When did you last review your risk register? Crises are inevitable, some are preventable, and many can be mitigated through good governance.
In the current crisis, companies that adapted quickest were those with clear, well thought through business continuity plans, a mitigation that should form part of your risk register. That said, the current situation has left even the most well-prepared companies more exposed if a second risk/crisis occurred such as the failure of a key supplier or the loss of key talent. Reviewing your risk register now is more important than ever before.
As well as mitigating a crisis, the quality of a company’s decision making is strengthened by a well thought through ‘living’ risk register. Good risk governance lessens the reputational impact of a crisis as stakeholders are more forgiving of a well governed company.
Companies on average face a crisis every 4 or 5 years; that’s at least one during every CEO tenure and 2 or 3 during every non-executive director appointment period.
Your risk register should be a living internal document that involves the collaborative efforts of your senior team or executive committee; these individuals understand the inner workings of the business and are vital in identifying the risks and in quantifying their impact and probability.
The board should review the risk register at least annually. Oversight from the directors is vital as it provides objectivity, constructive challenge and facilitates a board discussion on the company’s risk appetite and risk tolerance, a key factor for many external investors.
Want to come out of the COVID-19 crisis stronger and be better prepared for the future?
Is your risk register fit for purpose? Download our Risk Register template here: