Skip to main content

Why You Should Make Your Business Case for ERM Now

Here at OpenArc, we consider risk management and mitigation as critical parts of project management. As discussed in an earlier post about our approach to project risk management, we have teams plan for threats before we start working and keep those plans updated as work proceeds. You can also count on us for open communication, transparency, and rapid action in the face of obstacles.

Why Enterprise Risk Management Makes Even More Sense Now

  • Besides physical threats to employees and customers during COVID-19, businesses are struggling with obstacles like these:
  • Companies suffered from disruptions to both their supply and distribution chains.
  • Social distancing orders forced many brick-and-mortar retailers to close their doors or change the way they interacted with customers.
  • Employers needed to move quickly to provide their employees with new safety guidelines and such personal protective equipment as gloves and masks.
  • Most businesses had to transform in-office employees to a remote workforce rapidly.
  • Some businesses profited from a spike in eCommerce, but other companies weren’t ready to depend so heavily upon online sales and orders.

No doubt, this new crisis appeared quite abruptly. If you’ve scanned the news, you could hardly avoid learning about companies with risk management failures that ended in massive losses, poor publicity, and even worse, tragedies for employees and customers. As just one example, CNBC reported that hundreds of large companies have already warned their investors to expect lower revenues or losses on the next earnings statement. For most, their earnings predictions from just a few months before had been optimistic.

We are hearing from businesses that want to take positive steps to protect their workforce and their customers, and while the short term will be difficult, they are looking at the bigger picture. They are in search of the opportunity to enhance their brand and attract more sales by doing what is right when it’s hard, which is the definition of integrity.

How the COVID-19 Crisis Highlights the Need for ERM

Encountering just one of the obstacles that the coronavirus posed would have presented a considerable challenge to most companies. As discussed above, most businesses had to deal with multiple disruptions during the COVID-19 crisis.

Because most of us encounter retail businesses during our daily lives, consider this industry as one example:

Retail store and website issues: Many retailers had supply-chain problems at the same time needed to implement social distancing measures in their outlets and, perhaps, upgrade eCommerce options. Anybody who has visited such an essential business as a grocery store during the outbreak has probably noticed that the store has established new protocols and even more surprising, may have empty shelves that they used to have packed with everyday goods. Even such large online retailers as Amazon struggled to stock and ship essential goods. For example, few people could have predicted the Great Toilet Paper Shortage back in January.

Problems transitioning to a remote workforce: Meanwhile, office workers needed to immediately transfer their work from a corporate office to their home office. Hence, their employers had to scramble to provide these people with the software and security required to do their tasks efficiently and safely. Haphazard responses produced inefficient workflows, digital security problems, and of course, even more delays and lapses in crisis response and customer service.

While the retail sector remained the most visible, other industries were severely impacted, if not worse. For instance:

Sourcing companies: Some materials suppliers still could generate plenty of orders for essential production needs. At the same time, they found their suppliers cut off because of the global pandemic. Unprepared businesses had not prepared by proactively sourcing alternatives domestically or from other parts of the world.

Manufacturers: While manufacturers struggled with sourcing on one front, some may not have attended safety protocols in their plants as well as in the interest of meeting goals. Social distancing or an increase in sick employees has often delayed production and, in the worst cases, forced businesses to close their doors for the duration. Some incidents also generated the sort of bad press that no companies want to earn.

How the Pandemic Uncovered the Flaws in a Casual Approach to ERM

According to Gartner, typical companies regarded ERM as something they needed to have in a check-the-box way during the proceeding years of economic growth and relative stability. Their research also found that businesses with the best and most agile responses to the abrupt crisis also had already focused on putting processes in place to handle the unexpected.

The Practice VP of Gartner, Matt Shinkman, said that the biggest problem from a casual approach to ERM is that you never even know what the issues are until something bad happens. Manuals and flowcharts don’t replace truly effective ERM.

Based on their in-depth research, Gartner said that truly effective enterprise risk management should have these two qualities:

  • Businesses need to have an impact-based and agile response to managing crises. With such a fast-moving virus as COVID-19, traditional threat escalation procedures moved too slowly for many businesses to react in time.
  • Companies also have to appoint one of their business leaders who will take responsibility and ownership of the situation. That person and his or her direct team can become the source of clear guidance for the rest of the company.

