Peter Crow
  • Home
  • About
  • Musings
  • Research
  • Contact

On Boards and the management of risk

14/11/2012

0 Comments

 
I've been involved in several discussions about risk management recently, including one at a Business Leaders Forum hosted by Grant Thornton. Most of the discussions have centred on the struggles that Boards face in managing risk—and more specifically, ensuring they are adequately informed. In listening to people, I've discovered many Boards struggle in this area. 
  • How do Boards know all relevant risks are being notified?
  • How big (or small) should risks be before they are reported? What is relevant?

Let's tackle the second question first. In most organisations, management has the responsibility to implement strategy. Therefore, they also have the responsibility to identify and manage risk. In doing so, management should raise (with the Board) all risks that have the potential to compromise their implementation of strategy—together with mitigation plans. Anything with a strategic impact should be reported. If Boards are not receiving relevant risk information, they should go looking for it.

That leads nicely to the first question. In my [direct though anecdotal] experience, most risk information tends to arrive via management. Though the common pathway, it is not without its problems. Many Risk Managers report up though the CEO. Even external Auditors tend to be retained by the CFO and report via the CEO. And therein lies the problem. Who decides what gets reported to the Board? Why would a CEO notify a risk that exposes him/her to extra work and/or uncomfortable questions from the Board? Oh, the foibles of human nature... 

Whereas most Boards receive risk information via the CEO, several of the high performing Boards that I've worked with seek and debate risk information directly—from staff, customers, outside advisors. They also do so in the context of strategy. Boards that open several channels are more likely to be adequately informed and, consequently, be better positioned to assess strategy implementation and ensure risks are managed effectively.

Boards need to ensure that they are adequately informed, and the best way to do that is to work directly with a range of internal and external sources. While this approach sounds straightforward, it has the potential to cause angst amongst management if not handled well. The CEO should be kept fully informed of risk discussions, and, ideally, be present when external advisors make presentations to the Board.

One final point. If risk mitigations are not being implemented effectively, and the achievement of strategy is being compromised as a result, then the Board should replace the CEO.
0 Comments



Leave a Reply.

    Search

    Musings

    Thoughts on corporate governance, strategy and the craft of board work; our place in the world; and, other things that catch my attention.

    Categories

    All
    Accountability
    Conferences
    Corporate Governance
    Decision Making
    Director Development
    Diversity
    Effectiveness
    Entrepreneur
    Ethics
    Family Business
    Governance
    Guest Post
    Language
    Leadership
    Management
    Performance
    Phd
    Readings
    Research
    Research Update
    Societal Wellbeing
    Speaking Engagements
    Strategy
    Sustainability
    Teaching
    Time Management
    Tough Questions
    Value Creation

    Archives

    January 2023
    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    December 2021
    November 2021
    July 2021
    June 2021
    March 2021
    February 2021
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    November 2019
    October 2019
    July 2019
    June 2019
    May 2019
    April 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    August 2018
    July 2018
    June 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013
    December 2012
    November 2012
    October 2012
    September 2012
    August 2012
    July 2012
    June 2012
    May 2012
    April 2012
    March 2012

Peter Crow PhD CMInstD

Company director | Board advisor
© COPYRIGHT 2001–23. TERMS OF USE & PRIVACY
Photos used under Creative Commons from ghfpii, BMiz, Michigan Municipal League (MML), Colby Stopa, MorboKat
  • Home
  • About
  • Musings
  • Research
  • Contact