Tuesday, 23 June 2015


Nowadays no organization has absolute control over every aspect of its operations or reputation, from the smallest startup offering services through the internet to the complex supply chains of the largest companies. Risk management for these vital, complex extended enterprises that we rely on so much in our modern economies may be uncoordinated or inadequate.

We can read in the Extended Enterprise: Managing risk in complex 21st century organisations Executive Summary that up to 80% of operating costs today may originate from outside the organisation. This impacts in the intangible assets like the goodwill being remarkably more important appraising the value of companies. The amount of physical assets owned directly by companies has dropped in the past years, therefore the performance of extended enterprises in delivering that intangible value becomes more powerful. New information and communication technologies have facilitated the expansion of extended enterprises but have also introduced new risks that must be understood, considered and managed.

Several things need to be taken under consideration when addressing the risk in extended enterprises.

Modeling: Extended enterprise helps identify the ultimate location of risk across the network. It benefits the organisation by:
• Understanding the value chain through the system to develop performance and efficiency.
• Identifying key points in the network which control flows of information, physical goods or money so that risk and audit attention can be focused on these areas.
• Identify what can be controlled, what can be influenced and what can only be monitored.
• Improving the ability to be able to respond to external and internal shocks by understanding in advance what the effects might be
• Improving response times and reducing costs when dealing with an incident.

Building collaborative relationships: In the world of the extended enterprise, whether in the public, private or third sector, the risk of breakdown of relationships with customers, partners and suppliers deserves a higher profile. Increased outsourcing and use of external contractors tends to lead to a greater emphasis on the scope and rigor of contracts. The aim is to transfer risk and responsibility to the greatest extent and rely on the contract to allocate liability in the event of a break down. This approach can in itself be risky as the contract can only provide the financial and performance framework. It is unlikely to be able to influence integrated performance or softer but equally important aspects such as maintaining visions and values, culture, ethos and commitment. And it is the culture and values of an organisation that really drive excellent performance, not regulations and measures.
On the other hand there is significant potential for risk between leaders within industry sectors, possibly led by industry associations, to collaborate with each other to reduce overall supply risks and promote the long term health of the value chain in that sector.

Have a pro-active risk communication plan: As enterprises become more complex and diverse, it becomes increasingly difficult to ensure common linguistic understanding and interpretation of key messages. There is also a variety of new communications styles, including social media, which are difficult to control but impossible (and unwise) to ignore. Yet the need for clarity of communication becomes even more important: without it there is unlikely to be a uniform purpose, shared beliefs and ethics or a means to achieve assurance for all stakeholders.

Assurance in the enterprise: Direct supplier/partner relationships need a system of assurance that reflects the organisation’s risk profile. The assurance process should be structured (consistent and repeatable) agile and efficient. Automation which makes use of technological solutions may be the key to delivering such capabilities in some organisations. However other important elements include adopting a risk-based approach for categorising suppliers, ensuring that contracts give the organisation the right to audit and managing the relationship effectively.

I advice you to have a look to the before mentioned Extended Enterprise: Managing risk in complex 21st century organisations Executive Summary for a deeper and more extended information in the matter.

No comments:

Post a Comment