Joanna Makomaski

Joanna Makomaski is a specialist in innovative enterprise risk management methods and implementation techniques. She can be reached at [email protected]

Column: Risk Management

The Price of Safety

By: | May 24, 2016 • 2 min read
Joanna Makomaski is a specialist in innovative enterprise risk management methods and implementation techniques. She can be reached at [email protected]

I was rushing to a meeting in downtown Toronto this week. I saw a streetcar coming my way and I jumped on to make better time.

Advertisement




In truth, I don’t often take public transit and had no idea what the fare was. I asked the driver, paid and then sat right up-front near him. We struck up a conversation — he was a chatty driver, which worked well because I’m a chatty passenger.

I observed his driver’s area. He was surrounded by several communication systems, mirrors and payment systems — a modern contactless smart card fare payment system and an old-fashioned cash box.

I asked him if he felt safe driving around with the cash box on board with him. I struck a nerve. I opened his Pandora’s box. The driver proceeded to tell me that for years he sat on the transit company’s health and safety committee, he felt that management didn’t seem to listen or care, or were apprehensive about spending money on safety issues.

Then he said it, the phrase that inspired this column. The phrase that I so often hear with so many of my clients, the phrase that makes me wince when I hear it:

“There is no price to safety.”

As unpopular as this may sound, I strongly disagree. There most definitely is a price to safety.

I felt badly that I agitated the driver and that he genuinely felt betrayed by management. I felt obliged to shed light on another perspective to hopefully alleviate some of his frustration and anxiety.

“If we truly want to show deep concern for employee well-being, let’s understand our most dangerous risks, mitigate them wisely, and then communicate the residual risk properly to our employees.”

I reaffirmed to him that life safety is indeed very precious. I stressed that it is impossible to make safety absolute and that it is bad business to do so. He didn’t like that.

I asked him: “What is the safest vehicle that exists on the planet? The presidential limousine, the Beast? Tank? Hummer? Volvo? Acura?”  He nodded in agreement. “What car do you drive at home, sir?” He answered: “A Chevy. I can’t afford those.”

“So clearly there is a price tag on safety. It is no different with businesses. They cannot spend unlimited funds to achieve the highest degrees of safety. They too can’t afford it.”

He turned in his chair. “Wow. You got me. Never thought of it that way.”

Employees do listen. But are they challenged by what they feel may be an apathetic or hypocritical management team? Is management possibly confusing their safety message? Negatively impacting their safety culture by not being straightforward?

A safety culture is driven by values, behaviors, health and safety investments, and goals. But all too often I see publicized safety mantras, key risk indicators, or performance measures that are linked to zero failures, injuries and risk. As catchy as a zero tolerance statement might sound, beyond the basic statement lies a plethora of legal issues and cultural misperceptions.

Advertisement




To achieve zero risk there has to be a plan for infinite investment in managing that risk. We all know that is impossible. So please let’s not tout it anymore, especially when it comes to life safety.

If we truly want to show deep concern for employee well-being, let’s understand our most dangerous risks, mitigate them wisely, and then communicate the residual risk properly to our employees.

The evidence is clear that safety is good business as long as we spend sensibly on safety management and we are straight up with our employees. They will understand. &

Share this article:

Column: Risk Management

Hunger for Risk

By: | April 28, 2016 • 2 min read
Joanna Makomaski is a specialist in innovative enterprise risk management methods and implementation techniques. She can be reached at [email protected]

We see them everywhere in our risk management world — the terms of art — “risk appetite and tolerance.” We are also seeing heightening obligations set by regulators and rating agencies guiding organizations to articulate their appetite for risk and tolerance of risk.

Research commissioned by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) urges an organization to “consider its risk appetite at the same time it decides which goals or operational tactics to pursue. To determine risk appetite, management, with board review and concurrence, should take three steps:

  • Develop risk appetite.
  • Communicate risk appetite.
  • Monitor and update risk appetite.

Three easy steps — but are they really? Things would be a lot easier if we could agree on what exactly “risk appetite and tolerance” means.

To express risk appetite, one has to truly understand strategic risks and create rules around which risks should be taken in order to achieve objectives.

Sometimes we can get overzealous with our risk taking, so it is prudent to give yourself a realistic cushion and set triggers to alert you when you are nearing unwanted risk thresholds.

