The production lines operate at maximum capacity, order books are full, and the next delivery date is at hand. The last batch is just leaving the coating line when the red light flashes: there are uncoated spots clearly visible on several parts.
Happily, this is not a major issue. The affected parts are stripped, cleaned and sent back to the coating line. Half a day later, the lot is ready for shipment.

Quick fix versus sustainable solution

You probably know similar situations, not only from a production context, but also from other parts of an organisation. A deviation is observed and almost instantaneously someone puts forth a solution – and often this solution remedies the deviation.
Unfortunately, most of these solutions are mere quick fixes, which only address the symptoms. They correct the observed deviation but not the underlying problem which caused the deviation in the first place. Thus the deviation is likely to re-occur later.
In contrast, a sustainable solution does not address the symptoms but the root cause. To address the cause generally requires a bit more time and effort compared to a quick fix. However, it also prevents the same mistake from happening again.

Reasons for a deviation

A deviation in this context means that the actual result does not line up with the expected result. This may happen due to two reasons: either the assumptions on which expectations are based are incorrect or there are flaws in the implementation.

Incorrect assumptions

If you are implementing something new, deviations are often caused by incorrect assumptions. Whether it comes to product development, process optimisation, or the implementation of new tools or methods – you always step out of your experience and explore a new terrain.
In a new environment with only partial information, expectations are mostly based on assumptions, either about the environment, functionalities or causal links. It is important to be aware of these assumptions.

Implementation flaws

If the expected results are not based on assumptions but are derived from a sound understanding of how various factors are correlated and interconnected, deviations often result from flaws in the implementation. It is well-known how to achieve the targeted results, but once or twice this best practice approach was abandoned.
This type of deviation is often observed in areas with clear and stable processes in place like large series production or other frequently repeated processes with low variance.

How to address deviations with long-term success?

If you want to get rid of a deviation once and for all, you should follow a three-step approach:

Analyse the deviation

First of all, you need to understand the type of deviation you are dealing with. Ask yourself whether your expectations are based on an extensive process knowledge or on mere assumptions. If the latter is the case, try to understand which assumptions you have made.

Analyse the root cause

Next, you need to understand the root cause of the deviation. You need to understand which assumptions were incorrect or where the way you implemented certain steps had flaws. Tools like 5-why or Ishikawa are quite useful.

Derive and implement measures

Once you understand the root cause you need to address it. If the cause is a flaw in the implementation, you need to ask: How can I prevent the process from slipping again? The answer usually is to be found in the design of the process or the control mechanism.
In the case of incorrect assumptions, you first of all need to replace faulty assumption. Afterwards, you need to assess how, based on your updated knowledge, you ought to proceed.
If you follow the three steps sketched out above, you will not only be able to correct deviations and failures but also come up with a sustainable solution and thus improve the quality of processes on a long-term basis.

The consultants completed their job and the corporate strategy is defined. After a two days’ workshop and three or four iterations of the report, the results are great: The company’s vision is now realigned, goals and targets for the next fiscal year are defined and a detailed action plan is derived. Shareholders, directors and management are satisfied and fully support both strategy and action plan.

The team enthusiastically starts working on the tasks, but soon daily business becomes top priority and strategic work is hardly performed. It is obvious in the mid-year review that the team will not be able to complete all the initiatives defined in the strategy workshop – and at the end of the year just one single project out of a dozen is completed and only one more reached implementation status.

Strategic planning vs. operational reality

I regularly come across stories like this. A corporate strategy is defined and a project for implementation is initiated. However, completion of the project fails because operational tasks are prioritised. There are many reasons, but you can make out some generic themes.

Assumed ability for change

“We always overestimate the change that will occur in the next two years and underestimate the change that will occur in the next ten.” This quote from Bill Gates is a fair summary: In the strategic planning for the next one or two years we often assume that we can achieve almost anything we’d like to. That the proposed change would be too much for the organisation, is only considered after the implementation failed.

Available resources
To implement a strategy, you need resources. If a company’s staff is busy with operational tasks, the organisation is simply not able to drive strategic projects and initiatives.

Lack of focus
And even if resources are available, daily business often compromises strategic work. It is the daily business which generates cash flow. Therefore, there is always a tendency to allocate resources to operational tasks, even if they were originally planned for strategic projects. This behaviour boosts short-term performance (and may be reasonable in some instances) but mostly results in issues with long-term strategy implementation.

Successful strategy implementation
I do not deny the importance of strategic planning, but it is the implementation of a strategy which supports success. To realise your strategy and thus secure long-term success of your company, you should focus on three things:

Realistic planning
The cornerstone of successful strategy implementation is realistic planning. Be true about what you and your organisation can achieve and plan accordingly. I propose to ask yourself two questions:

  1. What is it that I should do?
  2. What am I capable of doing?

In case you are not sure about the answer to question 2, you should work with priorities. This allows you to guide strategic initiatives according to their importance.

Providing resources
Once the planning is completed, you need to check whether you have the required resources for implementation available. This should include finance, skills and manpower. In case you identify a need, closing the gap is priority No 1. F this is about skills and manpower, you can either hire staff or engage a consultant.

Keep you focus
It is important for those responsible that they keep their focus on implementing strategy. Therefore you ought to make sure that managers and employees have sufficient free capacity for strategic initiatives.
In case an employee needs to be re-allocated from a strategic project to another task, you should carefully consider all aspects of the respective decision. You should not take such a step unless you are sure that the long-term benefit of an additional operational effort exceeds the value of the strategic project. Besides, such a decision should be documented – including the reasons for the decision.
If you plan realistically, provide the required resources and ensure that the team keeps its focus, you will probably be able to implement your strategy. And with a successful implementation of your strategy, your company will economically thrive.

 


The presentation of the project idea left everybody euphoric. The proposed product will revolutionise the market, return some 150€ to 200€ for each invested Euro and the market share in the target segment will rise above 50%. As this will also increase brand awareness, revenue and market share of the existing products is also expected to increase – and the company will be able to open up entirely new markets.
The next day the project is kicked off and the team starts working. However, the first project report is a frustration. Because the high level of uncertainty, the detailed risk evaluation reveals that the project risk is almost as high as the profit expected from the new product. After lengthy discussions, the project is given up just a few weeks after its kick-off.

What happened?

At first glance this story is an example of how risk analysis should support decision making. A promising idea was presented, a project for its realisation kicked off and risks and opportunities were analysed. With the new information the project was re-evaluated and then discontinued because the risks was seen as too high.
If you take a closer look at the facts, things are not as simple as they might look. The decision to stop the project was based on a comparison of the project risk and the projected product revenue. This comparison neglects other benefits of the new product for the company besides the revenue of the product itself.
The increase in market share, the positive effect on existing products and the opportunity to find new markets was not included in the decision. As all these factors have a positive impact on the company’s bottom line, one may assume that the company would have been better off with the project – even if the project risks are significantly higher than assumed in the beginning.

How to avoid such mistakes?

Silo mentality is still a reality in many companies. This facilitates situations as the one described in the beginning: Information is evaluated within only one part of an organisation. Decisions are based on the needs of a subset of the organisation and thus are rarely the best possible solution for the entire company.
To avoid this pitfall, you need to break the silo mentality. This can be achieved by a scenario approach (see “Four requirements for scenario planning” https://rno-consulting.com/en/vier-anforderungen-an-die-szenario-planung/). In the given setting, a three-scenario set-up is probably the best approach. However, it is important to create the scenarios from the company’s point of view.

Reference Scenario

The reference scenario describes the company’s future assuming the evaluated project will never be kicked off. Thus, it represents the status before putting the idea into practice. In companies which regularly use scenario planning, this scenario should already be available and therefore ready for use.

Nominal Scenario

The nominal scenario represents the development of the company if the project is completed as assumed. Usually, such a description is part of the initial project proposal and can be taken from there. The difference between the reference scenario and the nominal scenario represents the expected benefit of the project.

