Business confidence is at an all-time low after the events of 2008. More than ever, companies need a reliable view into the risks they face.
This can only be achieved with a complete picture of the business – something that financial institutions have not ensured in recent times, either by not having the right systems in place, or not implementing them effectively.
But is it possible to actually measure the levels of risk that a company faces? If so, what is the process and why are firms struggling so much to get to grips with it?
Risk and reward
An accurate assessment of risk is crucial in providing executives with the insight needed to securely and effectively direct their company. A good risk management strategy allows them to predict and quantify the risk involved in the day to day execution of business tasks, including the impact of external factors, such as a key client going into receivership.
Far from being a theoretical exercise in forecasting the future, this knowledge allows a company to respond decisively and effectively if such a scenario were to develop.
With the right systems in place, a company can develop a clear risk management strategy. But a clear, transparent view of business performance is needed first. To implement a risk management strategy organisations need to quantify and organise risk based on relevant and accurate data from around the company.
A fundamental principal of risk management is to constantly ask “what if?”: What if the launch of a new product is delayed by supply issues? What if shrinking demand drags down profit margins? What if that key client goes out of business?
But before an accurate assessment of potential circumstances can be performed, managers need to know what is already happening across the business.
Gaining a complete picture
One of the problems prolonging the credit crisis in the financial markets is a lack of complete information about companies’ full exposure to bad debt. The complexity of the securitisation process for those seeking a simple idea of a financial organisation’s balance of liabilities can be compared to trying to make sense of a scene viewed through frosted glass. Debt has been scattered across a number of different locations and moulded into a number of different forms. A true picture is not known yet, and the atmosphere of uncertainty and distrust that this has fostered has bled the market of the liquidity it needs to function.
A similar issue affects many large companies seeking to gain an accurate view of risk. The data needed to calculate this has to be collected from around the organisation, but this is often difficult because information is usually held in multiple incompatible reporting systems in different formats across the business.
As the typical company grows, it begins to form separate departments dedicated to particular parts of the business, often significantly increasing the business’s complexity and creating silos of data – and information. Separate research, administrative and marketing units may appear, usually operating autonomously – each making its own decisions and each with its own IT department. This mass of disparate information sources leads to major reporting problems. Even basic reporting, on a weekly or monthly basis, can become a struggle.
The problem often lies with the information management processes businesses employ to organise and deliver performance data to managers for analysis. Typically, a company’s IT department spends time building a “data warehouse” or repository to stage the data to feed into the business intelligence tools used for this analysis. This provides a temporary solution, but if the business changes or if managers need new or additional information about the company, the development cycle must be repeated to accommodate the changes. This can add weeks or months to the time needed to fulfil a request for specific performance data. As a result, decision-makers suffer through slow, inconsistent information delivery – the exact opposite of why they created a business intelligence initiative in the first place. So in response, managers often go around the IT solution and build more spreadsheets themselves in order to get their answers faster. This further compounds the problem.
To overcome this difficulty, companies need to focus on implementing an information management infrastructure that can adapt quickly and flexibly to incorporate changes in the business and feed this information back to managers. Such a solution can deliver more accurate, consistent and reliable information faster for the purpose of assessing risk.
Once an organised view of information from within the company is in place, managers then have the clarity they need to gauge the performance of the different parts of the business. They can start making sense of risk, quantifying it and developing a comprehensive risk management strategy.
Once current performance is known, questions about “what if?” can be asked to begin tackling the challenge of constructing a company-wide view of risk. When information on business activities within an organisation has been assembled, managers can use this to run test scenarios based on the company’s business model to see how different parts of the business are likely to respond to a specific change.