Accendo Reliability

Your Reliability Engineering Professional Development Site

  • Home
  • About
    • Contributors
  • Reliability.fm
    • Speaking Of Reliability
    • Rooted in Reliability: The Plant Performance Podcast
    • Quality during Design
    • Critical Talks
    • Dare to Know
    • Maintenance Disrupted
    • Metal Conversations
    • The Leadership Connection
    • Practical Reliability Podcast
    • Reliability Matters
    • Reliability it Matters
    • Maintenance Mavericks Podcast
    • Women in Maintenance
    • Accendo Reliability Webinar Series
    • Asset Reliability @ Work
  • Articles
    • CRE Preparation Notes
    • on Leadership & Career
      • Advanced Engineering Culture
      • Engineering Leadership
      • Managing in the 2000s
      • Product Development and Process Improvement
    • on Maintenance Reliability
      • Aasan Asset Management
      • CMMS and Reliability
      • Conscious Asset
      • EAM & CMMS
      • Everyday RCM
      • History of Maintenance Management
      • Life Cycle Asset Management
      • Maintenance and Reliability
      • Maintenance Management
      • Plant Maintenance
      • Process Plant Reliability Engineering
      • ReliabilityXperience
      • RCM BlitzĀ®
      • Rob’s Reliability Project
      • The Intelligent Transformer Blog
    • on Product Reliability
      • Accelerated Reliability
      • Achieving the Benefits of Reliability
      • Apex Ridge
      • Metals Engineering and Product Reliability
      • Musings on Reliability and Maintenance Topics
      • Product Validation
      • Reliability Engineering Insights
      • Reliability in Emerging Technology
    • on Risk & Safety
      • CERMĀ® Risk Insights
      • Equipment Risk and Reliability in Downhole Applications
      • Operational Risk Process Safety
    • on Systems Thinking
      • Communicating with FINESSE
      • The RCA
    • on Tools & Techniques
      • Big Data & Analytics
      • Experimental Design for NPD
      • Innovative Thinking in Reliability and Durability
      • Inside and Beyond HALT
      • Inside FMEA
      • Integral Concepts
      • Learning from Failures
      • Progress in Field Reliability?
      • Reliability Engineering Using Python
      • Reliability Reflections
      • Testing 1 2 3
      • The Manufacturing Academy
  • eBooks
    • Reliability Engineering Management DRAFT
  • Resources
    • Accendo Authors
    • FMEA Resources
    • Feed Forward Publications
    • Openings
    • Books
    • Webinars
    • Journals
    • Higher Education
    • Podcasts
  • Courses
    • 14 Ways to Acquire Reliability Engineering Knowledge
    • Reliability Analysis Methods online course
    • Measurement System Assessment
    • SPC-Process Capability Course
    • Design of Experiments
    • Foundations of RCM online course
    • Quality during Design Journey
    • Reliability Engineering Statistics
    • An Introduction to Reliability Engineering
    • An Introduction to Quality Engineering
    • Process Capability Analysis course
    • Root Cause Analysis and the 8D Corrective Action Process course
    • Return on Investment online course
    • CRE Preparation Online Course
    • Quondam Courses
  • Webinars
    • Upcoming Live Events
  • Calendar
    • Call for Papers Listing
    • Upcoming Webinars
    • Webinar Calendar
  • Login
    • Member Home

by Greg Hutchins 2 Comments

The Future of Enterprise Risk Management in the 2020’s

The Future of Enterprise Risk Management in the 2020’s

Guest Post byĀ Greg CarollĀ (first posted on CERMĀ Ā® RISK INSIGHTS – reposted here with permission)

The 2009 release of ISO 31000 was the first step across the threshold into 21stĀ century risk management. Unfortunately the industry that has developed around it has firmly grabbed the doorway and won’t let go.Ā  Although the latest revisions make references to decision making and integration into functional purpose, it totally misses the point of risk management, which is to assist navigating a complex world.

Enterprise Risk Management by definition is the integration of an organisation’s risks for the purpose of assisting it achieve its mission.Ā  Linking risk registers to objectives does little more than focus management’s thinking on the outcomes of their decisions.Ā  Ā As mentioned in the previous article ā€œRisk 2018 & the missed opportunities of 2017ā€œ,Ā implementing ControlsĀ is an expected compliance activity, not risk management. A ships’ pilot heeds channel markers, but it’s their skill is in reading the water and weather in choosing the most effective course, that decides winners and losers.Ā  And even the most sophistication GPS navigation systems have yet to replace the navigator on a Volvo Ocean Race yacht.

Picture1I started this article by detailing the failure of current risk methodologies but then realized I was one of my pet hates of focusing on the problem (like current risk management), not the solution. After a severe talking to myself I drafted out my vision of what risk management should look like in the 21stĀ century.Ā  This goes beyond what I listed in my 2013 book ā€œMastering 21stĀ Century Risk Managementā€ which obviously needs to be updated.

Why we need to rethink Risk Management

The World Economy Forum’s 2018 Global Risks Report it succinctly observed:

ā€œHumanity has become remarkably adept at understanding how to mitigate conventional risks that can be relatively easily isolated and managed with standard risk-management approaches. But we are much less competent when it comes to dealing with complex risks in the interconnected systems that underpin our world, such as organizations, economies, societies and the environment. There are signs of strain in many of these systems: our accelerating pace of change is testing the absorptive capacities of institutions, communities and individuals.

