“Good risk management allows us to take risks we wouldn’t normally do,” said Brenda Boultwood , Senior Vice President of GRC Solutions at MetricStream. (GRC is the acronym for governance, risk management and compliance.) She was the second of two panellists at the webinar titled Explore Your Opportunity Landscape by Harnessing Your Risks, sponsored by the Global Association of Risk Professionals on November 18, 2015.
A company needs superior risk intelligence in order to understand the risks they plan to harness. Technology can be leveraged to capitalize on certain risks, Boultwood said. “We can act as the key enabler to a foundation of good strategic planning,” she said, referring to technology solutions providers.
There are three timelines to look at in risk management: “Current risks, emerging risks, and strategic risks.” The latter include “technological change, customer behavior, government regulation, and several foundational assumptions.”
“Risk intelligence is critical to harnessing the risks, to explore new opportunities,” she said. Wise use of technology can reduce the manual manipulation and can enable the workflow. For example, a risk manager not only verifies input, but can run checks and approve the data. Thus, good technology “provides a foundation for data quality.”
Over 80 percent of data in the firm is unstructured—such as e-mails and news sources, said Boultwood. There are challenges to maintain top quality standards for risk data. “It’s a highly dynamic environment.”
Boultwood touched on the recent scandal at Volkswagen. “It’s important to unite multiple perspectives on risk assessment,” she said. By getting communication between silos, the executives at Volkswagen could have discovered that they were giving impossible, conflicting, objectives.
In this era of big data, information overload is a danger. Can we support a robust risk culture? Compliance needs to do its “dental visits” while Enterprise Risk Management (ERM) tries to build its decision-making apparatus to engage in strategically profitable areas. A degree of consensus must exist across the board. We must also include the millennial generation in heightening a firm’s risk awareness, she said.
It’s vital to have transparency around actions and accountability through the business. For this reason, GRC practices help a company meet multiple objectives.
Boultwood described issues and actions. Risk toolkits include key risk indicators and key performance indicators. “We want to create a virtuous circle, from the Board of Directors, on down to the business units.”
A comprehensive risk solution will comprise advanced analytics, effective monitoring and communication. “Don’t just use point estimates,” she said: comparisons and trends give a fuller picture.ª
Disclaimer: TextMedic completes occasional contract work for MetricStream.