• BA As Detective
  • IIBA Podcast Episode 4: User Experience
  • Why Agile isn’t Enough Part 4: Lean Startup Learn Phase and BA Techniques that Enhance it
Monday, 26 January 2015 13:29

Strategy Spotlight: 3 Organizational Structure Risk for the Business Enterprise

Written by

lannon Jan27
Recently I delivered a workshop on Risk Planning and Analysis for the Business Enterprise. I was asked about the various levels of risk within an organization. In response to that question, I explained that there are many levels of risk that could be organized along standard company structure. My preference is to use three structure approach - - strategic, tactical and operational.

Strategic Risk: Generally strategic risk is at the enterprise level and requires a business risk management enterprise plan. There are many models that can be used. At this level risk management, planning and analysis should be part of the strategic planning process. An enterprise risk management plan should be created that addresses strategic planning elements, cultural risk appetite and attitude, governance, stress testing, identification, measurement, response and control.  These elements should be brought forward as a standard in the rest of the organization. On a regular basis the organization should complete an enterprise risk environmental scan to ensure they keep their business risk artifacts current. 

Tactical Risk: This level of risk is at the project management level. Often it is part of the project management process for key approved initiatives. Its objective is the successful completion of the project while addressing risk concerns effectively and efficiently as possible. Often tactical risk analysis requires that the organization have a risk management plan that provides the guidelines as to how risk is to identified, qualified, quantified, responded, controlled and monitored. Guidelines should be provided by the business enterprise so that project teams do not create their own risk management standards.

Operational Risk: The here and now of any organization is the operational level. It is what happening with the frontline of the business from your customer facing employees, the manufacturing floor equipment and product assemblers, to the field maintenance people. Operational risk varies by company and by industry. One thing is for sure, operational risk needs to be aligned with business guiding principles to ensure people and equipment is functioning appropriately. For example, safety is a huge issue in a number of industries. Therefore, risk response mechanisms need to be put into operational place to minimize risk impact.

Risk management, planning and analysis are a huge discipline that impacts all levels of the organization. It is not something that is meant to be done neither in isolation nor with a single group. When you consider risk management consider all levels of your company. Maybe by putting together a solid risk management plan there will be a less of a need to carry a rabbits foot.

Don't forget to leave your comments below.

Read 10163 times
Richard Lannon

Richard takes the audience on a powerful journey, engaging people, bridging gaps and building business brainpower for better decisions and solutions for your organization. An award winning speaker, international publication contributor, business author and radio personality, Richard researches, writes and speaks on how to structure, engage people and transform business through strategic planning and leadership development for business analysts, project managers, entrepreneurs and professionals globally. Alongside his cross industry experience is a cheeky and fun personality. When Richard speaks get ready to be edu-tained. With his no nonsense approach, stories and examples, Richard guides you to a renewed vision, common direction and an action roadmap for your business success.  

Richard Lannon can be reached via his Website , eMail, Twitter, or LinkedIn 

BraveWorld Web Logo SET sig 150401

© BA Times.com 2019

macgregor logo white web