To express risk appetite, one has to truly understand strategic risks and create rules around which risks should be taken in order to achieve objectives.

I call this zone “risk tolerance” — the level of excess risk you can take for a while before getting back to your normal risk-taking habits.

Advertisement




The subprime mortgage debacle that led to the latest financial crisis is a case in point.

In a market of ever-increasing house prices, it was tempting to grow mortgage revenue by relaxing underwriting criteria. If borrowers defaulted, the logic was, lenders could seize and resell the house. The problem was no one was accounting for total risk on the table and early warning signals went unheeded.

Relating your risk appetite and tolerance is akin to describing your consumption habits for risk. Risk appetite is about taking in healthy risk, not avoiding it. Not taking in risk when you need to could leave your organization unsatiated and unhealthy.

Consider Research in Motion (RIM), makers of the BlackBerry. According to the “Wall Street Journal,” RIM’s chiefs dismissed the iPhone after it was unveiled in 2007.

“It wasn’t a threat to RIM’s core business,” said the company founder’s top lieutenant, Larry Conlee.

“It wasn’t secure. It had rapid battery drain and a lousy [digital] keyboard.”

Clearly, the company was overlooking an important strategic risk.

COSO offered three easy steps for defining risk appetite and tolerance. Allow me to now offer mine.

Decide which risks you will eat and make sure they are good for you and not junk. Eat just enough to satisfy hunger for strategy achievement.

And make sure you continually measure your strategic objectives to ensure you are staying within bounds of your corporate stomach.

Share this article:

Column: Risk Management

ERM Kick-Start

By: | April 4, 2016 • 2 min read
Joanna Makomaski is a specialist in innovative enterprise risk management methods and implementation techniques. She can be reached at [email protected]

Living through many Canadian winters has allowed me to witness this very scene: Exasperated drivers stuck in the snow.

Tires whirl. They spin at high speeds, neither advancing nor falling back. How disheartening.

All too often I see this very problem with persons charged with implementing enterprise risk management (ERM) programs. I sense their frustration around the perceived futility of their efforts and lack of traction of ERM within the organization.

I hear comments such as: “I work really hard but no one seems to really care about ERM,” or “I can’t get any attention or resources to support my efforts.”

Stakeholders such as a CFOs and CEOs often have different agendas, needs, and expectations of ERM and risk assessment efforts. Do they understand they will be involved in the ERM effort and to what degree?

These individuals toil for months, even years, only to watch their ERM efforts get de-scheduled from the corporate agenda, rerouted to another division, outsourced or eliminated altogether.

Is there a solution? I believe so. Over the years, I have been using a system that I call: “ERM kick-start.” The genius of the ERM kick-start method is that it encourages you to do less, not more, to get further.

Similar to freeing your car from the snow — you should treat the gas pedal gently, make small motions, rock back and forth until you gain some traction and only then will you find yourself move forward.

The idea holds true with the ERM kick-start method. For those individuals who suffered less than successful attempts at ERM implementation, the first step to the ERM kick-start method involves taking a solid look at the journey already taken to date.

First, I’d verify if an ERM needs assessment was conducted. Were key stakeholders consulted on what they need and how they will benefit from the ERM program?

Advertisement




Stakeholders such as a CFOs and CEOs often have different agendas, needs, and expectations of ERM and risk assessment efforts. Do they understand they will be involved in the ERM effort and to what degree?

It is also critical to discuss the proposed currency expected for risk measurement with all stakeholders. Will risk assessment results be expressed in dollars, relative scores or qualitative descriptions?

Who will be looking at or using the risk evaluations results? When? Why? How often?

What is the planned protocol to validate, document, circulate and protect risk information? Where will the risk arbitrator sit? In other words, who will have final say as to whether a risk is a risk to the organization? How will risk efforts and response planning be widely communicated?

It is also critical to discuss the proposed currency expected for risk measurement with all stakeholders. Will risk assessment results be expressed in dollars, relative scores or qualitative descriptions?

ERM kick-start requires this kind of information to help shape a realistic ERM vision for the organization.

Traction is best gained by delivering on small chunks of your pre-agreed-to plan. Letting everyone know what you will deliver on, and showing progress will gain you support.

Deliver in smaller chunks and kick-start your ERM vision. &

Share this article: