Using the Kaizen approach to Risk Management by the Audit Committee (chapter 1 of 5)
The word Kaizen (改善), is Japanese for improvement. Some believe that it means change (for the better). In any case it refers to the philosophy or practices that focus on continuous improvement of processes, be it in manufacturing, engineering, business or risk management.
Kaizen has been applied in healthcare, psychotherapy, life-coaching, government, banking, and many other industries. When used in the risk management perspective, the word refers to the activities that continually improve all functions, and involves all employees from the CEO to the assembly line workers, applies to cross organizational processes including purchasing and logistics and supply chain.
In this article we focus on The Kaizen Risk management approach to improve, standardize, activities and processes, to eliminate duplication of efforts.
Risk management is an important element in any Audit Committee agenda. The benefits of effective risk management are huge because the exercise gives the audit committee the opportunity to determine and quantify the impact and seize the opportunities that occur due to faulty monitoring, processes and controls. Furthermore the Kaizen approach to Risk management will probably ensure that the committee is not constantly entering a "fire fighting" mode that needs to repair the failures that could have been prevented in the first place.
Risk Management is part and parcel of all processes, procedures and strategies
The first rule is to embed risk management in your processes, procedures and strategies. Every second year start a project with a catchy name and reap the benefits of employee involvement. This approach can always start with the training in risk management.
Analyses of the current risks
Understanding the current nature of a risk is a precondition for a determining your risk appetite and providing a risk response. Therefore take the time, resources and expertise to have a closer look at individual risks and understand what a risk management means to the various department heads and divisions.
Start with a small workshop to determine and analysis the different levels of risk.
- List the different causes and the circumstances that decrease or increase the likelihood of risks.
- List the different causes and the circumstances to understand a risk at an individual level
- List the different causes and effect that can make risks to occur
- Describe the effects take place immediately after a risk occurs
- Describe the effects of a risk that happen as a result of the primary effects or because time elapses.
The above answers will provide a detailed analysis and perhaps reveal the order and magnitude of the risks. The results can then be enlarged to include the effect in certain categories like costs, lead time or product quality etc.
After the results of the first exercise are examined, communicated and acted upon, embark on part II of the workshop from a different angle. Use the results of the first exercise to:
- List the different causes and the circumstances that focus on the processes or events that precede a risk occurrence,
- List the different causes and the circumstances that focus on the processes or events that precede a cause of the risk.
The information you gather in the above 2 workshops will provide valuable insights to determine the risk appetite, effective responses to optimize the management of risks with focus on Risk identification:
Identify the risks that are present in your processes and divisions considering a series of future scenarios. Scenario planning is a separate discipline that requires a different type of attention.
Combine a number of different identification methods and you have enough time left for the unexpected risks that take place by considering the various scenarios.
To get the most out of your scenario planning activities we can suggest a couple of CBS trained experts, because organizations are better at organizing business activities rather than prediction. Creating the right scenario-through careful design- cannot prepare for specific events, but rather for the small number of effects that can be triggered.
Get started with strategic scenario planning as an annual Audit Committee exercise. Send us an email with a couple of issues on scenario planning and we will connect you with the right expert without any obligation or cost.
In the next newsletter we continue the Kaizen approach to Risk Management by the Audit Committee with focus on communicating the risks, focus on positive risks considering both threats and opportunities, and clarifying risk ownership issues.