When Managing Risk- Change Matters
One of the main drivers of my success over the years has been the ability to “change”. If you look around you, change is everywhere. In fact it is the only constant in life. Everything changes whether we like it or not, just as in the picture showing the new Seoul Train Station and the old one in the background.I’ve been fortunate enough over my career to adapt to change-whether by changing my law practice or by changing my location or even changing my perception of myself. In several instances, I even changed countries of residence. All the change in my life has contributed to what success I have achieved.
Change in careers happens if one is willing to grow and experience new avenues of life. I started out as a public defender in Florida and ended up as the general counsel of one of the largest consumer electronics companies in the world. I never expected I would end up as a general counsel of a major company, but I did grasp the willingness to change.
Change not only happens in life but in the workplace as well. For instance, risk managers must always be on the lookout for change. As business changes so do risks. As laws change so do the legal and regulatory threats. As a company’s appetite for risk changes, so does the management of risk. In essence, managing risk is not static- it is always evolving and always changing.
The concept of risk itself has changed over the years. Twenty five years ago, risk management was not perceived as a vital function in many organizations. Sometimes companies lumped risk management in with service or QA. But as the perception of risk has evolved along with compliance and SOX related laws, rules and regulations, risk is now deemed a major part of a company’s management structure. Loss control is now front and center as companies seek to control assets and maintain profitability in a very troubled and unpredictable business climate. In fact, many companies are now discussing Enterprise Risk Management (ERM) as if it a new concept.
Those organizations that perceive the need for a robust risk management function are most likely to weather the storm of litigation, fines, audits and investigations facing most companies today. Crisis management (part of risk management) is now front and center in many large organizations as well. Companies are now realizing that the perception by the public is far more important than the facts. Social media has created such a flat world that companies have little time to marshal the facts before the public has made up its mind as to who is at fault. How do you manage that crisis? When does an event become a major crisis or when does it evolve into one? How has it changed over the last few years and why? All concepts of risk are subject to change as are standard processes for identifying and eliminating risk. Metrics used 30 years ago are no longer valid in many cases. In fact, certain financial metrics used prior to 2008 may no longer be applicable. A company’s PR department is no longer capable of handling the media like it did in the past. Companies are now using third party risk management and crisis management consultants at a greater rate than before, which is understandable as the times have “changed”.
To handle risk and all of the consequences that it entails in an effective manner requires the willingness to embrace change. Companies must be willing to change their concept of risk and how to address it. Risk managers, lawyers and executive management must be willing to change risk management processes that may have been set in stone years ago. They must be willing to change not only how they perceive risk but how they handle risk.
Yes, change is everywhere.