Risk Scenario

The risk scenario is a combination of the nominal scenario and the latest project risk evaluation. This scenario highlights the expected developments based on the identified and evaluated risks and opportunities.
The benefits of such an approach are obvious. By including the risk information in a scenario, all effects on the company are considered – and not only internal project effects. A comparison of the risk and the reference scenario shows the benefit which can be expected from the project. In addition, the difference between the nominal and the risk scenario highlights how far the project deviates from initial assumptions.
These three elements help to avoid faulty decisions like those in the above example. As a result, this approach is essential to successful risk management and, in the end, to economic success.


On hearing “continuous improvement”, many people thing of the Deming circle or PDCA: plan an improvement, implement it (do), check the results and act upon the them. Once the cycle is completed, it starts anew and thus realises continuous improvement. The second thought, however, may probably be something like “But it’s not that easy!” or “The theory is fine – but it never works that way in real life!” – and considering all the failed initiatives to implement continuous improvement, these thoughts are understandable.

Nevertheless, PDCA is an effective tool to implement continuous improvement. As in many cases, the problem is that this instrument is applied in the wrong way: surveying failed process improvement projects, one comes to the conclusion that mostly the use of tools is responsible for their failure – and not the tools themselves.

Process optimisation as cause-and-effect chain

Process optimisation along the lines of PDCA basically follows the logic of a cause-and-effect chain. An existing process is deliberately modified (= cause) and as a result the efficiency or effectiveness of the process improves (= effect). This sounds trivial but, far from it, actually significantly impacts the approach to process optimisation.

Causal relationship between cause and effect

If process optimisation follows the logic of cause-and-effect chains, then there is a causal relationship between cause and effect. This relationship is created by the process which is to be improved and the interfaces with other processes.

Generally, these causal relationships are not just linear dependencies but form complex networks. These networks are normally not limited to the process to be improved but linked to other processes and activities by interfaces.

Explicability of the effect

Another consequence of process improvement as a cause-and-effect chain is that you can explain the effect of any process modification. Causal relationship provides a rational explanation why a certain effect results from a given cause.

The rational explanation may be used in two ways. If the causal network is known, the effect of any modification can be predicted. Likewise, if both cause and effect are known, the causal network can be reconstructed.

Optimising causal networks based on PDCA

Given the implications of process optimization as a cause-and-effect chain, PDCA is ideal for continuous improvement. In this context, the respective steps are:

Start

Before first applying PDCA, the optimization target needs to be defined (see „How to optimise internal business processes“ [Link: https://rno-consulting.com/en/how-to-optimise-internal-business-processes/]). The target should be clearly defined and quantified whenever possible.

Plan

Based on the current understanding of the process, i.e. its causal network, an optimisation step is worked out which modifies to process depending on the defined target. Having done so, both the necessary measure (= cause) and the expected outcome (= effect) have to be described.

Do

The described step is implemented, with a constant monitoring of the resulting effects on the process.

Check

Once the optimisation step is implemented, the actual effects are compared with the expected ones. If the observed results match those expected in the plan-step, the PDCA iteration is completed. In case the overall target is met, the optimisation cycle is completed, otherwise another iteration begins (i.e. plan).

If the observed results were not expected, the current process knowledge needs to be adjusted. To allow for such an adjustment, it is essential to understand why the implemented change resulted in the observed effect.

Act

Once the causal relationship between the implemented measure and the observed effect is established, the knowledge about the process needs to be updated accordingly. The updated knowledge will then serve as a basis for another PDCA iteration.

Benefits from PDCA process optimisation

Using PDCA for process optimisation requires thorough application, which may prove difficult in busy day-to-day operations. Most of all, the analysis of unexpected effects is readily skipped in favour of quickly implemented fixes.

However, by sticking to the steps described above, you will win twice: First, you will achieve the set targets for process improvements. Second, your knowledge about relevant processes will increase.

