Skip to content

4 December, 2023

Advertise About Us
  • My Account
  • Subscribe
  • Log In
  • Log Out

Board Agenda

  • Governance
  • Strategy
  • Risk
  • Ethics
  • News
    • Categories

      • View All
      • Board Moves
    • FCA rules

      News round-up: this week in governance

      New FCA rules on ESG claims; psychologically safe board communications; IT and governance; how workers...

    • Proxy adviser warns LSE Proxy adviser warns LSE over governance

      Abolishing the public register of shareholder revolts ‘won’t stop capital providers exercising their democratic rights’,...

    • sustainability governance Sustainability governance is on the rise

      But despite greater corporate attention being paid to ESG, directors’ engagement with it is losing...

  • Insight
    • Categories

      • View all
      • Governance
      • Strategy
      • Risk
      • Ethics
      • Board Expertise
      • finance
      • Technology
    • purpose statement

      On purpose: crafting an authentic statement

      Purpose statements define how organisations align purpose and people. Here’s how to make a statement...

    • first-time CFO

      How to succeed as a first-time CFO

      The remit and responsibilities of the chief financial officer have changed, which can seem daunting...

    • ethical culture

      How to embed an ethical culture

      Business success depends on purpose—and therefore ethics—being the top item on any organisation’s board agenda.

  • Comment
      • View all
    • uk corporate governance

      Why UK corporate governance needs tightening up

      The LSE’s response to the government’s panicky U-turn on governance regulation is not helpful to...

    • faith in the UK Audit reform is essential to restore faith in the UK

      When it comes to understanding what attracts investors to a capital market, the London Stock...

    • U-turn on audit reform An uncomfortable U-turn on audit reform

      The government’s bonfire of the regulations expected for audit reform creates a source of uncertainty...

  • Interviews
      • View All Interviews
      • Podcasts
      • Webinars
    • reporting elements Boards urged to retain ‘beneficial’ reporting elements

      Although the government cancelled the requirement, resilience disclosures ‘cannot be wasted effort’, says senior auditco...

    • energy transition Collaboration is key to UK energy transition

      Communication, innovation and engagement are needed for the move to net zero, an expert panel...

    • helle bank jorgensen Helle Bank Jørgensen on governance, ESG and how board directors can become stewards of the future

      In spite of ESG toxicity in the US, she remains optimistic that companies are working...

  • Careers
      • View all
      • Selection
      • Board Moves
    • gender diversity study Academics criticise BlackRock gender diversity research

      Its methodology came under fire, with some critics also pointing out it was wrong to...

    • diversity of thought How to boost diversity of thought

      Companies benefit from diverse workforces, but also from having the input of different opinions and...

    • minority NED Number of minority NEDs drops

      Although there is some progress in diversity in other board roles, research suggests that boards...

  • Resource Centre
      • White Paper Downloads
      • Book Reviews
      • Corporate & Advisory Services
    • Risk Map: Top Risks 2024

      Control Risks' Top Risks for 2024 cut across the geopolitical, security, operational, regulatory, and cyber/digital...

    • A Director’s Guide to Conducting Internal Investigations 2023

      An internal investigation must be handled meticulously to avoid legal exposure, regulatory or criminal prosecution...

    • Spencer Stuart UK Board Index Highlights 2023 cover

      Spencer Stuart UK Board Index Highlights 2023

      The 2023 UK Spencer Stuart Board Index is a review of board composition and governance...

  • Events
  • Search by topic
    • Governance
    • Strategy
    • Risk
    • Ethics
    • Regulation
    • ESG
    • Investor Relations
    • Selection
    • Board Expertise
    • finance
    • Technology

Risk management lessons from the Covid-19 pandemic

by Julia Graham

Covid-19 has posed multiple challenges for risk management professionals. Agility, innovation and the ability to face uncertainty are key.

Businessman looking at Covid-19 risk management dashboard

Image: NicoElNino/Shutterstock

Throughout the Covid-19 pandemic, organisations and risk management professionals have responded in a variety of ways to limit the impact to their operations. Whilst some have reacted quickly, demonstrating robust leadership, flexibility and effective communication, others have struggled to do the right thing at the right time, putting additional pressure on their people, processes, and systems.

Leadership has been challenged by a lack of useful intelligence and data to support business decisions, leading to knee-jerk, short-term reactions. Some supply chains were caught off guard, with limited contingency plans for strategic sourcing options in an interconnected global crisis.

The Covid-19 pandemic is not a “black swan” risk. The black swan metaphor has promoted a mentality and sense of helplessness in the face of daunting threats and provided a cover for failing to act in the face of clear and present dangers.

Covid-19 and risk management challenges

People risk: At an operational level, many businesses’ processes were found wanting around the long-term business impact on office space; for example, the ability to supply home workers with laptops, monitors and basic office furniture to make working at home possible, safe and healthy. This scenario has escalated health and safety to “people risk management”, and as such, a higher profile of most organisational risk registers.

