June 26th 2012 was the inaugural World Risk Day. Its aim is to both encourage businesses to think about risk in smarter ways, embedding this thinking within their organisations and to ‘provide a global forum for business leaders to share best practices on how taking smarter risks drives corporate strategy, improves business confidence, and grows profits’. Moreover:
‘World Risk Day is based on the premise that the smarter management of risk can create big benefits for an organization. Many enterprises today are trying hard to increase their corporate risk maturity to gain visibility of risks and opportunities across their business. Risk directly impacts profitability and drives competitive advantage, but many conventional approaches to risk focus solely on compliance, leaving these benefits on the table.
World Risk Day is all about elevating the conversation around enterprise risk management and discussing how risk management is a strategic imperative that can create opportunity for an organization’.
In this sense, importance is increasingly placed upon risk assessment through ‘horizon scanning’ and the detection and response to emergent threats in a way that assures stakeholders or investors that all is ‘under control’, that the company has the ability to ‘bounce-back’ from such disruptions. For example, Yossi Sheffi, (2005) in The Resilient Enterprise, explored the response to disruptions that occur in private sector business functioning. He illustrated how this is focusing not only on security that might be deployed but on ‘corporate resilience’ and how it is possible that investments made to embed such resilience might in turn be beneficial in terms of ‘competitive advantage’. Reputational risk is also important here and requires careful management and will involve risk identification, prioritisation and developing appropriate responses, in order to build a robust and integrated risk management system that can forge a sustainable reputation. In short, the management of ‘reputational risk’ is now seen as a key element of good corporate governance and should be able to identify and proactively plan for events that might impact either positively or negatively on the organisation’s reputation and brand. Therefore resilience is seen as a key component of reputational risk management.
Such strategic thinking is now playing an increasingly important part in emergency situations and specifically in ensuring businesses continuity – a key aspect of urban resilience. Business Continuity Management is seen as “a management process that helps manage the risks to the smooth running of an organisation or delivery of a service, ensuring that the business can continue in the event of disruption”. From an Australian perspective Carl Gibson and Michael Tarrant have highlighted how organisations should enhance adaptive capacity to ‘better understand and address uncertainty in our internal and external environments’ arguing that ‘the basis of organisational resilience is a fundamental understanding and treatment of risk, particularly non-routine or disruption-related risk’. In a similar way Margaret Crichton and others in a 2009 paper entitled Enhancing Organizational Resilience Through Emergency Planning: Learnings from Cross-Sectoral Lessons argued, through examples drawn from emergency simulation exercises, that learning lessons from such events is vital and it is noted that:
‘organizations can become wiser by looking at incidents outside their own sector and by using these recurring themes to explore the resilience of their emergency plans’.
The focus on risk and risk management promoted by World Risk Day highlights a number of overarching questions for leaders of business and services: How then do businesses and organisation build and embed risk management processes into their strategic planning? How is this done proactively and hence more effectively to improve the adaptive capacity and resilience of organisations? How do organisations learn from the previous mistakes and weaknesses of themselves and others whilst increasing their resilience and protecting their brand? Do flexible, agile and joined-up organisational forms make them more resilient? And, perhaps critical in an austerity era, what are the costs and benefits of deploying such future proofing strategies?