We recently held a roundtable event in Toronto where we welcomed risk management professionals from across many industries including transportation, utilities, engineering, energy and construction. It was a great chance to discuss amongst peers how we apply the risk management discipline, sharing best practice and ideas. What made our event unique was our cross-industry approach – unlike many events which are often business specific.
We were delighted with the feedback received – attendees stated that they had gained real value from being able to discuss just the topic of risk in open conversations and how they approach and manage it within their organisation. Many were risk managers already working on large scale, high profile $3-5bn enterprise projects, where poor risk management can have a huge impact on costs and reputational damage. Indeed a number of the organizations attending were part of the same supply chains helping to deliver major programmes in Canada and they found it extremely helpful to be able to discuss risk across major consortiums without the constraints often imposed by contracts and the formality of structures programme meetings.
Reflecting on the event we found that there were five issues that emerged from the discussion.
The risk management process and reporting
The first was simply that the opportunity to share best practice was welcomed – how others approach risk management in their organisations, the challenges and the successes that they have achieved.
Another common theme was the Request for Services Proposal documents and the type of statements about risk that are built into major project tenders. While project owners may include a brief section on the need for contractors having robust risk management processes, when the owners ask these same contractors to report on risk management, they find themselves unable to deliver the detail that is required.
What is evident is that it needs to be clear upfront what is expected from a risk management process by the owners and that means articulating this from the start, through the contractor network.
Setting out standards
Out of this came the third notion of creating a consortium to manage risk – setting out standards of how risk would be managed and reported against. Creating clear standards in this way would also enable contractors to match their competencies against the risk management practices and performance levels outlined.
Indeed, representatives from two major contractors at our event shared the view that having a robust risk process in place is what differentiates them from others and gives a competitive edge.
It’s a board level issue – not just for risk managers
The fourth take out was that it is becoming increasingly commonplace for business leads to report on risk management to the board. So, not only is it on the board agenda, it is now being owned by the heads of each business line reporting performance to the board and not by the risk team.
Finally, as part of the objective of increasing risk maturity within their organisations to deliver increased value, risk managers are taking the bull by the horns and leading as educators on the importance of risk management to their organisations. To achieve the relevant understanding of the importance of risk-based discussions across the business we are seeing the risk teams bring in legal advisors, consultants and cross-functional teams to increase awareness and train departments and board members on risk management and the significance of this to the health and wealth of the company.
There is no doubt that there already is a degree of maturity in risk management in large, project-based organisations. But importantly, today risk management and risk managers are no longer operating in a silo in the company. Risk Management is starting to become an enterprise concern.
We will be exploring some of these themes in future articles and, of course, look forward to holding more similar events in the future.