People usually think of risk as a bad thing – the exposure to danger, harm or the potential for losing something of value. Whilst it is essential that business leaders identify and reduce the likelihood of these consequences, it is equally important to consider how the same sources of risk can represent opportunities to strengthen the business.
I’ve recently discovered that the added-value potential of opportunities can be determined in a very similar way to assessing the risk of harm. Its not at all difficult and can add rigour to the planning process, highlighting the actions for the business to prioritise.
The new ISO management system standards define risk as the “effect of uncertainty”. An effect is “a deviation from the expected – positive and/or negative”. Uncertainty is the “state, even partial, of deficiency or information related to, understanding or knowledge of, an event, its consequences and likelihood”. This tells us that risk is not necessarily a “bad” – its just something we all need to manage.
The primary task of business leaders is to meet or exceed stakeholder expectations. Typical stakeholders include customers, workers, supply chain partners, regulatory authorities, investors and the general community. It is fundamental to good business management that business leaders know who their key stakeholders are.
Non-fulfilment of interested parties’ expectations poses strategic risks beyond mere reputational damage – loss of a key customer, huge financial penalties, court action or revocation of the site license to operate.
Executives who are proactive and improvement-focused determine key stakeholders and put processes in place to actively engage with them. Common expectations that relate to the environment are the prevention of pollution, energy and resource efficiency, biodiversity conservation and the minimisation of nuisance impacts – noise, vibration, odour and dust.
For worker health and safety, its the elimination of hazards and the systematic reduction of work-place accidents, injury and ill-health. Many of these broad expectations are shared by more than one stakeholder group – so its not too difficult to conduct a simple, top level review and keep it up-to-date.
But businesses don’t exist in a vacuum. Proper identification of the sources of risk and opportunity involves more than knowing customers. It involves scanning the entire internal and external environment to determine the relevant issues at any given time.
Consider the political/regulatory situation; economic/financial issues; social/community expectations; technological advancements and the natural environment – mother nature herself. These are sources of risk and opportunity that are constantly changing.
Most HSEQ systems lack a clear and transparent process for stakeholder needs identification, risk and opportunities assessment and the incorporation risk in decision making. But doing this well is not only good business practice, its a requirement of the new international standards.
We’ve developed a set of tools and can create a customised workshop to help your organisation incorporate these new requirements into existing management systems. Feel free to call me, (Suzy) on 0418862899 to discuss your particular needs.
This article was updated in May 2018 to reflect the release of ISO45001:2018.