Nowadays no organization has absolute control over every aspect of its operations or reputation, from the smallest startup offering services through the internet to the complex supply chains of the largest companies. Risk management for these vital, complex extended enterprises that we rely on so much in our modern economies may be uncoordinated or inadequate.
We can read in the Extended Enterprise: Managing risk in
complex 21st century organisations Executive Summary that up to 80%
of operating costs today may originate from outside the organisation. This
impacts in the intangible assets like the goodwill being remarkably more
important appraising the value of companies. The amount of physical assets
owned directly by companies has dropped in the past years, therefore the
performance of extended enterprises in delivering that intangible value becomes
more powerful. New information and communication technologies have facilitated
the expansion of extended enterprises but have also introduced new risks that
must be understood, considered and managed.
Several things need to be
taken under consideration when addressing the risk in extended enterprises.
Modeling: Extended
enterprise helps identify the ultimate location of risk across the network. It
benefits the organisation by:
• Understanding the value chain through the system to develop performance and efficiency.
• Identifying key points in the network which control flows of information, physical goods or money so that risk and audit attention can be focused on these areas.
• Identify what can be controlled, what can be influenced and what can only be monitored.
• Improving the ability to be able to respond to external and internal shocks by understanding in advance what the effects might be
• Improving response times and reducing costs when dealing with an incident.
• Understanding the value chain through the system to develop performance and efficiency.
• Identifying key points in the network which control flows of information, physical goods or money so that risk and audit attention can be focused on these areas.
• Identify what can be controlled, what can be influenced and what can only be monitored.
• Improving the ability to be able to respond to external and internal shocks by understanding in advance what the effects might be
• Improving response times and reducing costs when dealing with an incident.
Building collaborative
relationships: In the world of the extended
enterprise, whether in the public, private or third sector, the risk of
breakdown of relationships with customers, partners and suppliers deserves a
higher profile. Increased outsourcing and use of external contractors tends to
lead to a greater emphasis on the scope and rigor of contracts. The aim is to
transfer risk and responsibility to the greatest extent and rely on the
contract to allocate liability in the event of a break down. This approach can
in itself be risky as the contract can only provide the financial and
performance framework. It is unlikely to be able to influence integrated
performance or softer but equally important aspects such as maintaining visions
and values, culture, ethos and commitment. And it is the culture and values of
an organisation that really drive excellent performance, not regulations and
measures.
On the other hand there is significant potential for risk between leaders within industry sectors, possibly led by industry associations, to collaborate with each other to reduce overall supply risks and promote the long term health of the value chain in that sector.
On the other hand there is significant potential for risk between leaders within industry sectors, possibly led by industry associations, to collaborate with each other to reduce overall supply risks and promote the long term health of the value chain in that sector.
Have a pro-active risk
communication plan: As enterprises become more
complex and diverse, it becomes increasingly difficult to ensure common
linguistic understanding and interpretation of key messages. There is also a
variety of new communications styles, including social media, which are
difficult to control but impossible (and unwise) to ignore. Yet the need for
clarity of communication becomes even more important: without it there is
unlikely to be a uniform purpose, shared beliefs and ethics or a means to
achieve assurance for all stakeholders.
Assurance in the enterprise: Direct
supplier/partner relationships need a system of assurance that reflects the
organisation’s risk profile. The assurance process should be structured
(consistent and repeatable) agile and efficient. Automation which makes use of
technological solutions may be the key to delivering such capabilities in some
organisations. However other important elements include adopting a risk-based
approach for categorising suppliers, ensuring that contracts give the
organisation the right to audit and managing the relationship effectively.
I advice you to have a look to the before mentioned Extended Enterprise: Managing risk in complex 21st century organisations Executive Summary for a deeper and more extended information in the matter.
No comments:
Post a Comment