4 Questions Every Retailer Should Be Asking About Risk

The risk landscape for retail businesses grows more complex every year. Increasingly, severe weather and natural disasters combined with IT failures, supply chain disruptions and cyber attacks create a volatile and unpredictable mix of threats. The consequences can derail e-commerce, decrease customer satisfaction, negatively impact revenue and even put the safety of both customers and employees in jeopardy.

But it’s not all bad news. Retail is an ever-growing industry, particularly in the digital sector, where sales from online shopping exceeded $4.2 trillion worldwide in 2021. Given this growth, the opportunities for expansion are undeniable. But a lack of attention to risk management can quickly thwart even the most ambitious retailer’s goals.

So how do you offset the bad while taking advantage of the good? Fast, accurate information is essential to effectively navigate today’s risk landscape and strengthen organizational resilience. Vast quantities of data are available, but research and experience have shown time and again that precise filtering is impossible using only traditional methods. Fortunately, that research has also provided valuable insights into better, more modern, alternatives.

Research Reveals Retailers Are at Risk

Across major industries and multiple countries, organizations struggle to manage risks and are largely unprepared for critical events that are increasing in both scope and intensity, according to a commissioned study conducted by Forrester Consulting on behalf of OnSolve, Failing To Plan Is Planning To Fail.

Retailers agreed that risk management is likely to be more complex two years from now than it is today. That’s no surprise given the wide range of incidents impacting retail organizations during the past 12 to 18 months:

  • Physical Security Breach: 38%
  • Environmental/Natural Disaster: 28%
  • Cyber Attack: 28%
  • IT Failure: 22%
  • Intellectual or Physical Property Theft: 20%
  • Active Shooter: 18%
  • Pandemic: 18%
  • Weather-related: 16%
  • Civil Unrest 12%

A broad and complex risk landscape calls for a new approach to risk management. However, only 14 percent of retailers described their organization’s current risk management strategy as optimized in the Forrester study. Additionally, less than half (48 percent) rated their incident response as effective or optimized across all risk vectors.

What’s even more unsettling is the majority aren’t making plans to improve in the future. Only 24 percent expect their risk management strategy to be optimized 18 months from now. With threats coming from so many areas and often without warning, retailers can no longer afford to put risk management on the back shelf.

Instead, retailers need to invest in a modern and comprehensive critical event management (CEM) strategy. When done right, the returns are significant. In fact, organizations with advanced CEM capabilities are 6.5 times more likely to have an optimized response to incidents affecting operations, as compared to those with lower-performing CEM strategies, according to the Forrester study. Clearly, it’s time for retailers to make the move toward better CEM.

Take Stock of Retail Risk: 4 Key Questions

Improving your critical event management strategy starts with reevaluating the organizational priority and taking stock of current practices and processes when it comes to risk management. When evaluating your organization’s level of risk preparedness, use these four questions as a starting point. Compare your responses to the results uncovered by the Forrester study to determine where you need to make changes.

1.  Are you able to quickly identify and respond to an incident that can damage your reputation?

This includes both a plan of action and the technology to carry it out. For example, retailers need a messaging plan to handle media relations during and after a critical event and a way to communicate with customers and suppliers. Messages should only be delivered to impacted individuals and in their preferred channel.

The current state among retail organizations: Only 16 percent are optimized to handle reputational risk, while 34 percent rate themselves as effective. Almost one in four (22 percent) said they are challenged or developing.

2.  Are you able to effectively manage the customer experience throughout a critical event in real time?

Whether a severe storm has interrupted a shipment or a cyber attack has knocked down part of your network, your customers expect a positive experience. There may be times when you can’t deliver on time or there may be technical difficulties. In these instances, you need to keep customers updated on the situation so they know exactly what to expect. Even if it’s not the update they want to hear, radio silence is one of the biggest killers of customer loyalty.

The current state among retail organizations: Only 16 percent are optimized for risk that impacts the customer experience. Thirty-two percent say they are effective, while 26 percent are either challenged or developing.

3. Are you able to rapidly identify critical events that will disrupt your supply chain and react quickly to overcome them?

As supply chain issues become more common, quick identification of issues that can impact your business are critical. Retailers don’t need to know about every supply chain issue, however – only the ones that may impact your supply. When a disruption does occur, real-time communications with suppliers and carriers is the only way you can shift capacity and designate alternate ports.

The current state among retail organizations: Only 16 percent are optimized for supply chain risk, and only 18 percent are effective. Nearly one-quarter (24 percent) report their organization is challenged or developing.  

4. Are you able to continuously monitor and manage the risk and performance of your suppliers?

Your customers don’t care if a mistake is your fault or your suppliers. In their eyes, every mistake is yours. Retailers must remain in constant communication with all suppliers to ensure goods and services are flowing and identify potential issues before they impact the customer.

The current state among retail organizations: Twenty-four percent said their supplier risk and performance management was not effective today at delivering value to the organization.

Ensure Effective CEM with an Integrated Approach

If your retail organization falls in the challenged or developing group in any of these key areas, it’s time to reassess your critical event management strategy and take a proactive approach to risk.

To be effective, critical event management must be incorporated throughout every aspect of your operations. The benefit of this approach is reflected in the research – 80 percent of respondents to the Forrester study said integration is important, very important or mission critical to the effectiveness of their CEM capabilities. Despite this seemingly common belief, only 18 percent of this same group reported their risk management solutions to be fully integrated.

What does this tell us? While many are talking the talk, they’re not walking the walk. Retailers need to ensure they can effectively mitigate risk of all kinds in order to maximize their position in today’s competitive market and strengthen the resilience of their organization.

When done right, comprehensive and integrated CEM gives you the capability to safely do so, through better situational awareness, more effective response to incidents, greater alignment of technologies and, ultimately, better incident mitigation and customer outcomes.

Resilient organizations are ultimately distinguished by their ability to remain agile in the face of a crisis, while simultaneously resuming peak performance with minimal disruption.

Failing To Plan Is Planning To Fail: Take A Proactive Approach To Critical Event Management To Improve Risk Preparedness

Download the full commissioned study conducted by Forrester Consulting on behalf of OnSolve, and gain more insights into the "why" behind effective strategies retailers can leverage to mitigate risk.

OnSolve

OnSolve is a leading critical event management provider that proactively mitigates physical threats, allowing organizations to remain agile when a crisis strikes. Using the most trusted expertise and reliable AI-powered risk intelligence, critical communications and incident management technology, the OnSolve Platform enables enterprises, SMB organizations and all levels of government to detect, anticipate and mitigate physical threats that impact their people, places and property. With billions of alerts sent annually and proven support for both the public and private sectors, OnSolve is used by thousands of entities to save lives, protect communities, safeguard critical infrastructure and enable agility for the organizations that power our economy.