You surely know such sentences:

  • “We have to do it this way!“
  • “There’s no other option!“
  • “It’s the only way to get through this!“
  • “There is no alternative!“

Such phrases are often used to justify unpopular decisions, not only in politics, but also in companies, clubs, or schools, i.e. not only the decision makers Themselves, but also other people are affected by the consequences of a decision.

The attractiveness of presenting decisions as the only way

Presenting something as the only alternative, as it is suggested by such phrases, does have its advantage: it makes matters seem urgent, and urgency is a pivotal element in change processes [1]. Also, if deviating paths of action are excluded right from the beginning, those concerned are discouraged from thinking about other options. So for a decision maker, putting forth a decision for which there are supposedly no alternatives definitely has its pros.

However, deciding on a single-option basis has serious disadvantages. If there is only one option to choose from, the actual decision has already been taken elsewhere. Thus you can assume that the decision makers will not back up their “decision” as they would do if they had really taken a decision on their own. In the context of change processes, this will weaken the leading coalition and not strengthen it [1].

Another effect of signing off on a decision rather than sincerely taking the decision is that decision makers will not think about and discuss a matter as thoroughly as they should. Therefore, an option for which there is no alternative way of action is hardly sufficiently elaborated and regularly not the best option for the organization.

Developing single option strategies?

Unfortunately, decisions options without alternatives are often difficult to recognise. Whenever there is only one answer to a strategic question, only one solution to an entrepreneurial problem, only one option in a decision paper, someone is trying to apply the concept of no alternatives.

This may not be done out of bad will, but unconsciousness does not make this approach any better: Such a decision does not match the ultimate potential of the organisation. Important strategic decisions are taken without sufficiently discussing the underlying problems and searching for different courses of action.

Strategy development as decision process

You can easily avoid single option strategies by conceiving strategy development as a decision process which features a real choice [3]. The idea put forth by Lafley et al. is based on a simple jet effective approach: For each strategic decision, define at least two contradicting options to choose from.

The resulting success is enormous. Since there are two or more competing options, discussion on the decision become more intense, the pros and cons are thoroughly discussed, and assumptions are critically reviewed. The outcome is a higher quality of strategic decisions.

Improved strategic decision making

In order to leverage the potential for increasing the quality of strategic decisions, a four-step approach can be used:

  1. Define alternative options;
  2. Identify success requirements and obstacles;
  3. Analyse feasibility and prospects;
  4. Decide on one option.

First, the decision options need to be defined. It is important that there are at least two options. These should be formulated in a way that only one of them can be implemented as the process is about choosing the best option for the company and not arriving at a compromise.

After drafting the strategic options, the requirements for a successful implementation and its obstacles need to be worked out for each of them. By sketching out the respective requirements you create a baseline for further evaluation.

Next, data need to be collected which supports or refutes the strategic options. The data available at the end of this step should be sufficient to judge the success and implementability of each of the options defined in the beginning.

Once all information is available, the final strategic decision can be taken. As the different ideas have been thoroughly considered throughout the decision making process based on hard data, the resulting decision on the company’s strategy is better adjusted to the actual situation of the company.

[1] J. P. Kotter (2012). „Leading Change”. Harvard Business Review Press: Boston, USA.

[3] A.G. Lafley et al. (2019). “Die Kunst der Strategieplanung”. In: Harvard Business Manager, Edition 1/2019, pages 44-53.

Active risk management helps companies to deal with insecurities, to reach operative and strategic goals and to improve the performance of the management system [1]. This makes it an important element in safeguarding entrepreneurial success. At the same time, risk management does not add direct, but merely indirect value, by avoiding risks or exploiting an opportunity.
Regrettably, legal requirements like the German Stock Corporation Act [2] do not provide sufficient hints how this task of optimisation can be solved by the individual company. However, the maturity concept for risk management offers helpful guidance as the model’s levels of development can be easily linked to the structure and characteristics of a specific enterprise.

