• About us
  • Raising the Bar
  • Raising your Game
  • The Extra G - Geopolitical
  • Risk Matters - Roundtables
  • Leadership Team
  • Events
  • Blog
  • Contact
  • Menu

The Risk Coalition

  • About us
  • Raising the Bar
  • Raising your Game
  • The Extra G - Geopolitical
  • Risk Matters - Roundtables
  • Leadership Team
  • Events
  • Blog
  • Contact
Everything+is+connected+-+pexels-daria-shevtsova-1356300.jpg

Maintaining a dynamic approach to risk

February 11, 2021

If risk management was ever a theoretical exercise, the events of the last year have made it very real.  Covid-19 dominates of course but other factors – many of them interlinked with the pandemic – such as a global recession, supply chain risks, cyber threat and shifting attitudes towards social injustice and inequality also loom large. 

This environment highlights the fact that risks are not standalone and cannot be considered in isolation.  Their interconnectedness means that a static approach – with risk strategy reviewed perhaps once a year – is simply not enough.  A more dynamic approach is more important than ever. An approach in which risk and risk management are not viewed as back-up adjuncts to the business – but are continuously at the heart of strategic thinking and planning.

Our world has become a series of interlinking networks – of capital, foreign direct investment, financial instruments, supply chains, technology and communications, people and travel.  These networks change and heighten risks because they are interconnected.  The crystallisation of a small single risk event can create a rippling effect that causes much larger events to take place. 

Are an entity’s principal risks as clear as managing remote working and the impact of the pandemic on staff wellbeing?  Or would a more dynamic approach to risk assessment uncover more significant and strategic risks related to (say) the impact of increased global bifurcation between the US and China; an acceleration of the customer move to digital channels; or a growing emphasis on doing business locally?

 A dynamic approach to risk assessment has become a business imperative.  An approach built upon both network analysis to address the interconnectivity of risk; and the power of collective thinking to address some of the limitations of traditional models.  As Dr Andries Terblanche said in a recent KPMG Board Leadership Centre conversation about risk management, “extensive research has repeatedly found that, if you ask a diverse range of people about their views of the future, the results are always more accurate than the results of probabilistic models”.

Think about harnessing the people in the organisation who are likely to have the most accurate views about the future and future risks – the ‘super-forecasters’.  Think about how best to elicit their insights, both individually and collectively, around the principal risks facing the business.  Get them to help quantify the likelihood of each risk identified, along with the severity, velocity and interconnectedness. 

Done well and facilitated by the right AI and graph theory techniques, such an approach will give you the risk clusters and networks that reflect how the smartest people in the organisation think about the risks pertaining to it. 

Ultimately, however companies approach risk management, it should be dynamic, forward-looking and highly responsive.  It should map which other risks a given risk could trigger, and how rapid and severe the effects of that would be.  And it should be built into the very DNA of the business.

Timothy Copnell, KPMG Board Leadership Centre

Read  KPMG’s comment paper on the Risk Coalition’s principles-based guidance for board risk committees and risk functions in financial services, Raising the Bar.

Tags: Timothy Copnell
Prev / Next

Blog

Featured
Apr 15, 2025
Vera Cherepanova
The future of ESG: navigating a fragmented landscape
Apr 15, 2025
Vera Cherepanova
Apr 15, 2025
Vera Cherepanova
Mar 6, 2025
Mo Warsame, Gavin Hayes
Internal audit and risk management must work together to navigate uncertainty
Mar 6, 2025
Mo Warsame, Gavin Hayes
Mar 6, 2025
Mo Warsame, Gavin Hayes
Sep 4, 2024
Polly Williams, Mia Harris
Three key threats of phishing to be aware of
Sep 4, 2024
Polly Williams, Mia Harris
Sep 4, 2024
Polly Williams, Mia Harris
Aug 25, 2024
Felix Ritchie
Principles versus rules in data and corporate governance
Aug 25, 2024
Felix Ritchie
Aug 25, 2024
Felix Ritchie
Jul 16, 2024
Jane Hunter, Mia Harris
How can you maintain high standards in your business without suffering burnout?
Jul 16, 2024
Jane Hunter, Mia Harris
Jul 16, 2024
Jane Hunter, Mia Harris
Jun 2, 2024
Afshan Moeed
Enforcement of individual accountability in UK banking: a new boardroom recipe for change or continuity?
Jun 2, 2024
Afshan Moeed
Jun 2, 2024
Afshan Moeed
May 28, 2024
Craig Morris, Mia Harris
Three exciting new developments for AI in 2024 that you need to know about
May 28, 2024
Craig Morris, Mia Harris
May 28, 2024
Craig Morris, Mia Harris
May 24, 2024
Stefan Hunziker
The stuff of nightmares: risk management is shut down, and nobody notices
May 24, 2024
Stefan Hunziker
May 24, 2024
Stefan Hunziker
Mar 20, 2024
Neil Tinegate
What should boards know about digital technology?
Mar 20, 2024
Neil Tinegate
Mar 20, 2024
Neil Tinegate
Mar 15, 2024
Francis Kean
The insolvency risk for company directors - are you swimming naked?
Mar 15, 2024
Francis Kean
Mar 15, 2024
Francis Kean
Feb 29, 2024
Andy Watkins-Child
Are you sitting comfortably?  Cyber risk, board attestations and the implications for NEDs
Feb 29, 2024
Andy Watkins-Child
Feb 29, 2024
Andy Watkins-Child
Oct 24, 2023
Mamun Madaser
Risk management and internal audit should collaborate to navigate the poly-crisis of risk
Oct 24, 2023
Mamun Madaser
Oct 24, 2023
Mamun Madaser
Oct 18, 2023
Jim Watson
How to mitigate the risk of cyber security breaches – part 2
Oct 18, 2023
Jim Watson
Oct 18, 2023
Jim Watson
Oct 13, 2023
Nisha Sanghani
Risk management and internal controls: much (needed) work to do as a result of the proposed changes to the UK Corporate Governance Code
Oct 13, 2023
Nisha Sanghani
Oct 13, 2023
Nisha Sanghani
Oct 9, 2023
Jim Watson
How to mitigate the risk of cyber security breaches – part 1
Oct 9, 2023
Jim Watson
Oct 9, 2023
Jim Watson