First Reference Talks

Discussions on Human Resources, Employment Law, Payroll and Internal Controls

You are here: Home / Business / Always-on risk and strategy management

By | 2 Minutes Read

Always-on risk and strategy management

always-on strategyI like the idea of “always-on” strategy and performance management, as discussed in a piece by members of the BCG consulting firm.
Always-On Strategy hardly mentions the word “risk”, but it’s there in a major way.
Consider this:

To increase the odds of success in today’s turbulent environment, leading companies are complementing their annual strategy-setting process with something more dynamic. We call it always-on strategy.
Always-on strategy gives companies a systematic way to scan for signs of disruption and explore unexpected changes to the strategic environment. Companies identify the most pressing strategic issues and regularly engage senior leaders in formulating a response.

Doesn’t this sound like risk identification, assessment, monitoring, and response?
Aren’t “issues” the same as risks?
Later, the authors say:

Always-on strategy complements the annual [strategy] process by giving senior leadership a regular forum in which to monitor and discuss issues that warrant continual attention, including those identified during the annual process and during the course of the year.

Isn’t this what we strive to achieve with risk management, addressing the issues that might affect the achievement of strategies and objectives?
But the authors see issue or risk monitoring as the responsibility of the Chief Strategy Officer:

The chief Strategy Officer (CSO) and the strategy team are ideally positioned to identify issues from the top down, both in the business units and externally. They can provide a structure and tools to capture and filter information from the broader organization.

CSO doing this instead of the CRO?
What does this mean?
If the language of strategy and issues resonates with leadership, use it instead of the technobabble of risk.
I met one CRO who reports to the CSO.
Is that a model that makes sense (in non-regulated industries – because the regulators have a risk-averse view of risk management)?
Maybe it does.
Maybe it allows and stresses an emphasis on achieving objectives instead of ‘managing risk’.
What do you think?

Latest posts by Norman D. Marks, CPA, CRMA (see all)

Share with a friend or colleague

Get the Latest Posts in your Inbox for Free!

Electronic monitoring

About Norman D. Marks, CPA, CRMA

Norman has led large and small internal audit departments, been the Chief Risk Officer and Chief Compliance Officer, and managed IT security and governance functions.

He retired in early 2013. However, he still blogs, writes, trains, and speaks – and mentors individuals and organizations when he can.

Footer

About us

Established in 1995, First Reference is the leading publisher of up to date, practical and authoritative HR compliance and policy databases that are essential to ensure organizations meet their due diligence and duty of care requirements.

Main Menu

Stay Connected