Implement a Simplified But Effective Risk Management System

This is the only practical risk management course that seeks to equip you with essential how-to knowledge to develop a simplified but effective risk management system, especially for small-sized organizations or entities. This course sets out the step-by-step simplified approaches and practical considerations for developing and implementing your organization's customized risk management system without over-engineering it.

At the end of the course, you will acquire practical but relevant information that will enable you to develop and implement your organization’s simplified risk management system with minimum effort and with maximum results and outcomes.

This course has been developed based on my in-depth experience working alongside small-sized organizations that have often struggled with putting in place the right-sized risk management practices that are effective and do not take up too much of their time and resources.

What I have often seen (and read) is that many smaller organizations implement the ‘standard’ risk management practices that are commonly found in larger organizations without much thought or understanding as to whether it is fit-for-purpose, and whether it is effective and efficient.

Unfortunately, many of these smaller organizations, especially not-for-profits, adopt these risk management ‘standard’ practices without fully understanding the essence and purpose of risk management, which is to increase the likelihood and extend of their organizational success, and to achieve organizational objectives within their given limited resourcing level.

I am conscious that these small organizations do not have dedicated staff to do risk management.

Instead, identifying and managing their risk, whilst it is an important management practice, is a small part of many other management actions they have to do as part of their everyday work. In most cases, many small-sized organizations do not have money to hire people to do their business-as-usual work.

To overcome many of the issues and challenges faced by small-sized organizations in implementing a robust but effective risk management system that does not take up too much time and effort, I have developed a strategic risk management approach that is both effective and simple.

Let's avoid over-engineering things. Life is already over-complicated and it has to be.

Having a ‘complicated’ or ‘off-the-shelf’ risk management practice is like using a mallet to kill a fly. And I see it all the time. It is truly a waste of time, a waste of precious limited organizational resources.

The key to implementing a successful and effective risk management system is to ruthlessly implement additional treatments that will only increase the likelihood and extend of their organizational success and achieve organizational goals.

Many organizations that I have been involved in as an independent member of their risk committee, and as a board member, and have seen through my advisory work have put so much effort into documenting their risks in a risk register as a compliance exercise that they have neglected the essence of risk management, that is being successful.

There is no discipline in ensuring that additional treatments are implemented within the stated timeframes. There is no simplified way of ensuring that their organization achieves its stated objectives within the clear boundaries of risk-taking and opportunity-seeking, which is their risk appetite and risk tolerance.

Many organizations have also struggled with articulating and applying the concepts of risk appetite and risk tolerance in their organization.

Therefore, it is pointless to have a ‘great’ documented risk register with lots of nice or fluffy words when it does not do its job of mitigating the identified risk to an acceptable level of risk tolerance.

There is poor execution and completion of the proposed mitigation actions, which only leads to poor organizational performance.

The only way we know whether an organization is doing effective risk management is when the organization is successful and achieves its stretched goals and objectives. Given that risk management is an objective-focused concept, your discussion of organizational performance and risk information must go hand-in-hand.

Great organizational performance must be conducted within the clear boundaries of risk-taking and opportunity-seeking. There is nothing wrong with having lots of critical risks that are well-managed in a well-performing organization.

The reality is that many of the risks documented in risk registers are common risks that organizations may face. There are not many unique risks that would require a new description or analysis.

For me, there is enough historical information available to tell us not to reinvent the wheel in spending too much effort on the content of the risk register, but to focus instead on the actions arising out of documenting, mitigating the risk, and performing well within the boundaries of risk-taking and opportunity-seeking.

Instead, the critical success factor of any risk management action is to focus on action-taking.

The key is to implement all planned or additional treatments to mitigate the risks, commencing with those treatments that are related to the highest level of risk. It requires organizations to ruthlessly implement mitigation actions and religiously track the implementation progress of all proposed treatments, especially those that relate to issues, or known events that are currently in play.

It is pointless to document proposed mitigation actions in risk registers when there is no discipline in completing their implementation. The level of risk will not be reduced with poorly executed treatment actions.

Organizational risk registers should document only effective controls that matter most to either mitigating a downside risk or maximizing an upside risk or opportunity. These controls must also be actionable or controllable for the organization to achieve its objectives.

To be successful in creating an effective risk management system that enables your organization to achieve its objectives within the boundaries of risk-taking and opportunity-seeking, you need to try a different approach by having a renewed mindset. You need to be creative in your approach to risk management if you want to achieve your objectives.

As the saying goes, “Insanity is doing the same thing over and over and expecting different results.”

If you are expecting a better outcome, I have provided you with the framework and guidance for you to think strategically without wasting any more time and effort. All you need is a renewed mindset to develop something implementable for your organization, rather than seeing risk management as a compliance exercise.

If you forget everything you have read, remember this – effective risk management will enable you to be successful. It will help you achieve your objectives by implementing the right-sized actions to keep you on track to achieving your objectives.

When you enroll in the course, you will also get a template of a complete risk universe and sample likelihood and consequence rating tables for small-sized organizations in MS Word format.

Who this course is for:

• Board members and CEOs who want to simplify their risk management system and achieve their objectives and become successful within acceptable boundaries of risk-taking and opportunity-seeking
• People who are struggling or have struggled with implementing an effective risk management system that works in their organization
• People who want to try something different to revitalize their risk management system
• People who don’t have a lot of time or resources to implement and maintain an effective risk management system
• People who want to simplify their risk management system
• People who want to improve organizational performance through better risk management
• People who are responsible for developing or implementing a risk management system that works
• Risk management professionals who want to improve their current risk management system
• Risk management professionals who want to improve their organizational performance through better risk management