Risk management for 2010

Peter Power, UK-based managing director of Visor Consultants and a specialist on scenario-based risk, crisis and Business Continuity for major corporations and governments around the world, arrives in South Africa this weekend as one of the keynote speakers at the annual Institute of Risk Management South Africa (IRMSA) conference.

Powers experience in evaluating and providing contingencies for anticipating risks associated with large scale projects, will be particularly relevant as South Africa gears up with its preparations for the 2010 Soccer World Cup.

"Evaluating risks and threats and coordinating our response has become an extension of sound Corporate Governance and Duty of Care, especially with a project as important as the 2010 World Cup," says Power.

Power, who is also the strategic partner for global risk and insurance brokerage, Aon Corporation, leading up to, and including World Cup 2010, says an incredible number of companies and individuals will be involved in the 2010 World Cup and other events during this period. Determining and managing the supply chain risk will be key for both the success of the event, and for every participating enterprise.

To prepare properly for 2010, South Africa has to convert the analyses of risks into something that is actually deliverable and operational. South Africa has a real opportunity with the 2010 World Cup to join up the dots and learn new ideas and methods of risk evaluation in the knowledge that in four years time the results will be on the world stage.

Power does however, caution that South African organisations could by comparison to other countries, be as much as five to 10 years behind in their Business Continuity planning and with the 2010 World Cup just around the corner, there is some real catching up to do.

"Too many organisations fall into the trap of thinking BC involves little else beyond the recovery of IT or otherwise concentrating only on what you can easily and physically measure and making that important. However, this leaves out reputation, critical supply chains and much more. Better by far to work out all the features that are vital to the organisation and then setting out how to measure how important they are and how to protect and recover them".

He says there are a number of drivers for BC including protection of reputation, brand and image, customer service, shareholder value, legislation / regulation / corp. governance, increased complexity of business operations, increased interdependencies and insurance conditions.

Power says when compared to say the Y2K threat six+ years ago, BC has for many people, evolved far beyond just assembling a bundle of papers designed to spuriously reassure people that the organisation can somehow cope in a disaster. BC should now be seen as a constant process to match evolving business risk and threat conditions. It has to embrace the entire organisation, not just IT, to keep all key business operations working (albeit at other sites) whatever the threat. BC should do what it implies:
enable all key business operations (and their supporting structures) to continue in a crisis situation. It should dove-tail exactly with the stated company position on Corporate Social Responsibility (CSR), Duty of Care and Risk Management."