BT Group plc manages enterprise wide risk using
Active Risk Manager


BT Group plc, trading as BT, is a British multinational
telecommunications services company with operations in
around 170 countries. Through its BT Global Services
division it is a supplier of telecoms services to corporate
and government customers worldwide, while BT Consumer and BT Business are suppliers of telephony, broadband and subscription television services in GB.


Like all businesses BT is affected by risks and uncertainties, impacted by external and internal factors. The organisation needs to manage risk to meet its objectives, build shareholder value and promote its stakeholders’ interests. The company has in place an Enterprise Risk Management (ERM) framework, underpinned by Active Risk Manager (ARM) from Sword Active Risk.


All the lines of business within BT are required to manage risk within the framework, identifying and responding to the key risks to their business and recording them within the ARM application.


An early partnership approach


The partnership that exists today started as an early pilot project with Sword Active Risk (previously Strategic Thought Group) in 2003. At the time BT’s Global Services division deployed ARM for one of its major government contracts. Following the success of this early programme, ARM was soon rolled out more widely across the division for other key programmes.


Stephen Tait, Compliance Manager BT Group explains; "When BT wins a new business contract, it is often the case that different parts of the business are required to play a part in its delivery. This includes our BT Technology, Service and Operations (TSO) division which in many cases delivers services for such contracts, drawing upon other departments within the business. Having a robust mechanism to allow us to manage risks across teams is very important."


Implementing an Enterprise wide Risk Management framework


At a more strategic level, BT’s focus has been on implementing an enterprise-wide risk management framework.


According to Stephen Tait; "We conducted a feasibility study of how risk was managed across the organisation and found that there was an opportunity to move our lines of business onto a common risk management system. We worked with colleagues across BT to have ARM adopted and recognised as the standard approach for enterprise risk across the organisation, working with Active Risk to provide guidance and training as required. In doing so we are now able to aggregate risk across the whole organisation and break down the risks from different viewpoints."


Ease of use ensures widespread adoption


Introducing ARM has supported BT in its objective to roll out common templates across the business, ensuring consistency of data and methods.


"Due to its flexibility, ARM enables us to make changes ourselves in a structured way to meet our own requirements. Without too much effort we are able to create a format (record types) to suit different departmental work practices while keeping within our risk policies, getting more buy-in from the end users. This ensures that different parts of the business receive the templates and reports formatted in a way to suit their individual requirements. It means that the recording and reporting of risk is more thorough, but less people intensive," said Stephen.


"Once people started to understand what ARM could do and the benefits it offered, we started to see an increase in interest and demand across the BT business units. In fact, we are now in a position where the users are driving our evolution of ARM as much as the central risk team.


"ARM Lite has provided an ease of access for line of business staff and non-risk specialists which is of great benefit. It means that risk management can be built into their daily work, even used in conjunction with such applications as Microsoft Outlook. The full ARM solution can be used by the true risk professionals, providing an aggregated view for highly complex reporting and analysis, while ARM Lite can also be used with less in depth knowledge – ARM can be adapted to the differing requirements of the end user," said Stephen.


Helping to meet Compliance and Governance Requirements


The flexibility of ARM is now delivering more benefits to BT, as it is adopted for more specialised functions including governance and compliance.


Mike Thirlaway commented; "BT’s aspiration to taking an integrated approach to the wider GRC functions is testament to its commitment to managing risk and compliance across the organisation for the benefit of all stakeholders including customers, investors, partners and staff."


"ARM is an integral part of how we manage risk in BT. The value of having a single repository of the organisation’s risks is significant. Our focus now is on maximising the benefits the tool provides to help us meet our customer and contract obligations and give us further assurance that financial and reputational risks are securely managed.


"As a supplier, working with Sword Active Risk is easy. We have a trusted account manager that we have worked with for several years which means they understand our business and are able to help us to meet our risk management goals," concluded Stephen Tait.



Download the case study