Maturity Level 1: Linear companies

The first level of risk maturity is represented by companies characterised by linear structures. These companies are typically relatively small, have a limited portfolio of products and services, and their target market is clearly defined. As a result, the risks arising from the direct environment and internal processes can be easily handled by one person.
Accordingly, it is rather simple to meet the requirements for a risk management system in such settings. The only thing a company has to do is to make sure that there is at least one person who systematically keeps track of risks and evaluates them. Moreover, it must be guaranteed that this person takes a responsible part in decision-making processes and that relevant information about risks are duly considered.

Maturity Level 2: Ramified businesses

Businesses of the second level are marked by a ramified system of structures, resulting either from a division of labour (e.g. development – manufacturing – sales), parallel marketed products and services, or different target markets. This means that the company can no longer be controlled and managed by a single person alone, while each of the branches within the company structure still have the features of a linear enterprise.
Efficient risk management under such circumstances demands that it be shared: In each branch at least one person should adopt the role of a risk manager in charge of identifying, assessing and addressing risks in the respective area. If in all parts of a company this is to happen in more or less the same way, tools and processes for risk management have to be clearly defined and aligned with each other. Within these branches it is the risk managers’ job to make sure that the information about risks is sufficiently taken into account when decisions are made. To ensure that this is common practice even on the top management levels, a system of filing and transmitting information has to be created. In this way information collected on lower levels of a company will be equally accessible to higher levels.

Maturity Level 3: Matrix companies

Complex companies are characterised by a matrix structure. Communication and decision-making does not take place in a linear top-down or bottom-up manner, but both horizontally and vertically. As a consequence there are many interfaces where information has to be exchanged and decision-making is increasingly decentralised. Going along with this, information about risks has to be available at many different places. Decision-makers have to be capable of dealing with this information to handle risks and opportunities* effectively.
To meet these requirements, an effective risk management system must have tools and processes that run smoothly. It should be clearly defined where there are interfaces between different areas and how risks are transferred and re-evaluated in different settings. Also, information about relevant risks have to be accessible to all people who are responsible for making important decisions. At the same time, staff members need to have the necessary knowledge about risks and opportunities and the technical expertise for dealing with them. Their skills should comprise the ability to identify and assess risks, and to integrate them into decision-making processes. In this way the collected information about risks is sufficiently accurate and the information can be used efficiently and adequately.

Maturity Level 4: Risk-taking companies

Companies of the fourth stage have a high level of risk-taking, i.e. these companies systematically try to exploit opportunities by taking calculated risks, which, once a reality, can endanger the company as a whole or in parts.
It is an essential element of these companies’ business models to create an ideal balance between opportunities and risks. The requirements that matrix companies have to meet in terms of risk management have to be fulfilled for opportunity management as well. What is more, performance indicators should help to assess how efficient the respective risk and opportunity management strategies are. These indicators should of course be under constant surveillance and modified where necessary.

Maturity Level 5: High risk companies

The keyword “high risk companies” comprises two different types of enterprises: those whose main business is managing risks and those for which risks, once a reality, will have a desastrous impact on their environment.
In both cases it is essential to have effective risk management strategies. This requires that all risk management processes be systematically and constantly improved, on the basis of adequate performance indicators. Companies whose main job is risk management should also apply this to opportunity management.

 

[1] DIN ISO 31000:2018 Risk management – guidelines

[2] §91.2 AktG (German Stock Corporation Act)

*According to the definition [1], the term “risk” signifies both negative and positive effects of uncertainty on targets. In contrast, following the common usage, we here use “opportunity” for positive and “risk” for negative effects.

Internal business processes often cost a lot of time and money, as it is the efficiency of industrial processes that determines how much time and money is needed on all levels of a company, from manufacturing to business management. Thus optimising internal business processes has a direct impact on the performance and financial success of companies.

The concept of process optimisation

Process optimisation is nothing new. Ever since James P. Womack’s bestseller “The Machine that Changed the World” from the early nineties, Lean and other approaches to process optimisation have become common management practice. When you submit the keyword “process optimization” at Amazon, you are offered hundreds of books on this very subject.