Supply chain risk: Decisions taken to achieve capital efficiencies can change the profile and shape of risks. Manufacturing plants consolidated into fewer, larger locations to leverage production cost savings, and a reduction of suppliers within supply chains to leverage discounting can collectively impact the business model and risk profile of an organisation. Changes may intensify location and supplier risk severity profiles and amplify risk aggregation through the connected effects of change. This will in turn impact business continuity and crisis management plans, which should be adjusted after running new scenarios, integrating holistic threat monitoring and event triggers, and modifying the level of readiness and agility required to respond. We anticipate a review of supply chain risks addressing the balance between global benefits and local controls.

Business continuity and crisis management: While Airmic members report a positive experience in terms of organisational crisis management response, and that as professionals they had the right competencies and mindsets to think and act at an enterprise level to deal effectively with the Covid-19 pandemic, they also reported a more critical role for risk professionals going forward and the supplementary knowledge and skills required to achieve this. This response was most notable in crisis management, in collaborative working generally, and in understanding the interconnectivity of different risks and engaging with business, specifically. Covid-19 has amplified the challenges of a siloed approach to risk management and clearly highlighted the challenges created by a disconnect between strategic risk and operational resilience and response.

The resilient organisation

Organisations that that have a culture of risk identification, scenario modelling and mitigation, as well as a system and culture encouraging them to “speak up”, are much better placed to respond to the fluidity of crises and to embrace innovation and the potential upsides of uncertainty.

Organisations that that have a culture of risk identification, scenario modelling and mitigation are much better placed to respond to the fluidity of crises

These organisations derive the strength of their culture from the tone set from the top, through visible executive support, through an active risk leadership and by demonstrating the value of risk in decision-making.

The resilient organisation requires significant board-level support but achieving and maintaining resilience and successful digital transformation is even more challenging. Research by Airmic has identified eight requirements for achieving resilience and digital transformation:

  1. A risk radar that is focused on emerging risks and developments in technology
  2. The resources and assets to be able to take full advantage of developments in technology
  3. Relationships and networks that are constantly developed and extended
  4. Rapid response supported by excellent communication within the organisation
  5. The ability to review and adapt to events to protect and enhance reputation
  6. Redesigned processes that embrace new technologies and encourage innovation
  7. Retention of stakeholders during the transformation by analysing big data
  8. Reinventing purpose by opportunity awareness, commitment and capabilities.

Corporate purpose is a way to express the organisation’s impact on the lives and objectives of its stakeholders. At no time has this been more critical than during the Covid-19 pandemic. A clear purpose inspires the organisation’s people to do good work. It can be an effective way to align effort across the organisation towards achieving a common goal. However, in a more socially connected and aware society, it is increasingly seen as a talent retention and recruitment selling point.

The pandemic risk effect

The onset of the Covid-19 pandemic challenged organisations and their leaders unlike anything else in recent memory. Many business leaders had to make decisions of strategic importance in real time, knowing that the impact on their employees and stakeholders could be extraordinary. Few decisions will have been perfect, and those made quickly and amid a panic-inducing global emergency will almost certainly require some adjustments.

As the crisis moves along, leaders need to take the opportunity to pause, record and reflect on the lessons learned. They need to avoid hard-to-reverse outcomes that may be regretted and ensure that what follows is designed and driven so that this is better. However, it is tough to look longer term when the crisis timeline loops back because of further pandemic spikes, as we all want to move towards a form of “normality” and economic recovery.

Alignment of risk intelligence and strategy

Dealing with long-term, rising-tide crises such as pandemics is not something that current organisational resilience has been set up to manage. Top management and risk professionals will need to be comfortable dealing with uncertainty, allowing them to better identify opportunities and threats, and rise to the occasion.

Organisations tend to focus on threats associated with the business environment, where materiality is clearest due to shifts in customer demand and the competitive landscape, and where they have more control over their choice of direction.

Top management and risk professionals will need to be comfortable dealing with uncertainty

Decisions taken by an organisation to achieve capital efficiencies can change the profile and shape of risks. Post-pandemic, manufacturing plants consolidated into fewer, larger locations and a reduction of suppliers within supply chains could collectively impact the business model.

Changes may intensify location and supplier risk severity profiles and amplify risk aggregation through the connected effects of change. This will in turn impact business continuity and crisis management plans, which should be adjusted after running new scenarios, integrating holistic threat monitoring and event triggers, and modifying the level of readiness and agility required to respond.

In practice, although a robust discussion of principal risks would also likely capture high-impact/ low-probability risks such as a pandemic, few organisations currently have a formal process for identifying these risks or can specify how they apply this in practice.

While the approach for these risks should be analytical, it should also be creative and pragmatic, reflecting the complexity of uncertainties to secure buy-in and actionable results. Often there are no right answers. Assessing probability is notoriously challenging for these risks and creating angst over doing this can act as a distraction.

