Play Up – Take on the Role of a Risk Architect
Authored By:
Mark Bennett – Founder of the Risk Innovation Group
Jack Ogutu – Millersville University, Associate Professor & OSEH Program Coordinator, Dept. of Applied Engineering and Safety & Technology
Richard Olawoyin – Associate Professor of Industrial and Systems Engineering at Oakland University
“Playing Up” is common in the world of travel sports. Coaches attempt to gain advantage by putting their players against stronger, quicker and more competitive opponents. By playing up the team is learning from a more complex and challenging environment. This experience then allows them to compete at a higher level as they move back into their normal environment.
Traditional Risk Managers (TRM) can value from “Playing up” in the Enterprise Risk Management (ERM) space. Stepping into the ERM space forces TRMs to acknowledge that their area of risk is only one piece of the larger organizational risk puzzle and it brings attention to important obstacles and relevant connections.
As risk is the central theme in organizations, ERM sets the stage for all process areas, organizational obstacles and opportunities to be managed with structure and business savvy. It recognizes that there are no free passes (excuses) to meeting objectives and there needs to be a basic level of accountability and a PLATFORM THAT SUPPORTS STAKEHOLDER SUCCESS.
In the ERM world, the Chief Risk Officer (CRO) is designing a risk map to support common language for the entire organization. The role of “Risk Architect” is built into their job description. Although organizations develop business silos [dedicated departments or functional areas] for good reasons, this “Built in Separation” makes it difficult for upstream, downstream and lateral communication. The CRO uses his/her architectural work to make connections (within business silos and across silos) that feed to efficiency and consistency in getting time & resources to where they are most important.
By playing up and putting design work into broader connections (functioning like an architect), TRMs will introduce immediate value to their process area and set the stage for more and better. By doing this, the TRM’s process area can serve as the landing spot for a broader ERM platform.
Risk Architecture – Your Role as a Risk Leader
Architects see the big picture. They don’t simply design 4 walls and a roof. They create the “Total Environment” that creates functional spaces that satisfy the needs in which people live and work. In the risk space, the CRO functions much the same way and “this role” (risk architect) is foundational to what they do.
Those who work in the Traditional Risk Manager space typically do not think in terms of risk architecture. In this section of the organizational risk puzzle, [hazard risk], policies and regulatory compliance is the focus. Although a piece of the puzzle, TRMs typically “incorrectly” start with the tactical and overlook needed “Risk Architectural Work”. The end result is that the tactical overwhelms them, more global natural connections are missed and important and valuable opportunities do not get advanced.
Traditional Risk Leaders can add significant value to their process area by “Playing Up” and taking a page out of the CRO’s book by building this strategic role (risk architecture) into their foundational job responsibilities.
Design for the Broader Risk Challenge
The irony is that when TRMs step out of “The Bubble” of their process area (pure risk) to understand the bigger picture that risk plays in the organization, they are already taking on the role of an architect. Put these thoughts and instincts to action and design your process area with the bigger risk challenge in mind.
Silos and politics are real in organizations. Your first role as a Risk Architect is to recognize these challenges and look at them as an opportunity. These are areas that “Never Even Get Brought Up” in organizations as obstacles. Without focus, these areas can be the single biggest contributor to bad cultures and poor outcomes. Acknowledge that silos & politics are a natural part of business environments and put design work into permeating these barriers.
Next, start designing strategic operational structure . Design in structure and logic to how your risk system will operate. Consider all organizational process areas and how important connections will be made. Consider how you will get groups of people on the same page (your 3 lines of defense). Consider the overwhelming amount of risk and how the data will be captured, organized ( risk Register), analyzed and used for making effective decisions that generate productive outcomes.
The next step is building your strategic Risk Assessment Process. Design a process that is robust enough to handle any risk/problem an organization faces. Design a standardized platform that puts structure to identifying, assessing and mitigating risk that can be consistently applied. Design this platform with an effective rating process so apples to apples comparisons can be made to allocate resources to where they are most important within silos and across silos.
Architects typically have tools/software that guides their process and design work into “Plans” that pull “everything and everybody” together. CROs use tools as well. If they are not using Enterprise Risk Management software, they will typically use standard Excel or Access to memorialize, drive processes and manage the data and controls to establish repeatable structure. As TRMs are memorializing their success, the blueprint can be as simple as an “Excel Workbook” that puts logic to time & resources and continuity to processes.
Traditional Risk Leaders are in the perfect position to support the CFO and executive team in a broader capacity. Play Up; think bigger than your process area. As a leader experienced in dealing with risk you have an incredible opportunity and are most qualified, most responsible and most required to move the organization to a more standardized process to deal with the global risk it faces.
Executive Risk Resources
Risk Innovation Group (RIG) is a company that specializes in Management & Risk Consulting that is focused on THE DESIGN OF RISK SYSTEMS AND EXECUTIVE RISK RESOURCES that enables risk leaders to operate strategically.
Mark Bennett
Founder & President