Considering the vast offer of methods, tools and implementation assistance, today’s industrial processes should be perfect. There should be no waste of resources. It should be natural – and no longer be a competitive advantage – to have optimised processes however complex they be.

However, even almost 30 years after Lean & Co found their way into business, reality still looks different: People responsible for shaping internal processes act according to the motto “We’ve always done it like that”; in spite of changing environment, no adjustments are made to internal processes; things that go wrong are addressed only superficially rather than being used as a starting point for a thorough revamp; and attempts at initialising process optimisation regularly come to nothing.

5 Steps to Successful Process Optimisation

If you want to make sure that processes within your company run smoothly, without waste of resources and that your next process optimisation leads to a sustainable increase in productivity, you should follow these five steps:

1. Set your objectives accurately

Before starting to optimise internal processes, you should define what exactly it is you would like to improve: Are you concerned about reducing costs, enhancing quality or speeding up response mechanisms? Or are you going after something more complex, like, for instance, customer satisfaction or staff loyalty?

Besides defining the objectives, you should also consider how to measure success. This includes the data to be recorded, the timing of the data recording and any calculation required to evaluate progress.

2. Get to know the status quo

Having defined your objectives and targets, you should familiarise yourself with the current state of affairs within your enterprise. Knowing the status quo will help you identify weaknesses, outline the need for improvement to those involved and carving out starting points for process optimisation.

Furthermore, the analysis of the present state of affairs will help you to check how useful the criteria are which you have chosen for assessing success. At the same time, you build up a coherent frame of reference for your improvements, so that you can measure quantitatively how effective your methods are.

3. Choose a suitable method

The third step is about choosing a method suitable for the set target. Even if various industry pundits suggest something different – there is no one and only path to follow. Therefore, you have to find out yourself which of the available methods is most likely to lead you to success.

In case you should not have the necessary know-how in terms of proper methods and tools, or if you lack orientation in the jungle of approaches and strategies at hand and feel unfit to make a wise and informed choice, you can rely on the assistance of experienced management consultants. In this way you will prevent yourself from missing your targets just because you used inappropriate methods, hence safeguarding your economic success.

4. Get your optimisation project going and done

The next step is simply put: You have to put your project of optimising internal processes into practice. It goes without saying that this should be done comprehensively and with meticulous care, for otherwise the set targets cannot be fulfilled.

During the process of optimisation you should keep an eye on the measurements you have chosen to assess your progress. This will help you see at an early stage if the measures taken have the desired effect or if you might have to modify them.

5. Integrate your improvements into existing structures

Now only one last step is missing, which, however, is often overlooked although it is vital: Processes carried out by humans have a tendency to fall back into old, deeply ingrained habits. To avoid this, you have to make sure the new processes are firmly anchored, i.e. you need to create mechanisms to prevent this regression.

If you keep these five steps in mind when optimising internal business processes, you will truly improve the efficiency and financial success of your company and secure its long-term success.

Making strategic decisions in an insecure, constantly changing environment is challenging for two reasons: first, the changes a company faces are normally unpredictable and second, in most decision-making processes there are systematic weaknesses.

Using scenario planning to improve decision-making processes

According to Kees van der Heijden it is several different mechanisms that systematically paralyse strategic decision-making processes. In his studies he identifies seven such mechanisms which individually or in combination can cause a strategic paralysis of companies:

  • Ingrained, inflexible attitudes
  • contradictory, unaligned perception
  • prejudiced way of receiving and interpreting information
  • embedded biases
  • risk aversion
  • overconfidence
  • misjudging the accuracy of one’s own predictions

These mechanisms can easily affect decision-making processes in a negative way, especially if the environment of a company is exposed to substantial change. All this leads to errors in strategic decisions and, eventually, economic failure.
One way of avoiding these traps is scenario planning. Scenario planning visualises possible future developments. This process, usually cooperative and drawing on data from different sources, bypasses the pitfalls listed by van der Heijden. It systematically improves the effectiveness of strategic planning, which, in turn, will become more responsive to shifting circumstances.

