BUSINESS RISK INFORMATION SOLUTIONS FACILITATE GOOD GOVERNANCE AND BUSINESS SUSTAINABILITY
By Paul de Kock

Forecasting and planning in today’s complex business climate is extremely difficult. Organisations are facing unprecedented numbers of legal, regulatory and business policy directives, as well as value chain requirements (safety, health, environment and quality amongst others) that present as risk in nearly every aspect of their operations. The question is: How can organisations control risk, manage it effectively, drive up business performance, and ultimately improve sustainability?

It has been argued that risk ignorance results in the so called “iceberg of risk,” where the full risk exposure is submerged and risk at an enterprise level is not visible to senior management. Risk is often managed in organisational silos (financial, process safety, environmental, health, safety, quality etc.) that do not communicate. Many organisations may well fail when they are not aware of the full scope and interdependency of risk across the business.

No longer are the concepts of governance, risk and sustainability the exclusive domains of individual business units. Organisations are expanding their initiatives to encompass a much more integrated view of risk management in their quest for sustainability. This holistic and integrated approach is strongly driven by the following trends:
 

•	Customers, employees, and partners are driving their expectations from an environmental, social, and governance perspective.
•	Institutional investors and insurers are offering specialised portfolios based on corporate behaviour.
•	Rating agencies are looking at risk management as a component of their corporate assessments.
•	Risk management is now part of the evaluation criteria for merger and acquisition due diligence.
•	Legislation is requiring defined risk management strategies.
•	Corporate Social Responsibility (CSR) pressures are stronger and publically visible.
•	Environmental and social changes are rapid and significant.

This focus on risk and reporting has led to an increased demand for timely, reliable data that can be easily accessed. The ability to communicate risk and to justify decisions is becoming increasingly important.

Risk Data Management Solutions

Much of today’s risk records and data exists in unstructured storage environments and formats such as MS Word documents, XL spreadsheets, PDF and PowerPoint files. Organisations need to be able to access the data used regardless of where it resides and what format it is in. Many expend much energy, manpower and time generating risk related data that they don’t really trust. Data is often:
 

•	Inconsistent
•	Out-of-date
•	Inaccurate
•	Not fit for purpose
•	Of low quality
•	Unprotected and most importantly,
•	Inaccessible

Companies that do trust their risk management data can generate more value from the data and fulfil their objectives more effectively. Because of the nature, extent and variety of data generated through risk management initiatives, trustworthy data can only be achieved through the deployment of an integrated risk management data solution. Such solutions must not only document risks but must integrate all the management components needed to understand and manage them. The integrated software solution must include as a minimum all the components as illustrated below:

An effective software solution must remove data complexity, comply with legal, industry, document and any other requirements and eliminate data redundancy by considering all technology and systems already in place. The software should be built using technology which is best practise in terms of ensuring data reliability and consistency. It should also increase data efficiency whilst decreasing the effort and time spent on capturing data and reporting management information.

The long term cost of implementing a risk management software solution can be controlled if the correct processes and policies are implemented from the start. When entering into a partnership with a software vendor, be sure to ascertain whether their solution is flexible enough to meet your organisations specific requirements and unique situation.

For further information contact Paul de Kock at:
Cell: +27 (0)83 633 0607
Email: pdk@isometrix.com