Riskope’s Methodology: ORE (Optimum Risk Estimates)
At Riskope we understand that each industry and company is unique — with peculiar operating environments and system intricacies. That’s why, we created the ORE methodology and we custom tailor each ORE deployment to address our clients’ specific needs. ORE is NOT a programmable commercial platform such as Archer, Audit Board, or Isometrix. ORE is a methodology which allows for detailed, quantitative approaches that also enhances the visibility of systemic risks, interdependent exposures, and emerging issues.
ORE deployments are swift and the global related investment needed is a fraction of that of programmable commercial platforms. Updates are performed as needed and requested. Furthermore the attentive eye of Riskope experts helps ensure biases and conflicting interests are checked.
Why did Riskope develop ORE and use it for Risk Informed Decision Making?The backside of increasing efficiency and creating interconnected systems to foster productivity is a reduction of resilience and a proneness to systemic risks. For example hazards deriving from:
- climate change,
- financial crises and finally
- disinformation campaigns
can indeed create systemic shocks. It appears these are becoming more common and intense. Also, they are propagating further due to cascading probabilities and amplification of consequences.
Riskope believe that resilient behavior and sensible convergent quantitative risk can foster corporate and governmental leadership as well as competitive advantage.
The overarching principles Riskope follow to develop their actions are the following:
- If one designs a system to withstand all the credible worst-case accidents, the system is NOT “by definition” safe against any credible accident. By believing it to be so, one may expose the system, the environment and the public to unwanted dangers.
- There are no risk-free alternatives in any industry or endeavor. One needs to transparently evaluate the risks linked to any new solution or mitigation alternative including possible change in the systems. That is especially true in the current conditions of rapid geo- and socio-sphere changes. We have seen some projects inadvertently taking risks because of the implementation of new, “safer” solutions that seemed to constitute a universal panacea. Caution has to be exerted and the risk profiles of all alternatives have to be presented so that the decisions are as risk informed as possible.
- In our present world, clogged with codes and rules, it is not advisable to design any system with the aim of merely passing compliance tests “silo by silo”. Riskope advice is to always think in term of durability and sustainability, thus maximizing value creation and long-term profits.
- Probabilities change as the considered system evolves and they require updates. Frequencies, linked to long-term averages of occurrences, also vary but are slower to change. In heavy industrial applications one may well consider a horizon of two to five years and assume probabilities will remain fresh that long, but we need to keep an eye on this and perform updates as soon as needed, especially if divergence is likely.
What benefits should a modern risk approach bring to decision-makers?
A modern, convergent quantitative risk assessment should empower decision makers with answers to questions about different aspects of the risks. For instance, which risks are tolerable, intolerable but manageable, and finally intolerable and unmanageable. Defining tolerance thresholds makes it possible to provide a transparent definition of what constitutes a manageable risk. For example, if a risk above tolerance can be brought below the selected tolerance threshold before hitting the credibility limit, then that risk is manageable. There are various ways to preserve the economic livelihood of a company by mitigating its risks or transferring them.
The roadmap for mitigating an operation’s risks, expressed as relative value of the intolerable risks, helps maximize the time and resources of managers. Indeed it focuses on the most important issues and not necessarily on immediate issues. That is the ultimate goal of Risk Informed Decision Making (RIDM).
Risk Informed Decision Making is necessary to perform tactical and strategic planning based on:
- updatable and finally
statements and reports.
A systematic approach to Risk informed tactical and strategic planning
Especially when various layers of uncertainties surround alternatives, projects, operations, Risk Informed Decision Making is paramount. That’s because decision-makers need to understand the:
- assumptions made allowing to discuss and audit the evaluations,
- uncertainties surrounding the decision,
- probabilistic future behavior (evolution),
- benefits of updating risk information during the life cycle of the system and finally the
- benefits of a scalable (from “high level” to detailed operational, no information wasted) risk analysis system.
As a result, the ORE (Optimum Risk Estimates, ©Oboni Riskope Associates Inc.) approach needs to cover:
- physical losses (human and assets),
- business interruption (BI),
- environmental damages and, finally
- reputational damages and crisis potential.
Indeed, leading companies are turning to quantitative convergent, scalable enterprise risk management (ERM) methods in order to understand the consequences of potential business risks. That is because these approaches allow them to make informed decisions about how to prevent, manage, and mitigate impacts.
As an independent firm, Riskope deliver an impartial, third party evaluation of risks through a quantitative convergent, scalable enterprise risk management (ERM) method called ORE (Optimum Risk Estimates ©Oboni Riskope Associates Inc.). Our knowledgeable, senior professionals are fully engaged in all aspects of each project to provide clients with tailored attention, not pre-packaged studies.
ORE dashboards allow to understand:
- what are the most critical sources of threats to the company,
- which products and which hazardous sectors generate the largest potential losses. We split losses by type: physical, BI, environmental, etc., as needed. We look, for example, where the highest logistic risks are and, finally, to
- the distribution of media vulnerabilities within several divisions (projects, alternatives, operations, etc.) of a same company.
ORE applications are custom tailored to the specific needs of each client. Examples include:
ORE applications seamlessly integrate with the ORE-ERM framework and include specific algorithms for the evaluation of events’ probabilities and multi-dimensional consequences, risk tolerance and special aggregation of risks. ORE applications and ORE-ERM solve important questions that will save you and your company aggravation, scrutiny and pain.
Foster your company climate change adaptation, resilience, reduce cyber vulnerabilities through tactical and strategic risk informed planning. Contact us to learn more.