Key criteria for scenarios

If scenario planning is to have such a positive effect on decision-making processes, the developed scenarios have to meet the following criteria:

Relevant

The forecast spectre of developments drafted by scenario tools must be relevant to the decisions in question. This means that scenario planning must take account of all dynamics that have an impact on relevant decisions and their consequences.
In a similar way this is true for the specified timeframe: for a comprehensive evaluation it should cover the whole range of possible decisions and their effects. If the created scenarios, however, go significantly beyond this time span, they might distract attention from essential issues.

Comprehensive

Apart from being relevant, scenarios should also be comprehensive. In this context the term ‘comprehensive’ means that both uncertainties and certainties are considered. Uncertainties, i.e. dynamic situations and constellations which may develop in any direction, form the basis for thinking up plausible futures. However, certainties, i.e. factors whose future development can be easily predicted, are just as important in scenario planning because they help scenarios remain realistic.

Sufficiently revealing and realistic

The scenarios created by scenario planning should be sufficiently revealing. This means that they should extend the scope of possible futures and their timeframe as far as possible. If this requirement is met by two, three or more scenarios depends on the specific case in question.
At the same time, the scenarios should remain realistic by remaining within the scope of the prognosis. This scope should be made plausible, wherever possible, by available data and studies.

Restricted

Every scenario developed in the context of scenario planning should be restricted. Scenarios are no predictions of the future, but describe a possible way that things might turn. Such an outline has a clear beginning, usually the present, and a defined end-point, which is the end of the timeframe under consideration. Between these defining points lies the description of a development which begins at the starting point and goes through right to the end-point.
If these four criteria for scenario planning are met, the scenarios will be a strong tool to avoid the described weaknesses in decision-making processes.

Increasing uncertainty, rapid changes of the environment and a constantly rising level of unpredictability urgently require an active risk management system for every business strategy. Top executives, project managers and department leads find themselves more and more confronted with a host of improbables, which they have to consider in their decision-making processes to secure long-term success and reach their goals and aspirations.

Assessing risk management processes

How successful risk management strategies are normally does not become clear until the set goals are achieved – or, if things go wrong: are missed. However, this approach to assessing quality is problematic as it is merely reactive. Potential for improvement can only be recognised and realised when it is actually too late.
It would be better to use a different approach that assesses the quality of risk management processes in companies independently of whether goals are reached or not. Potential for improvement should be identified before risks have already become a reality. One concept which meets these requirements is the maturity model, created to assess risk management strategies in companies.

Maturity concept for risk management systems

The maturity concept includes a reference model that helps integrate risk management strategies in companies. To do so, several aspects are examined and assessed, so that they can be systematically improved. These aspects cover very different perspectives, thus preparing the way for a holistic assessment of risk management systems.

Definition of processes and roles

How are risk management processes defined, what activities do these processes consist of and what roles are defined in this context?

Tools and documentation

What tools are used for risk management purposes and how is relevenat information documented?

Application and embedding

How are risk management processes and tools applied within the company and how are risk management processes integrated into other processes?

Interfaces and processing of information

What defined interfaces concerning risk management processes exist in the company and how is relevant information processed?
Training and development of skills
What mechanisms make sure that the right people have the necessary skills required for successful risk management?

Risk culture and awareness

How strong is risk awareness in the company and how closely is it linked with the respective corporate culture?

Use of the maturiy model for a successful risk management

The maturity concept has three different functions in terms of improving risk management processes in a company. First, the reference model helps describe risk management systems in a consistent way which at the same time fits the specific requirments of the individual company. These descriptions can be used as a target definition for risk management processes.
Second, this model makes it easy to analyse how much progress has already been made in implementing risk management strategies. Thanks to the holistic approach including different viewpoints, strengths and weaknesses and the current level of implementation become clearly obvious.
Finally, the reference model used in the maturity concept is a road map for improvement risk management systems in companies, particularly when it comes to developing and prioritising measures that ensure healthy and prospering growth.