The Institute of Risk Management South Africa (IRMSA) is looking forward to the launch of their IRMSA South Africa Risk Report 2020 in February this year.
This will be the sixth edition of this report and looking back over the past five editions it is disappointing to see that so many risks have materialised.
Disappointing because first, the South Africa and Industry risk profiles have remained largely the same and most of them materialised over this period – so the risks were well known and yet the risk responses were overall ineffective.
Looking ahead, risks that are making its way onto the South African and Industry risk radar are climate change, which has sporadically been included on South Africa’s risk profile, social disobedience, and pressure on South Africans’ Chapter 9 institutions, which include the Public Protector and the South Africa Human Rights Commission.
South Africa needs effective Chapter 9 institutions who uphold and enhance democracy on our behalf. IRMSA believes that a strong, ethical and independent leadership that visibly holds key role players accountable within the roles they have been voted into, is needed.
While the risk profession in South Africa isn’t lagging behind its international peers, board members, executive committees and CEOs of South African organisations should expect more from their risk managers.
This is however a “Tango” – Business must actively involve their risk managers (not just expect of or enable them to tick the boxes), and to actively be exposed to the business-critical information so that they can bring value to decisions.
Internationally, a risk manager will not be appointed if they cannot add value to the organisation’s performance. Risk managers are expected to confidently comment on the strategy and performance of an organisation and contribute to the company’s agility by delivering quality, timeous and relevant information.
Local companies should demand more from risk managers, and we should deliver.
For example, a risk manager with quantitative analytics skills who takes this approach can be more predictive and support the business’ strategy with alternative futures, which will lead to better decision-making. If businesses know what their options are and these options have been quantified, it gets easier to make the right decisions.
The risk manager who adds the most value to an organisation’s performance is the one who has accepted the notion that risk is about the future and that uncertainty is not confined to a risk register but that the integration of strategy, risk and resilience is a critical next step, if not already adopted.
Reflecting on the risks that have materialised over the past five years, many things have to be done differently. The first is ethical leadership, accompanied by pervasive and persistent accountability and consequence management. A very critical paradigm shift required by leadership is that risk responses that were effective in the past are not guaranteed to address the risks and opportunities of the future.
Thriving in a dynamic environment
There are three key requirements for companies to do more of the good, less of the bad and grow resilience to thrive in an ever-changing landscape.
Firstly, everyone needs to start talking about strategy, risk and resilience. Secondly, we need to clearly understand who our stakeholders are, the rules they play by, and the context in which this will happen. Lastly, organisations will need more agility and robustness in their governance processes.
Christopher Palm is the Chief Risk Advisor at the IRMSA.