Gartner’s Top 10 Factors for Integrated Risk Management Success
Sep 20th, 2017
I just read Gartner’s Top 10 Factors for Integrated Risk Management Success (here). We have discussed Gartner’s reports (here) and proposed techniques (here) in the past. This time around it is great to see such a convergence of opinions with the philosophy and concepts we have developed over the last twenty years. They constitute the fundamentals to produce and then successfully deploy ORE so many times around the world in various industries.
Gartner recommendations and key challenges.
Let’s first dive in the key challenges. The key challenges point is treating all all the risks in a unified way. This can only be performed using a right metric while removing the barriers between different information silos. Indeed we cannot, for example, treat IT risk separately if we want to have a comprehensive risk approach to business decisions.
The ORE platform allows integration and convergence in risk assessments, thus efficiently solving these challenges.
As for the recommendations, we totally agree that an effective framework is usually unique to your organization’s risk profile. That is because each organization is unique and demands unique deployments. That leads to understand how risks affect operations in an integrated or even convergent way, using ORE. ORE foresees a continuous updating loop to feed the risk portfolio with new hazards and organization’s goals.
This is great. However as the devil lies in the details, as I have seen so many times while deploying ORE. Gartner’s Top 10 Factors for Integrated Risk Management Success are sound concepts that have proven correct in Riskope’s practice of actual deployment. The challenge is to go from concepts to practice. Riskope has done precisely that over the last twenty years.
Riskope have pointed out so many times one very important truth: without properly defined terms all those ideas and concepts will remain nice, but fuzzy, narratives and any implementation will not be efficient. Furthermore ill defined glossary will fail in bringing answers to the challenges managers and decision-makers have. Without proper risk related glossary even a powerful and robust platform as ORE will not perform to its best.
Gartner’s Top 10 Factors for Integrated Risk Management Success key words
In their discussion Gartner use a number of keywords among which:
- Strategic risks ,
- Operational risks and finally
- IT risks
I really tried to look at their definitions, but could not find any. Once again, like in the London conference, definitions of keywords are left to the interpretation of the readers. At Riskope we have found ways to define in a clear and repeatable way what operational/tactical and strategic risk actually mean in respect to strategic tactical and operational planning. Gartner’s Top 10 Factors for Integrated Risk Management Success also seem to be looking at the strategic risks vs. operational risks in a siloed and “arbitrary” manner. That is opposed to having the framework actually delivering, as a result. which risk are operational and which ones are strategic. I will not even talk about IT risks which are not necessarily risks per se, but risks that will affect operations. “Siloing” them up is a very hazardous way of dealing with them.
I am delighted to see Gartner propose concepts and ideas with the goal of enhancing risk frameworks. However without properly defined terms this endeavour is inefficient and will likely fail.
Over the years Riskope have seen so many clients calling-in to get support in turning useless or misleading risk assessment into usable, robust decision-making tool.
Call me to discuss how you can reap the benefits of integrated, convergent, scalable and drillable risk assessments. They will support your endeavors and allow you to boldly go where your competitors do not dare to go.
Tagged with: Gartner, Gartner Customer Experience Management Maturity Model, Integrated Risk Management Success, IT risks, Operational risks and, Strategic risks
Category: Consequences, Optimum Risk Estimates, Risk analysis, Risk management