Risk Management

Working With You

We can help guide your team to identify, assess and prioritise risks, develop appropriate responses and implement robust assurance and reporting practices. This will improve your operational efficiency while fostering a culture of proactive risk management in your organisation

Elcern seeks to help clients better understand their risks in terms of both threat and opportunity

Even with an existing risk management approach that feeds reports to its stakeholders like funders and shareholders, its critical that the organisation learns from the sector, key commentators, risk studies and its own incidents to spot and tackle emerging risks and trends

Better understanding of the causes of risks is only one part of the approach. So often we find that the impacts of risks both as threats and opportunities are lacking in organisations' risk management approaches

On the threat side, that's often about quantifying financial, safety and reputational impacts. On the opportunity side its very much for us about helping the organisation make competitive or economic advantage from their ability to manage or accept a risk

Our Process

Using specialised tools and checklists we can advise on each individual stages of a client’s risk management processes. Here we draw on standards and our own benchmarks to identify gaps and improvement options. 

Risk Identification

We look for who the client involved in terms of stakeholders versus the business strategy and plans. Our checklists, and continuous peer assessments can support rich and deep brainstorming to try to ensure the big risks are brought forwards, versus the myriad of other risks that could be considered.

Risk Analysis

We can draw on benchmarks and market knowledge to test and support our client’s risk profiling of the identified risks. This stage can involve validating the client’s analysis process, including how it draws in past incident frequency and impact within the client and across the relevant market (see extract). Even at this stage we can help a client define, describe or amend their risk appetite versus the strategy and business plan in preparation to taking on appropriate risks.

Risk Evaluation

We can support or test the process used to prioritise the risks like bow ties and heatmaps. Heatmaps have their limitations and yet can be useful visualisations for your risk evaluations. They also serve to illustrate your organisation's tolerance for individual risks. 

Risk Reporting

We know how important a robust risk description is to getting traction on impact and frequency scoring to underpin a formal risk assessment. We can help you form a standard for how you want your risks described, and we can support your documentation of individual risks using that standard. A key aim can be to identify existing or required controls, monitoring and contingencies. We can then support the loading and maintenance of risk data for organisations that are using a cloud-based risk tooling.

Operational Risk Management

We can help bring forward the monitoring and dashboarding that may support management’s awareness and decision making. Here we may apply templates and process learnings to help each client tailor their risk information to what really matters to them. Communication processes can include supporting client’s use of tools like ServiceNow and Archer. Here its important that the risk management is more a background but key process and not a time-consuming duty to minimise risks of organisation fatigue.

Risk Governance

We can help check descriptions for the key roles needed to run the processes. This stage can include training client staff who may be unfamiliar with what has to be done and how much of their operational time should be given to this activity. Encouraging risk management to be a management tool rather than a compliance activity could be a key part of our training of client staff. Continuous improvements are also a key part of this stage.

Risk Management 
Insights

Looking at 
Risk Identification

Effective risk identification is a critical to successful enterprise risk management processes. This blog sets out some of our views on typical risks organisations especially those in digital infrastructure may consider in their assessments

Changing Temperature Impact
on Data Centres

 

Temperature data from the UK Met Office prompts thoughts on areas where data centre equipment, facility design...

 

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.