Why De-RISK risk management?

What is risk management?

Risk can mean different things in different contexts: in banking and insurance, risk management tends to be a purely financial process for exposing and measuring financial exposure; to the manager of a nuclear power plant, risk management is about avoiding physical disaster; to the manager of a change project, it’s making sure that delivery is on time, within budget and ensuring that the project meets its stated objectives. In every case, risk is inevitable.

Why do you need risk management?

Whatever the context, risk management is essential, especially in a global, competitive marketplace where business processes are increasingly complex and transparent.

Essentially, increased complexity = increased risk.

If the risks inherent in business processes and business strategies aren’t captured, analysed and managed, organisations will operate at sub-optimal levels. When this happens, and risks become full-grown problems (or “Issues”), this costs an organisation time, money, reputation and jobs. Many organisations approach risk management on an informal, ad-hoc basis which is ineffective in complex business scenarios. This is why a formal risk management process is essential.


Think about an experienced mountaineer. Mountaineers know how to manage risk. They don’t climb beyond their abilities without taking all the necessary safety measures and precautions; e.g. the correct equipment, and sometimes a qualified guide. So why do businesses often try to undertake new ventures, using new technology, on a scale never attempted before without the right equipment – or a guide?

Risk is inherent in every business venture, but it is inevitably higher when you are pushing the limits. Risk is also entrepreneurial – if you don’t take risks you won’t reap rewards. However, if you do not manage those same risks effectively, the rewards will not materialise. Success comes through de-risking your ventures in a pro-active, ongoing way.

Put simply, any good risk taker also needs to be a good risk manager.


 The problems with “traditional risk management

These days, most organisations’ will have some form of “formal” risk management process. A traditional risk management framework will normally involve:

  • Identifying the risks to your strategy/programme/operations
  • Analysing the impact and probability of these risks.
  • Prioritising risks, from highest to lowest risk exposure.
  • Risk management planning & setting objectives.
  • Risk monitoring – deciding on the governance of these risks i.e. how risk management will be monitored by management and major stakeholders.

However, traditional risk management frameworks can often fall short or fail, for a number of reasons.

Risk is inevitably seen as negative concept

Many people are turned off by talking about negative things. Organisations naturally want to discuss positive things like objectives, plans, strategy etc

Issue management, not risk management

The general tendency to focus on today’s “issues” rather than tomorrow’s risks. This can result in reactive issue management, rather than pro-active risk management – effectively dealing with risks after they have happened.

Risk statements are too generic

Risk statements are captured which are too generic to communicate the real concerns and offer little insight to guide risk action planning. This furthers the perception that the risk process is not adding value. At the opposite end of the scale, some risk statements may resemble essays and therefore never get read by busy managers.

Risk actions are insufficiently proactive

Risk actions are often limited to what is already planned rather than what needs to be done in addition to this to address the root-cause of the risk. Risk actions are often generic and not broken down to specific tasks and therefore don’t get followed through. Essentially the risk management has no effect and is seen as an administrative overhead ie documenting what has been done rather than leading management action.


Complex businesses are inherently inefficient


  • Less than 20% of all significant projects meet their original timescales, budget and/or objectives.
  • Millions of pounds are lost through inefficient business processes that are easily fixable if you know where to look
  • Companies are literally going out of business as they watch their strategy crumble before their eyes as markets shift direction

For example, take a project of 30 people with an average daily resource cost of $400. For every day that project is delayed the budget will take a hit of $12,000. For every week of delay the cost goes up to $60,000 and a month will cost an extra $240,000.This does not take account of lost benefits, customer dissatisfaction and loss of reputation which may cost future business, and projects of this size are often many months late.

All of the above is avoidable for an investment of just a tiny fraction of their potential impact.




Why you need De-RISK

Our approach

De-RISK is an organisation set up to de-risk your business – your programmes and projects; your operations; your strategy and even your total enterprise.

To do this we use our bespoke ABCD (Assumption Based Communication Dynamics) methodology, a fully scalable approach to de-risking your organisation which focuses on positive assumptions, and measures their inherent risk. Our ABCD approach is scalable for all aspects of risk management:

Programme risk management – identifying the risks preventing a project or programme being delivered on time and within budget.

Operational risk management – identifying where supply chains and business processes are weak and inefficient.

Strategic Risk Management – identifying risks to your business strategy, and helping to re-align your business’s strategic goals to ensure success in an ever-changing market-place.

Enterprise risk management – capturing overall risk to a business or enterprise.


Delivering on clear objectives 

We will work with you to agree on a clear set of objectives and if we don’t deliver you pay nothing. These are some of the most common ways that we can help to de-risk your business.

  • Identifying critical risks that have not been identified.
  • Creating an effective risk management process.
  • Stopping the business from committing to unachievable objectives
  • Ensuring that an organisation’s strategy is sound in the current business environment.
  • Helping to design, train and coach the competencies for future risk management.

Clearly, we cannot guarantee that you meet all your business objectives – too many factors will be outside our control. But we can ensure that you are in the best possible position to either follow through and manage the risks or change the objectives to something that is achievable.

For example, a cost or timescale Strategic Target Analysis could be completed in as little as 2-3 days. Our mission is to add the maximum amount of value in the shortest time frame, transfer the essential knowledge and capabilities to your people. However, we are always available for ongoing coaching and support – both face-to-face and online.

Our experience

At De-RISK, we have a team with extensive experience in the following:

  • Large-scale change programmes (including complex IT and infrastructure projects)
  • Business Risk Management
  • Merger integration
  • Strategy development and stress testing
  • Executive coaching
  • Team building and conflict resolution

We operate to the highest Government and Board levels across virtually all industries and on a Global basis.

Some of our recent clients include:

PA Consulting
Salam Technology (Qatar)
HP Enterprise
Network Rail
Louis Berger (Qatar)
ADNIP (Abu Dhabi)
ILRI (Kenya and Ethiopia)
Oxfam UK
British Nuclear Fuels
HM Treasury
Dept for Work and Pensions
Ministry of Defence

Be sure to take a look at some of our case studies to see the level of positive impact risk management can have.

Would you like to know more about risk management?

We are confident that just an initial call will provide enough information to create a new outlook regarding the impact of risk management on your business.