It is an organisation’s people and corporate culture that drive its risk management and strategy
It is an organisation’s people and corporate culture that drive its risk management and strategy. Easy goals, as Jay Chander, Partner with Barker Henley discusses
All organisations operate in an environment of economic uncertainty. Subject to a wide range of internal and external influences, they are exposed to varying degrees of uncertainty and risk and this can directly affect their ability to achieve objectives.
Risk comes in many shapes and sizes, and can come from many directions, both internally and externally. The internationally recognised benchmark, ISO 31000:2009, Risk management – Principles and guidelines defines risk as “the effect of uncertainty on objectives”. Much time and energy is spent managing risk presented by economic and commercial forces to ensure sustainable profitability and growth, but we shouldn’t forget the significant risks that relate to maintaining the internal capabilities of an organisation - its people or human resources (HR).
All activities in an organisation involve varying degrees of people interaction and risk. In fact, every activity an organisation engages in, every decision it makes or fails to make, involves people and carries an element of risk, as well as some opportunity. This does not mean that we shirk away from risk - risk is a normal and unavoidable element in any business. The very nature of business is about taking risk by investing resources for reward.
And while risk is inevitable, there is a critical need for organisations to identify, understand, prioritise and manage key risks with a pragmatic, integrated and coordinated approach. The long-term and sustained success of an organisation relies on two key factors, both closely aligned with strategic objectives:
ERM has traditionally not focussed sufficiently on the human element. Strategy, culture, morale, productivity and governance all have a significant human component and can all adversely affect an organisation’s performance and future. In fact, the HR component is critical to risk management because:
The HR function has a critical role to play in risk management. HR needs to identify and manage its people risks effectively if it is to contribute to an organisation’s success. There are many people-related risk exposures that can have a significant impact on an organisation’s objectives and reputation, including:
• People and corporate culture
Lack of proper people management and staff engagement, failure to recognise teamwork and collaboration.
So, what can we do to align HR with ERM?
About the author
Jay Chander is a Sydney-based Partner with Barker Henley. He is a commercially focused Chartered Accountant, business consultant, advisor, executive trainer and author with extensive executive-level experience, and leads an experienced team in risk advisory, internal audit and business consultancy.
All organisations operate in an environment of economic uncertainty. Subject to a wide range of internal and external influences, they are exposed to varying degrees of uncertainty and risk and this can directly affect their ability to achieve objectives.
Risk comes in many shapes and sizes, and can come from many directions, both internally and externally. The internationally recognised benchmark, ISO 31000:2009, Risk management – Principles and guidelines defines risk as “the effect of uncertainty on objectives”. Much time and energy is spent managing risk presented by economic and commercial forces to ensure sustainable profitability and growth, but we shouldn’t forget the significant risks that relate to maintaining the internal capabilities of an organisation - its people or human resources (HR).
All activities in an organisation involve varying degrees of people interaction and risk. In fact, every activity an organisation engages in, every decision it makes or fails to make, involves people and carries an element of risk, as well as some opportunity. This does not mean that we shirk away from risk - risk is a normal and unavoidable element in any business. The very nature of business is about taking risk by investing resources for reward.
And while risk is inevitable, there is a critical need for organisations to identify, understand, prioritise and manage key risks with a pragmatic, integrated and coordinated approach. The long-term and sustained success of an organisation relies on two key factors, both closely aligned with strategic objectives:
- an effective Enterprise-wide Risk Management (ERM) framework, and
- HR management.
ERM has traditionally not focussed sufficiently on the human element. Strategy, culture, morale, productivity and governance all have a significant human component and can all adversely affect an organisation’s performance and future. In fact, the HR component is critical to risk management because:
- People are the biggest sources of risk and most risk exposures include a human element – it is the people, their behaviour and actions that cause risk
- People are also critical in managing risk - it’s the people and their actions that mitigate risk.
The HR function has a critical role to play in risk management. HR needs to identify and manage its people risks effectively if it is to contribute to an organisation’s success. There are many people-related risk exposures that can have a significant impact on an organisation’s objectives and reputation, including:
- Organisational structure, processes and systems
- Critical skills and talent management
- Succession planning
- Values, ethics and leadership
- Compliance and regulation
• People and corporate culture
Lack of proper people management and staff engagement, failure to recognise teamwork and collaboration.
- Training and development
- Performance measurement
- Remuneration and recognition
- WH&S
- Business interruption, continuity and recovery
So, what can we do to align HR with ERM?
- Ensure that your organisation’s HR activities include HR risk management
- Align HR plans with the overall business strategy and risk framework
- Implement a common risk management framework supported by appropriate standards throughout the organisation
- Clearly define key roles, responsibilities and reporting relating to risk management throughout the organisation
- Implement robust HR risk mitigating controls and treatment plans to respond appropriately to HR risks
- Ensure that HR is part of the Executive management who is charged with designing, implementing and maintaining an effective risk management infrastructure
- Obtain independent and objective assurance on the effectiveness of HR risk program.
About the author
Jay Chander is a Sydney-based Partner with Barker Henley. He is a commercially focused Chartered Accountant, business consultant, advisor, executive trainer and author with extensive executive-level experience, and leads an experienced team in risk advisory, internal audit and business consultancy.