One of the main drivers of my success over the years has been the ability to “change”. If you look around you, change is everywhere. In fact, it is the only constant in life. Everything changes whether we like it or not. I’ve been fortunate enough over my 40 year career to change-whether by changing my law practice or by changing my location or even both. In several instances, I even changed countries of residence. All of the change I have gone through has contributed to what success I have achieved.
Change in careers happens if one is willing to grow and experience new avenues of life. I started out as a public defender in Florida and ended up as a general counsel of one of the largest consumer electronics companies in the world. I never expected I would end up as a GC, but I did grasp the willingness to change.
Change not only happens in everyday life but in the workplace as well. Risk managers must always be on the lookout for change. As business changes so do risks. As regulations change so do legal threats. As employees change or as a company’s appetite for risk changes, so does the internal management of risk. In essence, risk is not static- it is always evolving and always changing. So the management of risk must change as well.
The concept of risk itself has changed over the years. Twenty five years ago, risk management was not perceived as a vital function in many organizations. Sometimes companies lumped risk management in with Insurance, Service or QA. But as the perception of risk has evolved along with compliance and SOX related laws, rules and regulations, risk is now deemed a major part of a company’s management structure.
Those organizations that perceive the need for an up to date robust risk management function are most likely to weather the storm of litigation, fines, audits and investigations facing most companies today. Crisis management (part of risk management) is now front and center in many large organizations as well. Companies are realizing that the perception by the public is far more important than in many cases the facts. How do you manage a crisis? When does a serious event become a crisis? How has crisis management changed over the last few years and why? How has compliance changed? All concepts of risk are subject to change as are standard processes for identifying and eliminating risk. Metrics used 20 years ago are no longer valid in many cases. Look what happened in 2008.
To handle risk and all of the consequences that it entails in an effective manner requires the willingness to accept change and in many cases to seek change out. Companies must be willing to change their concept of risk. They must be willing to change processes that may have been set in stone years ago. They must be willing to change not only how they perceive risk but how they address risk.
Yes, change is everywhere.