This post is intended to provide the foundational concepts around organizational sustainable risk management factors. This post also recommends adopting sustainable risk management as a core discipline within sustainable change delivery. This is part of a series that provides the foundation for understanding sustainable change delivery.
“It is far better to grasp the universe as it really is than to persist in delusion, however satisfying and reassuring” – Carl Sagan (1997).
(Quote borrowed from Douglas Hubbard’s The Failure of Risk Management)
Organizational Sustainable Risk Management Factors
There are a number of organizational concepts that are important for organizational sustainable risk management, including the following:
- “Risk tolerance
- Is defined as ‘the threshold levels of risk exposure which, when exceeded, will trigger an escalation’” (OGC, p. 15, 2012).
- “Risk capacity
- Is the maximum amount of risk that an organization, or subset of it, can bear, linked to factors such as its reputation, capital, assets and ability to raise additional funds. In the public sector, risk capacity might be defined by an external regulator, or by a government minister.
- Risk appetite
- Is the amount of risk the organization, or subset of it, is willing to accept” (OGC, pp. 13-15, 2012).
The following paragraph was modified from Jonathan Reuvid’s 2012 work “Managing Business Risk: A Practical Guide to Protecting Your Business” to help provide context for these concepts.
“[Exhibit 1a]… depicts expected business performance over time.
In practice, performance is subject to risks that, if they materialize, could result in a range of performances [exhibit 1b]…
This gives the potential risk ‘universe’ [exhibit 1c]. It is clear that line AC is not desirable. However, it is not necessarily obvious that line AD also might not be desirable; extreme success might itself produce additional risks.
Consequently, there is no tolerance for some outcomes (negative or positive). This is the area outside of the triangle AXY [exhibit 1d].
The appetite for risk, however, is likely to be shown by a narrower band of performance outcomes, depicted in the triangle AMN [exhibit 1e]. So tolerance becomes about absolute values, e.g. ‘We will not expose more than x per cent of our capital to losses.’ Risk tolerance statements become lines in the sand beyond which the organization will not proceed without board approval (although, of course, the board may grant it), whereas risk appetite becomes about what the board wants to do.
Access to competent individual sustainable risk managenent practitioners is key to allow the organization to leverage the skills and experience to accept, adopt, and integrate these competencies into the organization. However, the organization needs the management systems and structures to support the successful organizational implementation and benefits from sustainable risk management.
This series is all about raising awareness of sustainable change delivery and the integral elements, disciplines and competencies associated with it. In the graphic below, each of these elements is identified in terms of its use in allowing for sustainability. These elements form the basis of the GPM® Global’s P5™ Standard for Sustainability in Project Management, the GPM® Global Training Programs and the GPM® Global Portfolio, Program and Project Sustainability Model (PSM3™) for organisational assessment.
Please refer to Sustainable Risk Management – 1 Overview.