As 2015 comes to a close, it is a good time to observe how risk management has continued to mature and grow towards the fully legitimised business function that we at Protecht believe it should be. Looking back, 2015 has been a defining year for Protecht and the wider risk management community.
From the Protecht side, 2015 has seen us celebrate our 16th year, making us a relatively mature company in the risk management field! We have had our most successful year yet which has seen the addition of many new clients amongst a host of different industry sectors especially in the Government space. In turn, this has led to an exciting growth in our internal staff count.
Our clients are doing more exciting things in the Enterprise Risk Management (ERM) field, expanding the reach of our Protecht.ERM system into a wider process automation role such as contract management, rather than just the traditional areas like risk assessments, incident management and compliance.
From the wider industry perspective, there appears to be much more discussion around the tangible value adds of risk management rather than just minimising the “overhead” cost of maintaining the risk framework.
There is much more discussion around the opportunities that risk and risk management presents rather than focussing solely on the downside and, therefore, protection from risk. The three lines of defence governance model which continues to gain airplay has been challenged on the ground that it should include some element of attack, rather than just defend, recognising that it might be just as value destroying to take too little risk, rather than too much.
Risk management is being recognised more as a “management” concept, where the balance between risk and reward is the focus, rather than purely a risk minimisation function to the exclusion of the impact that has on reward.
We are expecting more of the same in 2016 as we see our clients continue to mature their risk management functions. We are also expecting to see a continued wider acceptance of risk management across all fields of business and government and expansion of ERM into all facets of day to day business and business processes.
This is summed up by a webinar we conducted during the year for the NSW Business Chamber entitled “Risk Management? Is it not just good management?” This trend was aptly demonstrated by one of our key clients during the year when they informed us that they were slowly removing the word “risk” from our system and given that Protecht.ERM was conceived as an Enterprise Risk Management system, we thought this was an interesting change! When asked why, they simply said “We don’t see risk management as a separate concept anymore, it’s just part of management.”
Here’s to a safe and Happy New Year and to looking forward to getting a step closer in moving risk management to its rightful place of just being good management.
Author of 'A Short Guide to Operational Risk', David Tattam is an internationally recognised specialist in all facets of risk management, particularly at the enterprise level. His career includes many years working with PwC, as well as two Australian banks. His achievements include the creation of the Middle Office (Risk Management Department) for The Industrial Bank of Japan in Australia and the complete implementation of all Australian operations, systems, procedures and controls for Westdeutsche Landesbank (WestLB).