Reflecting on Risk: It’s About the Basics

Doing business always includes an element of risk, so it goes without saying that your organization has contemplated the consequences of various types of crises. In fact, given both the pandemic and the increase in frequency and severity of extreme weather these past several years, you’ve probably already dealt with a few.

Here’s the key question: Were you satisfied with your outcomes?

If your organization is like most, there’s a good chance there’s room for improvement in your risk management practices. So where do you start?

Authentic Evaluation of Risk Preparedness

Successfully incorporating risk management throughout your business operations necessitates taking a step back and looking at the big picture. What are your overall organizational goals? Are your managers set up for maximum productivity? Or are they mainly engaged in putting out daily fires? Without the right infrastructure and support, the best staff in the world will not be successful. Oftentimes, unwillingness to face these uncomfortable truths can keep executives from making a needed change.

Once you’ve identified the need for change, enacting it has to start at the top. Positive actions have the same trickle-down effect as negative actions or inaction. Meeting with all of your leaders to get everyone on the same page is a vital first step. Too often, risk management is regarded as an isolated, tick-the-box process that has little functional relationship with the realities of day-to-day operations. This notion has to be dispelled. Leaders at every level must embrace actively considering and reflecting on risk.

Remember – it’s not a matter of fear-mongering, but of taking a common sense, no-nonsense approach to setting your staff up for success. This simple process is universally applicable:

The Three-Step Risk Reflection Process

  • Identify and communicate big picture goals to everyone in the organization, starting with leaders.
  • Determine the most likely potential barriers and obstacles to achieving those goals.
  • Create a detailed plan to overcome existing and potential obstacles, that can be used both in the immediacy of a crisis, and on an ongoing basis for the prevention of future calamities.

Although these steps sound obvious, most of us have worked for at least one organization where this fundamental process was never utilized. Let’s look at some supporting data.

Uncomfortable Facts about Risk Readiness

Almost all (99 percent) of risk management and security professionals experienced at least one critical event in the past 18 months and 12 percent suffered at least four distinct types of disruption, according to findings from a commissioned study by Forrester Consulting on behalf of OnSolve.

With this in mind, more than a quarter of respondents expected suboptimal critical event management (CEM) to have a negative impact on revenue and operations. Yet despite this knowledge, many organizations still hesitate to take action to prepare for crises in advance. This is evidenced by the fact that only 38 percent of the respondents agreed that “becoming more proactive” in CEM is a key goal.

This marked disconnect indicates a pervasive lack of a realistic view of risk. Organizational leaders often focus on the short-term difficulties associated with an emergency, such as reaching staff and filling shifts, supply chain delays and on-site disruptions. But what of the long-term consequences? When customers have a bad experience, brand loyalty diminishes, revenue goes down, profit margins shrink, funding dries up and ultimately your business faces closure.

While this may sound alarmist, the trickle-down effect of inadequate preparation is a reality no business can afford to ignore. Today’s saturated and hyper-competitive market offers a plethora of options to consumers and end-users. If their experience with your brand is not top-notch, they’ll most likely go elsewhere.

Making a Proactive Change

Following the simple steps articulated above can make a big difference, both in the way your operations run and the quality of service and customer interaction you deliver. The fact is, sometimes you have to get back to basics. Not only do those three steps help identify and mitigate risk, they put you in a better position to achieve the goals you’ve spent time developing and articulating to your people. Most importantly, this fundamental process can be applied to any goal, in any industry. For example:

  • Overarching ambitions: “Be the number one local property management firm.”
  • Short-term targets: “Achieve over $100,000 in pledges at the fundraising event.”
  • Annual objectives: “Improve business continuity during the upcoming blizzard season.”

As you work through this three-step reflection, keep in mind that you need to be prepared for a multitude of types of risk. It’s not enough to simply look at weather-related closures or ongoing pandemic complications. Cultivating organizational resilience means examining the confluence of different events and creating multiple backup plans. This requires staying in touch with industry predictions. What’s trending in your field? What’s changing? Where are the new threats? If you can’t answer these questions, you’re not considering the full scope of risk.

For example, an incident of workplace violence, flooding, a shortage at an overseas manufacturing plant and a spike in local traffic due to a political rally can all occur at the same time. That’s just a typical day-in-the-life of doing business in our modern world. At such times, the ability to pivot is what makes the difference between a lasting organization and one that throws in the towel.


OnSolve® proactively mitigates physical threats, allowing organizations to remain agile when a crisis strikes. Using trusted expertise and reliable AI-powered risk intelligence, critical communications and incident management technology, the OnSolve Platform allows organizations to detect, anticipate and mitigate physical threats that impact their people and operations.