As an example, Gartner found a few outstanding companies had already set their reaction threshold quite low to respond to such a virus-based threat as the current one. Those companies had a few weeks to begin engaging their response, while some of their competitors still waited to see what would happen.

As an aside, the CNBC story said that even Gartner reported that the business impact of having to close or reschedule in-person conferences would amount to about $36 million in revenue shortfalls from previous predictions.

How ERM Allows Businesses to React to Opportunities and Not Just Threats

We can all hope the coronavirus crisis is rare. Yet, we are mindful that still every few years, businesses get impacted by disease outbreaks, natural disasters, unusual political situations, economic downturns, and market disruption. If anything positive can come out of a global pandemic, maybe businesses can grow from the lessons they have learned about the value of managing risks effectively.

At the same time, you shouldn’t just make the case that a better way of managing risks only helps companies sustain themselves during a crisis. You also have to consider the opportunity costs you may suffer without it. Since an efficient ERM system can help your business manage unexpected issues better, it will also leave you free to pursue certain opportunities that you might have considered far too risky in the past.

To back this up, Gartner research found:

  • In a 2019 study of almost 400 companies, they saw significant opportunity costs from strategic initiatives without timely and agile risk management.
  • This lack delayed the projects an average of about five weeks, amounting to millions in losses or sacrificed profits.
  • Even more, initiatives with prudent risk management are more likely to meet or beat deadlines and schedules and satisfy all levels of stakeholders.

In other words, a focus upon aligning agile ERM procedures, systems, and leadership across the entire enterprise will not just help businesses survive an unexpected disruption. These steps will also help allow enterprises to conduct business more competitively and profitably during the best of times.

Key Benefits and Features of Enterprise-Wide Risk Management

The critical benefits of having the right ERM in place include rapid and appropriate responses to crises and other disruptions. You may wonder what sort of features a high-quality ERM program should have to ensure that your business enjoys these benefits.

Consider these five essential features of effective ERM programs and how they benefit companies:

1. Creating a risk-focused company culture: Previously, we touched upon the importance of having leadership in place to help manage and communicate during tough times. Of course, these new directives will only get effectively carried out if a risk-management culture trickles down to all levels of the hierarchy. Your effective directives won’t help if the line supervisors and clerks aren’t motivated to care about them. The right ERM program can help ensure your company has the right processes in place and that employees know how and why to follow them. In turn, many of these safety measures will help boost morale because your employees should also understand that you’re making changes out of concern about them and their customers.

2. Risk reporting standards: An ERM system can support a better and more efficient structure to help analyze, report upon, and act upon risks. This helps leadership quickly evaluate and make good decisions about all areas of the company. It also can improve alignment because everybody will have the same kinds of reports to view and learn to speak the same language when discussing them.

3. Improved focus and prioritization of critical risks: The coronavirus crisis truly underlined how some kinds of crises can impact not just one but almost every business operation simultaneously. Still, businesses may still have limited resources and need to have a way to prioritize issues in order to focus upon the worst threats before moving down the line. Having key metrics in place makes it much easier to weigh different issues in light of the overall company.

4. Efficient resource use: Given limited resources and choices, businesses needed to maximize their labor and time quickly to meet new challenges. For instance, companies might have proactively had alternate suppliers in place to avoid getting delayed because of backorders. As another example, a retail business might switch some resources to phone or online customer services when foot traffic has dwindled. The ERM program should make it easy to spot potential problems and find the best solutions.

5. Better compliance measures: Indeed, agencies like OSHA may not have a directive that specifically mentions COVID-19. Still, it’s safe to say that poor safety measures against this new virus will violate the overall order to keep a workplace as safe and free of hazards as possible. Having the right ERM programs in place will ensure companies can document and report upon their efforts to remain in compliance and protect people.

Risk Management Pittsburgh

Here at OpenArc, we always work to minimize and plan for potential threats to our own business and projects. Based on our experience, we work with our customers as partners to help them reduce the chance of any delays or costs associated with unexpected issues. That’s why many of our clients don’t just rely upon us for software development and staff but also think of us as a Pittsburgh risk management company.

We include these measures in our project plans and time to assess risks and react to them continually. And when such unexpected events as the coronavirus pandemic occur, we won’t shy away from hard conversations and rapid escalations. That’s why you can count on us for all of your software development and technical staffing needs. Based in Pittsburgh, we serve clients in many different geographical locations and industries.

Let us know what you need, and we’ll show you how we will help.

Blog