Risks appear in a business no matter what you do as there are things that happen outside of the boundary of your influence. Things like changes to tax laws, HR matters (like diversity) and alterations to best practice by industry bodies. Each business has to review these risks and take the appropriate view for them and make any changes required once one of these things is bought to there attention.
The fly in the ointment is that there are some things we don’t know, and in law – ignorance is no defence. How are you meant to through life without getting hit in the back? The answer – Get familiar with your surroundings.
The Companies Act (2006) has a raft of “bits and pieces” that every company director (or senior manager in some cases) needs to understand and pay attention to. In fact there are 7 of these little ditties in the Companies Act (2006) that need to be noted and a decision made about what to do about them.
Insurance isn’t the only solution to everything, but it can offer good protection (or mitigation) to particular risks.
Your job is to decide which risks should be insured against and which should be mitigated in another way.
The most popular way (from a regulatory perspective) is policies and procedures.
Why do we need them? because everyone has to evidence what has been agreed. Policies are agreed by the board, or the owner(s) of a business, once presented by the director responsible for that part of the business. That could be finance, customer services, operations, marketing, IT, etc.
What is common to all elements is that they should all address the risks that have been identified for this business. It doesn’t matter, at this stage, whether they are based on legal requirements, the practice with the sector, or the practice for that particular set of documentation
Let’s take a look at HR for a moment. The major contributor, outside of legal frameworks, of documentation required to help support the risks that appear as soon as you employ someone is probably the standards set by CIPD. A cross-industry body like this carries great sway with regulators and these recommended standards should help businesses identify risks that they may not otherwise know about.
The other areas, mentioned above, can carry risks that straddle laws and regulations as well as those that are mentioned in other cross-industry standards like ISO.
Here’s some examples of how they can help:
Directors and managers know how to quantify what good looks like.
Staff know what level of competency they need to do to comply with their role.
Everyone will know where to turn should things need escalation.
The bar of acceptability is clearly set for everyone to see.
Effective policies and procedures help you become more efficient and can promote your business through obtaining certifications. These certifications help you be more trusted than your competitors and become a preferred partner.
If you have not reviewed your policies and procedures in the last 10 years, you are definitely going to be behind the curve and there’s going to be a lot to catch up on.
Our current business environment is moving faster than ever and the longer you leave something, the more critical – and maybe costly – the change you need to make will be.
Let’s not garble the message here. Good Risk Management means regular, and meaningful, review. Look for what isn’t quite right for now and for where you want to be . Knowing where and how to make smaller changes is better for everyone concerned.
It is so easy to apply the equivalent of a sticking plaster to cover up what is wrong. Just like the plaster you don’t necessarily deal with the problem underneath it and it can fester and make matters worse rather than better.
Unlike our bodies, our businesses never heal themselves. But like us, our businesses sometimes need a little bit of specialist help.
This means that the sticking plaster can be removed and a bright new shiny piece of your business can shine through.
Risks are found all over our businesses. Some are obvious and some are not. Worse, the ones that are obvious to some are oblivious to others. This reminds me of the conscious competency ladder, that one of my good friends utilises to great effect. You don’t know what you don’t know. Once you do know what you don’t know you have the choice to fix it.
Some things are relatively minor and while you now know that these potential issues are there you make an active choice to prioritise something else over fixing this risk. That’s acceptance – and we naturally do this in our own lives many times every week.
But what about those things that have real potential to do damage to your business. You’d fix them right? Sadly there are too many businesses chasing profit and efficiency that they forget about something else. Effectiveness.
Effectiveness doesn’t mean that you have to control the life out of something so that things will never go wrong. That’s impossible. As humans we are programmed to learn and improve. That is the real meaning of effectiveness.
In your business there will be opportunities for effectiveness because it will massively cut the likelihood of something going seriously wrong.
Effectiveness means making our actions count. Providing better customer service means reduced likelihood of complaint and greater opportunity for repeat custom – even gaining advocates. Who doesn’t want that.
It should never be just the result that counts, you will never have a secure business moving forward in this manner. Yes everyone learns and we can’t always get everything right first time. The way to win is to get everyone to work to the same goals, in the same way by understanding the ethos of the business.
So many businesses are now under the review of one governing body, or the provider of an accreditation, that how you get to the results matters just as much as the end result.
There’s only one way that this can be achieved and that is to make everyone understand and follow your right way of doing things. You should be looking to employ staff with personality traits that fit both the hole in the demographic that your personality profiling highlights and that do not clash with the ethos of your company.
The only sure way to get this through everyone is to communicate it – and from the top down too. A single message is, by far, the best way to let people know how your business ticks and what the key drivers are.
The risks in your business don’t care whether you can pay your mortgage or not. They concentrate on whether you business can survive, let alone thrive.
Good Risk Management can make a serious improvement to your business. It can be extremely healthy when dealt with by the right pair of hands.
If Richard Branson can acknowledge that his staff are one of his greatest assets why can’t you? Why, also, should they be bogged down by processes and systems that are ineffective? Effectiveness is better than outright speed for everyone involved.
Why should anyone not have easy access to information (yes, policies and procedures) that would make their job easier without losing the reputation for the quality of the product(s) that you provide?
Don’t allow issues to fester underneath a sticking plaster. You wouldn’t allow that to happen to you, so why allow it for your business?
Make sure you have the right toolkit for your business. Yes there will be standardised things, employment contracts, service contracts, policies, procedures, insurance, quality standards, but there’s so much more too.
Don’t let apathy and complacency damage your business. It needs care and attention to keep it going. To get it to thrive takes a lot more.
All of these nuggets underline the importance of good risk management. Getting it right will improve the bottom line because everything else will fit better.
Your governance process is what brings all of this together. Yes it’s important. Yes it’s probably the most boring part. Without dotting the “I’s” and crossing the “T’s” all of your hard work to now can easily be undone.
One reason people shy away from it is this: “If we know this is what we want to do, why do we have to do this part as well?”
The answer is completeness. Without the proof that everything has been done right and that information has bee shared correctly, your risks are not adequately covered.
Well, as it says in my main introduction to Governance (found here), Governance is a framework that brings together all of the practical elements of theory together in a single place. No-one will have the excuse of “I didn’t know”, or when was that decided, even who decided that then?
Nothing is more important than knowing you are following a proven route to improve how your business does what it does.
Remember that old saying, “fail to plan pan to fail”. Good Governance provides an effective way of knowing what you believe is around the corner. It won’t solve everything as there are always surprises in store, the Government will see to that.
Registered Address:
55 Crown St, Brentwood. CM14 4BD
Tel: 020 3026 5600
Mob: 07943 211611
Monday:
Tuesday:
Wednesday:
Thursday:
Friday:
Saturday:
Sunday:
8 am – 6 pm.
8 am – 6 pm.
8 am – 6 pm.
8 am – 6 pm.
8 am – 6 pm.
Closed
Closed
