant surveys, ineffective templates and disengaged leaders unaware of the trade-offs needed to allocate capital to bigger, riskier investments that support current and future growth potential. This is what CEB, now Gartner, calls making “growth bets.”
To become an effective partner, CROs must position ERM capabilities early in the strategic planning process to assess the company’s range of growth ambitions. ERM leaders can then formulate risk implications for the stated growth goals and provide feedback to partners in finance and strategy.
CROs should also align the ERM team’s calendar with that of the strategy team. This ensures ERM planning is concurrent with the strategic planning process. Having assessed the full scope of growth ambitions across business units, the CRO is then in a solid position to lead a discussion on the risks associated with major growth bets. This discussion must focus on both positive and negative types of risk.
CROs have a key role to play in getting colleagues comfortable with the good kinds of risk
Providing a detailed understanding of these risks gives strategy the permission to think big and finance to fund big. However, even the most detailed discussions also require guardrails to keep initiatives within parameters that are realistic to the firm’s current financial state. Below are two tactics companies in the CEB, now Gartner, network have used with success.
When the strategy team of one banking company struggles to get a proposal approved, its ERM team introduces a decision tree tool to help bring clarity to the situation. When the time is right, the ERM team provides resources to help strategy collect risk information, set up a risk mitigation dashboard and review the plans. The ERM team will then sign off on these plans, which lets decision makers know it has vetted the proposal’s risks. The end result: Top executives cut the time used to debate the downside risks of a new project in half.
The ERM team of one large technology firm creates “safety nets” for projects that include project-specific metrics, metric trigger points that signal something has gone wrong, and contingency plans if the initiative hits those trigger points. Decision makers, now presented with ways to track and mitigate a risky initiative, feel more confident in making decisions and moving projects forward. This type of visibility and pre-planning helps executives feel they can comfortably look away until their attention is actually needed.
CROs have a key role to play in getting colleagues comfortable with the good kinds of risk. When these leaders take the right steps to get involved early in the strategic process, create partnerships across functional lines and enable real-time risk guardrails, they can help their colleagues make the most informed growth bets.