Skip to main content

SRM: Strategic Risk Management



 What is SRM / Strategic Risk Management?

Strategic risk management (SRM) is best described as the process of identifying, assessing, and managing any risk that affects organization's strategy, strategic objectives, and strategy execution. Does your organization have a such process? If you answered yes!, great. Your organization is ahead of many by having a strategic risk management. That’s great! Because that means you have overcome the challenges I talk about in my 5-part video series on Linking ERM to Strategy.


The best and simplest way to describe the strategic risk management process is to say that it requires managing key input variables (internal and external environments) and key output factors (mission, objectives, strategy, and policies).


These factors influence how strategy formulation, implementation, and evaluation and control are related, and how a change in any one factor (e.g., corporate objectives) affects other factors (e.g., strategies, policies, programs, budgets, procedures, evaluation and control techniques).


If you have a good strategic risk management processes, are you wondering how the strategic plan can be integrated with organization's operational risk management (ORM)? Linking SRM with ORM can create significant difference in your organization's ability to achieve its strategic objectives. Incorporating the insights from the strategic risk management activities through the process of risk identification, and addressing them as part of the business plans will ensure your success.


SRM also delves into ORM by promoting activities that reduce some of the identified strategic risks. Those activities will hopefully become a part of their regular operations and processes. We help organizations in creating SRM Action Plan that not only integrates with their ORM but also results in effective control mechanism to sustain future gains.





If your ERM program is stuck in neutral and needs a boost to get moving again, contact me to discuss how you can get a tailored action plan to achieve your ERM goals.


Do you want to help ensure your organization achieves its strategic objectives but are unsure how to proceed?   Are you struggling to get your risk management initiative off the ground or back on track? Contact me to discuss your program today for more insights into ERM.

 

Comments

Popular posts from this blog

How to benefit from a Fishbone or Ishikawa Diagram for Root Cause Analysis

What is root cause analysis?Root cause analysis is a structured process that helps healthcare, manufacturing and service sector managers and leaders in identifying contributing factors or causes of an accident, error, problem, event or occurrence. An accident, error, problem, event or occurrence are usually a result of a system rather than an individual mistakes. Understanding the system itself and contributing factors or causes of a system failure can help in preventing recurrences. Actions that are taken to address system failure helps in sustaining the improvements or corrective actions. What is a fishbone or ishikawa diagram? Each and every outcome or effect is an end result of actions taken/omitted or in general causes/ A cause and effect diagram representing this relationship between cause and effect is called a called a fishbone or ishikawa diagram. A fishbone diagram is a visual way to represent cause and effect. It is a more structured approach for brainstorming causes of a pro…

Operational Risk Management and Compliance Management in Emergency Department

Client Question Hi,
We recently underwent an Accreditation Canada visit and were cited for not using 2 patient identifiers. The nurse picked up the patient in the ED and she was familiar with the patient and neglected to check her name and DOB. Patient identifiers is something that we have been struggling with for the past two accreditations. We thought we had it all well in hand but it only takes one incident to get cited on failing the ROP. Does anyone have a process or audit tools that are used routinely to audit staff using 2 patient identifiers? Any help would be greatly appreciated. Thank you 
Response
In order to comply with the required organizational practices (ROPs), we first need to have a closer look at it. ROPs in this case are the standards that the organization is being held against and must meet. So lets understand what does the ROP actually require. Following is a statement from one of the ROPs that relate to the question at hand. On an average Accreditation Canada ha…
Risk Assessment is a process that provides the required information to decision makers on the uncertainties in relation to specific goals or objectives. Conducting risk assessments helps organizations in managing uncertainties. Typically risk assessment process consists of two key tasks. First, to identify risks and second, to analyze the identified risks.

The effect of risk can be either positive or negative. The negative effect comes from not meeting goals or objectives. The positive effect comes from meeting or exceeding set goals.

Key goal of risk assessment is to inform management at all levels of the risks faced by the organization and how those risks affect the organization's ability to meet objectives, as well as to identify potential risk treatment options.

When assessing risks, the risk manager should be mindful of overall risk appetite and risk tolerance.

Risk Appetite is defined as the total exposed amount that an organization wishes to undertake on the basis of risk-…