Embracing complexity with value-based risk management
Issue 1, 2016
Risk
Reaching strategic goals in times of uncertainty

In the current environment uncertainties seem to be everywhere, making strategic planning more difficult than ever. Many companies use enterprise risk management (ERM) as a proven framework for managing risk. However, businesses are now looking to improve their track records when it comes to understanding and overcoming unwanted events. In this article the authors explore issues related to risk management and how the 6C framework can help.

The principles of risk management are well-established across large businesses, which clearly recognize that they need to manage uncertainty in order to meet their strategic objectives. This has never been more so than at present. Increasing industry convergence, accelerating technological disruption, and ever-higher ethical and social standards add further degrees of complexity to the mix.
Enterprise risk management (ERM) is a widely-adopted framework used to manage the full range of corporate risks. In a recent survey focusing on the energy and resources industry1 , 82% of respondents indicated that they had some form of ERM system in place. However, despite the prevalence and maturity of ERM systems, companies are still regularly caught out by significant unwanted events, sometimes catastrophic in nature, leading to loss of life or destruction of the business. Indeed, so-called ”black-swan“ events are less rare than is sometimes perceived, as we showed in a previous Prism article that predated the Deepwater Horizon drilling rig explosion2 . More recent examples include the highly publicized use of engine management software by Volkswagen to pass emissions tests. Strategies that expose an organization to risk in order to achieve an objective are common – but in this case it appears that the significance and/or likelihood of the unwanted event were underestimated.
As companies face a future of increasing uncertainty, disruption and complexity, it is therefore reasonable to ask whether current approaches such as conventional ERM are really still up to the job. Based on recent work in risk management with a range of global companies, we believe there are some practical ways to significantly improve the effectiveness of corporate risk management approaches: collectively, we call this value-based risk management (VBRM). In this article we explore issues related to such risk management and how VBRM approaches can help.