on Risk & Safety

Heightened Awareness or Reactive, Backwards Looking?

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

From financial crises to energy catastrophes to earthquakes and threats of terrorism, we hear a lot about events that challenge our ability to identify and manage risk.  Unfortunately, some of the things that emerge from many of these events are reactive regulatory rules and requirements. [Read more…]

Guest Post by James J. Kline (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

In the Baldrige Excellence Framework the term “Intelligent Risk” appears.  It is defined as: “Opportunities for which the potential gain outweighs the potential harm or loss to your organization’s future success.”  This definition expresses a concern that risk might inhibit innovation. With the addition of Enterprise Risk Management to the 2017-18 Framework has a condition been created where two best business criteria, innovation and risk management, might cancel each other out? More basically, does Enterprise Risk Management (ERM) inhibit innovation related risk taking?

[Read more…]

Guest Post by James J. Kline (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Introduction

In 2015, innovation was added to the Baldrige Excellence Framework.  While there is no doubt that innovation is important for an organization’s survival, a fundamental question is: How much does a quality improvement process, which is encouraged by the Baldrige Excellence Framework, contribute to innovation?  While there is no simple answer to this question, some indication can be seen in an examination of the focus of the quality improvement process and what happens to a company, with a reputation for innovation, when a quality improvement process is implemented. 

Such a company is Minnesota Mining and Manufacturing (3 M).  And, a June 11, 2007 article in Business Week, entitled: “3M’s Innovation Crisis: How Six Sigma Almost Smothered Its Idea Culture”, argued that Six Sigma inhibited 3M’s ability to innovate.  This piece discusses the 3M experience and the relationship between Six Sigma and Innovation.

[Read more…]

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Introduction

It is mid-year 2014 as I write this article.  We have recognized the need to better manage supply chain risks for the better part of a decade now.  Yet, we still seem to be deluded into thinking that the modern supply chain is resilient to the point of invulnerability.  Most organizations have a supply chain that is a mix of competencies, from manufacturing to professional advisory services.  [Read more…]

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

Exposure to threats, hazards and risks leads to vulnerabilities that an organization must deal with.  Commonly these are addressed via a mitigation process.  Once mitigation is accomplished, often times the organization feels that the risk, threat, hazard does not need to be revisited.  However, as a result of the mitigation efforts on the part of the organization, the risks, threats, hazards reconfigure and re-emerge in a different form. 

In order for mitigation to be successful it has to be a constant and ongoing process that produces a resilience to the negative effects of risks, threats and hazards that are realized. [Read more…]

Guest Post by James Kline (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

The National Institute of Standards and Technology (NIST) just issued the 2017-2018 Baldrige Excellence Frame Work.  There were modifications to a number of categories such as Category 1 Leadership, Category 2, Strategy and Category 6 Operations.  Included in the modifications were substantive additions for Cyber Attacks and Enterprise Risk Management (ERM).

In the discussion of the changes from the 2015- 2016 framework it is noted: “The future competitive advantage that will flow from good ERM is based on the holistic addressing of risk and the actions taken – including the pursuit of intelligent risks – as part of an overall strategic approach to managing organization performance.” (Baldrige.2017.45)

This statement makes two things clear.  First, ERM is seen as contributing to the competitive advantage for any organization.  Second, ERM is a holistic approach.  The inclusion of ERM in the Baldrige Excellence Frame Work does two other things.  It reinforces the momentum created by the inclusion of Risk Based Thinking in ISO 9001:2015 and the issuance by OMB of Circular A-123.   Both actions expanded the reach and ultimately the interest in ERM.  In addition, it signals that ERM is considered part of best practice. This means its use increasingly will become a standard by which all organizations can be evaluated by regulators and stakeholders. [Read more…]

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

We live in a world of consequences.  Everything that we experience is a consequence of some action, decision, reaction and/or choice.  For organizations, the consequences of a choice, action, decision and/or reaction can cascade throughout the organization and extend to its “Value Chain” rippling through all the known touchpoints and the as yet, unidentified touchpoints.

Organizations need to understand their strategic, operational and tactical capabilities and capacity to recognize, mitigate and/or capitalize on cascade effects.  As a result of the diverse nature of global business operations, geopolitical circumstances, culture, etc., there currently is a standardization gap with regard to how organizations should react to cascade effects.  This is partly due to opacity, nonlinearity and insufficient competitive/business intelligence that organizations can draw from.  This is not to say that the information does not exist.  Rather that it does not exist in a form that is readily recognizable to organizations in most cases. [Read more…]

Guest Post by Geary Sikich (first posted on CERM ® RISK INSIGHTS – reposted here with permission)

The focus of this article is on the application of guidance (ISO 31000, FFIEC, etc.) often resulting in the appearance of compliance resulting from a checkbox perspective rather than actually and actively identifying and managing risk(s) by organizations.

In Risk Management: History, Definition and Critique, by Georges Dionne (March 2013 – CIRRELT-2013-17); the opening statement from the Abstract is revealing: [Read more…]

Some 20 years ago, I was volunteering with a not-for-profit organization to develop new products and services.

Our team had lots of ideas. We were excited to innovate, change, add value, and do better. You could feel the energy. It was electric.

The challenge: The organization was riding high and making lots of money on its core products. They did not want or did not need to look at anything new. Why fix something that was not broken from its point of view. OK. We got it. 

Well, our great ideas were stuffed. The energy and enthusiasm dissipated. I left the organization.

Several of us wondered what had happened. Dr. Lindborg, an expert in organizational dynamics, in a moment of inspiration, uttered:

This is the Moose Lodge Syndrome at work.

“What’s that?” we said. A little history may help: [Read more…]