Political Risk and Enterprise Risk Management
Guest Post by James Kline (first posted on CERM ® RISK INSIGHTS – reposted here with permission)
Former Secretary of State Condoleezza Rice PhD. and Amy B. Zegart PhD. have written a book called Political Risk: How Businesses and Organizations Can Anticipate Global Insecurity. It has received good reviews. Having read the book, I would concur. It is an important book for those concerned with the increasing volatility and associated risk of the global economy. This piece discusses the relationship between Political Risk and Enterprise Risk Management (ERM).
The book is a result of an intensive Master’s in Business Administration class on global political risk taught at the Stanford University. The intended audience is the Chief Executive Officer of private sector companies. The theme is that political risks come from numerous sources. Several of the political risk and their sources are listed below.
Geopolitics – Interstate Wars and Economic Sanctions.
Internal Conflicts – ethnic violence and social unrest.
Laws, regulations, policies – changes in foreign ownership rules, national laws and taxation.
Social activism – events that go viral facilitating collective action.
Terrorism – politically motivated threats or use of violence against persons or property.
Cyber threats – espionage, extortion and massive disruption of companies, industries, governments and societies.
These political risks have serious implications for companies. An example they use is the impact of a film called the Blackfish. The film was on the treatment of Orca whales by Sea World Entertainment Limited. The film went viral. Just before the film aired, Sea World’s stock was $38.92 per share. After the film aired, the stock plunged to $15.77 per share. In addition, attendance at their theme parks declined substantially.
In this case, social action caused the adverse economic impact. However, Terrorism, Cyber-attacks and the other noted political risks can have an equal or greater adverse impact. Consequently, it is in an organization’s interest to recognize and manage political risks. To assist with this process, Rice and Zegart developed a political risk management framework.
Risk Assessment Framework
Their political risk management framework contains four steps. The steps are: Understand, Analyze, Mitigate and Respond. They are designed to help the CEO understand and mitigate the potential consequences of the political risk. The framework can be compared with the first four steps in ISO 31000:2018. The ISO steps are: Identification, Analysis, Evaluation and Treatment. The Understand and Identification steps are similar. Also similar are two of the other steps, Analyze and Mitigation or Treatment. The Respond step has nothing comparable in ISO 31000:2018. However, it is recommended and associated with Black Swan events. Black Swans are risk events which are unpredictable and extremely costly. This is a key distinction between Rise and Zegart and ISO 31000:2018. ISO 31000:2018 does not encourage the development of a response plan. Nor does it mention Black Swans risk events. On the other hand, Rice and Zegart, do not mention ISO 31000:2018, even though it is the international ERM standard.
This is a must read for any one working in or working with government throughout the world.
Rice and Zegart highlight the need for organizations to consider and deal with risks. Their concern is political risks. However, their political risk management framework is valid for any type of risk. Consequently, the book contributes to the ERM field. A particular contribution is the recognition of Black Swans and the recommendation that recovery plans be developed. This is something that ISO 31000:2018 is silent on. A flaw is that their book is silence on ISO 31000:2018. It is not mentioned. This leaves unanswered the question of how they see this international standard contributing to their concern that organizations need to manage the consequences of global political risk.
James J. Kline is a Senior Member of ASQ, a Six Sigma Green Belt, a Manager of Quality/Organizational Excellence and a Certified Enterprise Risk Manager. He has over ten year’s supervisory and managerial experience in both the public and private sector. He has consulted on economic, quality and workforce development issues for state and local governments. He has authored numerous articles on quality in government and risk analysis. firstname.lastname@example.org