Posts Tagged ‘risk management’

The second survey of Board Directors was just issued. The survey is conducted by Eisner Amper, audit, tax and business advisory professionals. They used their database and NACD’s Directorship magazine’s subscriber list of corporate directors. The survey reports on the opinions of 142 directors representing publicly and privately-held companies. 

One of the questions they asked was which risks are most important to their boards, that is, besides financial risk (which probably begs a 100% answer!).  The chart is below. At the top of the list is reputational risk — 69% said this is most important today. Reputational risk surpasses regulatory compliance risk (61%), CEO succession (55%) and IT risk (51%). I would posit that if this survey was done in the past few weeks, IT risk might have jumped up higher as a factor of major concern. The hacking and hobbling of computer networks at Boeing, Sony and the White House gmail accounts have had to certainly affect risk management concerns at board level.  With regard to security risks, Eisner Amper wisely says: “The tools of today’s business heavily revolve around information technology, the Internet, the speed and degree of data transmission, and the pervasiveness of social media.” And everything that affects business affects reputation.

Another question they asked which I like was where board directors go to for new information. In the 2011 survey, the leading sources were company management, publications, Internet, accounting/advisory firms and conferences (at 33%).  I liked seeing the importance of conferences among the other sources because I firmly believe that getting out of the office and listening to other points of views provide opportunities for thinking beyond the same old ways about the same old problems.  I wish I did more of this myself.  We all need to close the door on our silos. For board members, this is a good sources considering how the problems they face have to be on high boil these days.

At the end of their executive summary, Eiser Amper concludes:

“Protect. Protect. Protect. Reputational risk needs constant monitoring and analysis of the broader issues…Brand, company and personal reputation can change overnight. The speed of today’s business was unimagineable in years past, but its impact is real and protection is the name of the game.”

Korn/Ferry just released some new research among executives and board members worldwide. Risk management is clearly a topic du jour among the executive class. The survey found that nearly six in 10 (57%) are spending more time and attention on risk management. In light of the rolling crises that seem to be playing out in the media over the past eight months, it pays to be prepared and know what’s on the horizon. In our business at Weber Shandwick, crisis response and crisis preparedness seems to be on the upswing, thereby highlighting top execs’ concern over being in the “hot seat.”

Two findings stood out. First, a full 59% said that the recent scrutiny on reputation risk has had a good effect on how Boards perceive the need for crisis preparedness and reputation management. Steve Mader at K/F says that the survey “shows the majority of companies have already taken practical steps to enhance their risk management practices and awareness.” I agree.

Secondly, as you have heard me say and post, the CEO is the guardian of the company’s reputation which includes such components as people, products/services, responsibility, financial performance, leadership and “values” or “ethics.” K/F asked these executives who at the company has direct responsibility for risk management and the lead candidate was the CEO at 43%. Next to the CEO came the COO at 19%. CEOs continue to get all the blame for ethical or reputational transgressions and all the credit when things go right. That’s the deal.

I have posted about scenario planning before and wrote about it in my last book as well.  Scenario planning is a good way to plot what your leadership might do when their reputation falls off a cliff. I have always been fascinated by the process, especially when it works.  In fact, I have a recent Royal Dutch Shell Scenario Planning book that I bought from Amazon about three years ago. I keep it out on my desk as a reminder of a smart way to plan. It was amazing to me that it sold commercially.
Today’s WSJ had an article on the return of scenario planning. It was very popular after 9-11 when companies felt the urgent need to prepare for such sudden disasters. Apparently it lost some favor as the economy became bullish and everyone lost their senses. A study by Bain & Co. which I have used in presentations showed that  scenario planning had soared from 1999 to 2002 as a risk management tool (up 30%) among senior executives.  Now it is back on the upswing as we face unprecedented economic challenges.

I did not realize that scenario planning first surfaced in the US Military in the 1950s and became popular with companies such as GE and Shell in the 1970s. My mistake for believing that Royal Dutch Shell was the source.

Peter Schwartz, a partner at the Monitor Group and former head of the Global Business Network where I first learned about him, says that scenario planning is a learning tool and for making informed decisions. Not just a tool for the worst case scenario but a process for learning how to make the right and avoid the wrong decisions. The article ends on an upbeat note – that perhaps scenario planning can be used to plot possible responses to a business upturn.

Same could be said about reputation recovery. Time to start. Never too early. Only too late.

  There is a new officer title emerging that includes reputation as one of its responsibilities. I learned about this in an article on CSOonline.  The new (and not so new) title is Chief Security Officer and although it is still about business continuity and enterprise risk, it is quickly evolving to include brand protection and reputation security. We just have to be reminded of the Dominos incident to realize how important brand protection and integrity is nowadays. In addition, just think about what happens to your reputation when email scams, copyright infringement, phishing, brand high jacking, etc., accelerating even more.  As the head of global security at Caterpillar rightfully said: “With the proliferation of social interaction tools any company’s brand could be put under attack for a multitude of reasons. We all have to be very, very astute about watching for those emerging risks and to be able to deal with them.” 

The need for CSOs is all the more urgent. Our research among executives around the world about online reputation management found that confidential document leaks and negative employee chatter are keeping leaders up at night. [I read today that the federal deficit is keeping Obama up at night these days. High on his risk agenda I presume.] Companies need to do much more to protect their reputational integrity as well as that of their employees, partners, and supply chains.

Aon annually reports on global risks facing industries and is cited in the CSO article. Reputation damage is among the top 10 greatest risks that executives are concerned about. The survey was taken last fall when the economic news was fairly catastrophic and the U.S. presidential election was close. Therefore not surprising how high the first three risks are below.

The Top Ten Risks Around the World
1. Economic slowdown
2. Regulatory/legislative changes
3. Business interruption
4. Increasing competition
5. Commodity price risk
6. Damage to reputation
7. Cash flow/liquidity risk
8. Distribution or supply chain failure
9. Third-party liability
10. Failure to attract or retain top talent

Maybe we just need more CROs…chief reputation officers to combat this increasingly menacing reputation infection.

The Conference Board Reputation Risk Research Working Group issued a new report on Reputation Risk. They concluded from the working group and a survey among 148 large company risk management executives that risk management needs to be better integrated into the enterprise risk management (ERM) function. Only about one-half (49%) highly integrate the two.  The report provides insights into how some companies are measuring reputation risk and new tools that deliver on this need. Reputation Institute and Evolve24 are both cited. One of the findings that parallels ours is that social media is gaining traction in the corner suite but many executives are overlooking its risks.  According to the Conference Board report, only 34% of respondents stated that they extensively monitor social networking sites and an even fewer 10% actively participate. As I have said, the good news is that executives are no longer asking their assistants to print out their emails to read but they still have far to go in terms of understanding the new media and making it work for their companies in identifying opportunity and yes, early warning signs.