Risk management beyond Covid

There is a host of risks that are visible and predictable and that businesses subconsciously choose to ignore. Big problems, such as impacts from a pandemic, are often neglected until it is too late.

Based on discussions with Airmic members, there is a tendency for organisations to manage risk in business silos and for senior leaders to play down high-impact/low-probability risks until they are on the risk register. Most resource assigned to managing risk continues to be focused on neartime, downside risks, rather than risks further out on the horizon.

A crisis may overtake an organisation before the risks have been fully understood

As the complexity of the world continues to increase, the pace of change heats up, further spikes of the pandemic potentially occur and recovery collides with further crises, these risks cannot be a strategic afterthought as we return to whatever “normal” might look like.

The frequency of risk assessment, analysis and response should be a function of how fast risks are changing and the level of their materiality, rather than be determined by traditional institutional administrative cycles. The dynamics of crisis management are different, and a crisis may overtake an organisation before the risks have been fully understood and the response options properly calibrated.

Risk professionals can have a role to ensure that strategy, tactics, and operations are fully synchronised and mindful of unanticipated eventualities. Organisations must move faster, drive innovation, and adapt to and shape their changing pandemic and post-pandemic environment. The key to successful agility is for risk professionals to develop new mindsets, for their competencies to move at the same pace and for them to operate as part of an integrated and collaborative team.

Julia Graham is deputy CEO and technical director at Airmic, the UK association of insurance and risk managers.

Related Posts

  • Battle of the boards: risk, ESG and two-tier board structures
    April 22, 2022
    Board risk meeting

    There is an inherent conflict of interest between main and executive boards, with two different time horizons and two different risk impacts.

  • Top stories of 2021: purpose and transformation amid the pandemic
    December 22, 2021
    Coloured lines unite to form red arrow

    Philosophical questions about corporate purpose and transformation joined ESG, diversity and AI as the thought-provoking themes of 2021.

  • Executive pay, sustainability KPIs and the climate crisis
    December 1, 2021
    CSO with green tie and leaf in his top pocket

    Linking KPIs to sustainability targets results in complexity. A focus on corporate purpose is a better way to tackle climate change.

  • Steps for a smooth and successful CEO transition
    January 18, 2022
    New CEO sitting in his office

    A succession plan is only the start: an effective CEO transition requires clear KPIs, objective assessment and ongoing board support.

For thoughtful journalism, expert insights on corporate governance and an extensive library of reports, guides and tools to help boards and directors navigate the complexities of their roles, subscribe to Board Agenda

board risk oversight, coronavirus, crisis management, Julia Graham, resilience, risk, risk management, strategy, supply chains

Search


Sign up to our Newsletter

Receive independent news, thoughtful journalism & expert insights about leadership, corporate governance & key boardroom issues straight to your inbox every week.

SIGN UP

Follow Us





Most Popular

  • Why UK corporate governance needs tightening up
  • Sustainability governance is on the rise
  • Proxy adviser warns LSE over governance
  • How to succeed as a first-time CFO
  • News round-up: this week in governance

Featured Partner Profile

Diligent

Diligent

Diligent Corporation, which was founded in 2001, is headquartered in New York, NY with a European HQ in London. Diligent’s modern governance platform empowers leaders and teams at every level of the organisation to digitally transform and create ...

Featured Partner Resources

Leadership ESG

Leadership in ESG Integration: a study into UK board oversight, implementation and disclosure

This research report is based on detailed response...
The Engagement Appeal: The Path to Inclusive Investor Engagement

The Engagement Appeal: The Path to Inclusive Investor Engagement

This is the inaugural white paper from The Engagem...
Mazars c-suite 2023

Mazars C-suite barometer 2023

The Mazars C-suite barometer is based on responses...

Stakeholder Engagement: A Roadmap for UK Plc Boards

This guide aims to provide directors and their col...

Digital Boards: How Technology Adoption is Driving Culture Change and Resiliency

Digital tools proved their worth to boards during ...
Leadership in AI report

Leadership in AI

This report from Board Agenda and Mazars, in assoc...

A Director's Guide to Conducting Internal Investigations 2023

An internal investigation must be handled meticulo...

ADVERTISE – FREE CORPORATE LISTING

FREE - Add your company profile to our Corporate & Advisory Directory.
ADD

ADVERTISE – PROMOTE YOUR REPORTS & WHITEPAPERS

FREE - Add your company profile to our Corporate & Advisory Directory.
Add Resource

Register Free

Register to receive free article views, selected resource downloads, and all the latest news alerts straight to your inbox. Register


  • Editors & Contributors
  • Editorial Advisory Board
  • Corporate & Advisory Services
  • Media Marketing Solutions
  • Contact Us
  • Careers
  • Board Director Network
  • Terms & Conditions
  • Privacy Policy
  • Cookies
  • Sitemap
|

Copyright © 2023 Questor Media Group Ltd.

  • Terms & Conditions
  • Privacy Policy
  • Sitemap