In a world of complex and interconnected systems, feedback loops, threshold effects and cascading disruptions can lead to sudden and dramatic breakdowns.ā€

Further, in one of the best insightful articles l’ve read in years, Oxford fellow Roland Kupers’ ā€œResilience in complex organizationsā€ identifies the central issue that:

ā€œIn a deeply interconnected world, stresses and shocks propagate across systems in ways that evade forecasting. Climate change is linked to the Syrian civil war, which is connected to heightened concern over immigration, which precipitated Brexit.ā€

And the WEF report concludes:

ā€œOne of the aims of the Global Risks Report is to encourage individuals and organizations to think critically and creatively aboutĀ how they can respond to a rapidly evolving risksĀ landscape.ā€

The purpose of Risk Management in 2020’s

From these comments we can acknowledge that:

  1. Acute risks evade forecasting
  2. We need to be able to identify evolving risks
  3. We need to be able to relate them to other areas of risk
  4. The purpose of Risk Management is identifying howĀ to respond rapidly to evolving risks
  5. Critically and creatively responses require operational decision making
  6. We need systems to enable rapid response to complex situations i.e. AI – Artificial Intelligence

This leads to the inevitable conclusion that risk management can only be Enterprise Risk Management since all risks interact with each other to alter their status.Ā  This makes a mockery of the concept of static risk registers and risk matrix ratings.Ā  This form of forecasting, in addition to being subjective (a guess), is out of date by the time it is recorded.

If the purpose of risk management is to enable theĀ rapidĀ response to evolving risks, we need real-time systems for identifying and assessing risks, not periodic risk reviews.Ā  Being rapidly evolving, but the time a risk control is developed and implemented the risk has most likely become an operational incident. You are better served by providing operational management with a range of 5 possible scenarios that will assist them with identifying both the direction of the risk evolving and possible courses of action.

It should be self-evident that with the complexity of today’s business environment risk management needs to sit firmly in operational decision making.Ā  If you accept this is the case then the only solution is to implement AI – Artificial Intelligence computer solutions that can advise operational management in real-time on cause and effect of changes in the physical, social and business environments.

The Role of Risk Management Units

In this new paradigm the role of Risk Management Units in organization should be the creation, evolution, calibration, and auditing of scenarios and decision making models, identifying and creating systems to monitor risk influences and drivers (which includes behaviour), and training operational management in modern decision making tools and framework (including bias and games theory).Ā Ā  In the 21stĀ century, risk registers, use of arbitrary heat-maps, and devising impractical or unrequired risk controls to ward off threats, smacks of superstitious witch doctor hocus pocus.

In upcoming articles I will go into the practical ways of applyingĀ modern technologies to achieveĀ these 21stĀ century risk management tenets, covering howĀ to:

  1. Setup scenario analysis systems to provide operational management with decision marking collateral,
  2. Using Big Data to identify trends and evolving risk,
  3. Create Neural Networks to identify and map interrelationships,
  4. Implement IoT to monitor changes in environmental factors in real-time,
  5. Exploit Machine Learning to monitor customer and staff sentiment, etc.,
  6. Use predictive analyticsĀ to set up threat management & preventive action programs,
  7. Explore how Blockchain trust systems could be used to obsolete Cybersecurity & Supply Chain risk
  8. Harnessing Virtual Reality to gain a quantum leap in staff training and awareness,
  9. Replace laborious and inaccurate risk assessments & risk reviews with Automated Processes.

This will be the shape of risk management in the 2020s!

Bio:

Greg Carroll 
- Founder & Technical Director, Fast Track Australia Pty Ltd. Ā Greg Carroll has 30 years’ experience addressing risk management systems in life-and-death environments like the Australian Department of Defence and the Victorian Infectious Diseases Laboratories among others. He has also worked for decades with top tier multinationals like Motorola, Fosters and Serco.

In 1981 he founded Fast Track (www.fasttrack365.com) which specialises in regulatory compliance and enterprise risk management for medium and largeĀ organisations. The company deploys enterprise-wide solutions for Quality, Risk, Environmental, OHS, Supplier, and Innovation Management.

His book ā€œMastering 21st Century Risk Managementā€ is available from theĀ www.fasttrack365.comĀ website.

Filed Under: Articles, CERMĀ® Risk Insights, on Risk & Safety

« Electric Motor Variable Speed Drives Operation
The 7 Requirements of an Asset Management System »

Comments

  1. johfert Bristomm says

    December 16, 2020 at 2:17 AM

    I really appreciated your article related to enterprise risk management and what are the benefits and what the purpose of enterprise risk management is so well to explain.
    Compliance management in Pakistan

    Reply
    • Greg Hutchins says

      December 17, 2020 at 7:36 AM

      Hi Johfert.

      Good day. Thank you for the kind words. We appreciate them.

      ERM is becoming a common element of ‘good to great’ management.

      We hear that Aga Khan Hospital has a good/great ERM program. Check them out.

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

CERMĀ® Risk Insights series Article by Greg Hutchins, Editor and noted guest authors

Join Accendo

Receive information and updates about articles and many other resources offered by Accendo Reliability by becoming a member.

It’s free and only takes a minute.

Join Today

Recent Articles

  • A Note on Estimation of a Service-Time Distribution Function
  • Self-Leadership Part 1
  • History Repeats Itself: Buncefield, Puerto Rico, Jaipur
  • How Reliability Engineers Can Improve Their Communication in Information Sessions
  • FMEA Detection Risk: Insights and Advices

© 2023 FMS Reliability Ā· Privacy Policy Ā· Terms of Service Ā· Cookies Policy

This site uses cookies to give you a better experience, analyze site traffic, and gain insight to products or offers that may interest you. By continuing, you consent to the use of cookies. Learn how we use cookies, how they work, and how to set your browser preferences by reading ourĀ Cookies Policy.