Enterprise risk is both external and internal, unfortunately. What a lot of company leaders tend to do, is throw a substantial amount of operating costs at risk control or security management, but do not inform employees of these measures that are to be taken. Risk control and security management is a necessity and an asset if employed effectively; however, if not employed effectively, it becomes an inactive expenditure.
Employees come with a lot of costs, of course, but by engaging employees in discussions and decisions on new measurements being implemented, compliance to these measures of each individual in themselves is raised, and they are more aware of other employees behaviours that you might not even know about, that are detrimental to the company. In other words, you are optimising your enterprise risk management strategy (“ERMS”) through employee engagement.
The leaders of the company, together with the risk manager (if one is employed) need to sit down and set out all of the targets (short term and long term), assess, create and implement controls needed, think about what would happen if an employee were to go against these controls, and how you could prevent that. Once that is all in place, you need to explain that all, in detail, to employees. Sector by sector in the company is best, as you can explain the impact each department and thus individual, has on the company – which tends to make employees feel more needed and important, which increases compliance, as they now have a ‘duty to save the company’ on a daily basis, not just in their work but in whatever they do in the workplace. This strategy needs to be employed throughout operational, strategic and financial risks.
Our Integrated Management System (MSX) merges all organizational systems and processes in to one common cohesive framework that drives business excellence and ensures continual improvement. MSX enables business leadership to view management performance across the business activities and assists leaders to make informed actionable decisions.
Employee engagement has an impact on both top-line revenue and bottom-line shrinkage, incidents, accidents and profitability. Internally, there is the possibility of data breaching, employee’s personal social media, inappropriate emails being sent from a company email address, and other factors that lead to the tainting or ruining of organisational reputation.
Where do you begin?
The way you analyse data needs to change from “enterprise risk management” tracking, to employee engagement tracking in compliance with your ERMS. Looking at data over an extended period of time, such as bi-annually or annually is when this data becomes very overwhelming. The best way to do it, is to do it monthly or every two months – the employee feedback loop must be at the speed of your business, so judge the frequency accordingly.
In each month, you should set out certain checks that need to be done, assess what the possible outcomes are (both negative and positive) and how you will handle those situations. For example, asking employees about the leadership in the business, the alignment between their objectives and the company’s objectives, and how can you improve on this. Perhaps monthly or quarterly health-checks.
This blog is part of a three-part series. The following two blogs cover a Four Pillar Model, which encompasses: alignment, motivation, resources and capability.
#2 CEOs: Alignment, Motivation & Resources- Employee Engagement in Enterprise Risk Management Strategy
#3 CEOs: Capability and Risk Team & HR Integration – Employee Engagement in Enterprise Risk Management Strategy
XGRC stands for Governance, Risk Management and Compliance.
XGRC’s Governance Solutions provide leadership, an integrated framework for effective planning and implementation of best business practices across all departments.
XGRC’s Risk Management Solutions enable management to make informed decisions to minimise business, environmental, health and safety risks in the organisation.
XGRC’s Compliance Solutions assist organisations in driving better compliance in line with recognised international standards such as ISO 9001, ISO 27001, ISO 14001 and more.
XGRC’s Sustainability Solutions help organisations deliver a robust and proactive approach to corporate sustainability with effective monitoring of the latest legislations and regulations.