If the financial crisis has taught us one thing, it is that an unknown risk is an unmanaged risk. And far too many risks were simply off organizations’ radar. Regulatory focus is also increasingly on operational risk and enterprise risk. Many supervisors say these are the biggest risk category firms in general are now facing, and for regulated businesses, frameworks such as Solvency II and Basel III are heightening the importance of a structured approach.
Boards and the C-suite are realising the value that operational risk measurement and management, as well as enterprise risk management, offers as they seek to fulfil their businesses’ strategic goals.
To support this intelligent system support is needed enabling organizations to establish a framework for operational risk or enterprise risk based on their actual risk appetite which does not only include the known knowns. Risk managers need to be enabled to analyse any captured risk related information, thus the corporate risk intelligence, through the lenses of their organization’s various structures and reporting lines, so that both the cause and effect of ‘a risk’ can be fully understood. Reporting – whether it is on-screen, ad-hoc, or in a formal format – helps risk executives communicate their organization’s risk position to the business, senior management and the board. Such a pro-active risk management approach will empower executives to actively manage risks across the business, track the tasks others are expected to perform and report status to key stakeholders. The information contained within a central risk intelligence database can be linked to key deliverables in an organization’s risk appetite framework, enabling a holistic approach to measuring and managing risk.