Government Organisations tasked with risky business…


Times are changing for government organisations, and for many it’s going to come as quite a shock. When it comes to risk, we haven’t seen anything that’s actually required government agencies to set up a framework that really aligns to processes. The framework is aimed to fully manage risk and proactively put tools in place to mitigate any potential outcomes.

By the 1st July, under new guidelines, it’s time for organisation to progress beyond compliance.

Rod Farrar, Director of Paladin Risk Management Services has been working with organisations for years, helping them to develop and implement risk management frameworks for their business. He explained how in many organisations, if risk management is done at all, it is in a token manner and is mainly seen as a compliance exercise – it does not add value to the organisation in any way. Even with the introduction of the PGPA, there is a danger that Government Agencies will do just enough to be compliant but it’s time to start looking at the wider strategic and operational picture. If embraced fully, in the long term, there’s huge potential to achieve the national objective of doing ‘more with less’.

It’s time for change

What needs to happen between now and July 1st? According to Rod, organisations need to embrace the true benefits of ERM to achieve their full potential: “Many Government organisations are in a situation where they spend more time crisis managing than they do on risk management. If they start to see risk management as more than a compliance activity, one which is fully integrated into their other organisational programs, then huge efficiencies are to be gained.

“There are some key areas that need to change, and it has to start with a culture shift driven from within. To manage risk effectively, we need to be working in a no blame culture, where we learn from our mistakes.”

“When you have a culture that embraces open discussion around mistakes, people are more encouraged to prevent it happening again and therefore adapt new processes. There’s absolutely no capability of a risk framework succeeding if there is a blame culture.”

For many organisations, this would require a big shift in culture, with support needed from top to bottom

“Everyone is accountable for driving a positive culture, management need to lead through open communication, but all tiers need to embrace change in order to switch from re-active to pro-active. There needs to be a transition from ‘doing risk management’ to ‘managing risk.’

“I look around the public service now and government agencies have to come up with efficiency dividends. This is usually done by reducing staff numbers. If we managed risk properly, however, efficiency dividends may not be needed.

Where the benefits can be seen

It seems clear there are some real benefits to be had for the entire business when risk management is seen as more than just a compliance exercise. Rod described the knock on effect that has seen many organisations dramatically improve operations:

“Organisations are currently spending too much time managing a crisis. It’s been shown that managing crises costs more than proactively managing risk.

“What risk management will do – if it’s integrated properly with strategic and business planning, compliance, performance management and internal audit is reduce the amount of work an organisation is required to do and will significantly reduce expenditure.   “Risk management has also been shown to improve objectives, planning and relationships with stakeholders.

 “Simply relying on risk champions within your organisation to be the focus of the risk management effort will not work – the organisation as a whole needs to embrace the program within a well-structured risk management framework.”

Join the Masterclass

During Enterprise Risk Management 2014, we’ll be holding a brand new one day masterclass: Governance, Risk and Compliance. Not sure whether it’s for you? Find out more

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s