Organizations need an agile response to unexpected risks

By | 9:13 PM Leave a Comment

The average $5 billion company incurs delays of roughly 5 weeks per year in new product launches due to missed risks, with a $99 million opportunity cost, according to Gartner.

unexpected risks

Opportunity costs from missing risks

A survey of more than 382 strategic initiative leaders quantified the cost of missing risks in strategic initiatives. For an average $5 billion revenue company it amounts to $99 million annually in opportunity cost from delayed new product launches alone. Initiatives where unexpected risks are not surfaced and mitigated in a timely fashion are delayed by an average of five weeks per year.

Moreover, in a related survey of 111 emerging risk management (ERM) leaders just 6% felt that their organization’s risk response was timely during strategic initiatives.

“These findings show that risk response usually is not timely,” said Emily Riley, senior principal, research in the Gartner Audit and Risk practice. “But they also show the huge cost of an untimely response. The recent COVID-19 pandemic illustrates the need for an agile response to unexpected risks.”

Benefits of a timely risk response

Experts looked at how strategic initiatives performed against several measures and how this was affected by the timeliness of risk responses.

“The performance benefits of a timely risk response stand out clearly,” said Ms. Riley. “There’s a business opportunity here because ERM leaders expressed their desire to be more involved in supporting strategic initiative success.”

Seventy six percent of ERM heads said they wanted to increase the proportion of their time they spend on strategic initiatives. More than half said that their involvement should come at the earliest stages of a strategic initiative. Yet currently just 11% feel they are involved before an initiative’s execution.

Unexpected risks and information roadblocks

“The problem we often see is initiative teams are not getting the information they need to act on risks in a timely manner,” said Ms. Riley. “This is one area where ERM teams can add value.”

This can have several root causes. Sometimes many individuals are involved in an initiative without clear accountability to one another. There is also often a sensitivity to candidly sharing information about threats to high stakes projects. Another common cause is a focus on performance metrics that overshadows forward-looking considerations.

“ERM’s role should be to connect initiative teams with subject matter experts, to facilitate opportunities for anonymous sharing of concerns, and to develop risk indicators that consider leading indicators of project success,” said Ms. Riley.


from Help Net Security https://ift.tt/3ePBFbk

0 comments:

Post a Comment