When identifying risks, the question often asked is “What keeps you up at night?”. Let me explain why this is a, well… risky question to ask.

Consider that the principle goal of risk management is to ensure that an organization performs as expected. In other words, it achieves its objectives. Therefore the risks that you identify need to be directly related to your organizations objectives. Risks not related to the achievement of corporate goals are off strategy – a distraction.

“What keeps you up at night?” is a disembodied question that will result in both relevant and irrelevant risks. Here is the question to ask…

“Considering the objective to… (describe a key objective), what events may prevent the organization from achieving this objective?”.

The result will be risk events that are well aligned with management’s goals. Feel free to present your interviewee with a list of potential risk internal and external risk categories to refer to when answering the question. For example, economic, competitive, strategic, HR, financial, technology, information, and corporate integrity are some of the major categories. There are up to 100 subcategories that fall under these major categories as well (business is complex!).

This objectives-focused question will ensure that your risk management process is strategic and focused on corporate performance.

by Richard Wilson
BPS Resolver Risk Advisory Practice Leader

TORONTO, May 17, 2010 – BPS Resolver Inc., a recognized leader in governance, risk and compliance (GRC) management announces today a strategic partnership with The Corporate L.I.F.E Centre International Inc. (CLCI) in Enterprise Risk Management and Strategic planning.

 “We are very excited to work with CLCI,” said Steve Taylor, CEO, BPS Resolver. “Teaming up with CLCI to provide Enterprise Risk Management and Strategic Planning to a wide range of companies is an exciting development for our company”.

Over the years CLCI has been highly successful in helping organizations create the strategic direction and translate the strategies into operational terms for execution. They work with the senior leadership team to clarify and validate the strategic direction, implement the appropriate Performance Measurement and Management Systems using the Balanced Scorecards to guide the execution of strategies, and ensure that the right talent is in the right place to execute successfully.                  

“After careful consideration of several GRC Software companies in this field, CLCI has chosen to partner with BPS Resolver Inc. based on their exceptional products and services in the industry, as well as their visionary ability to lead the evolution of strategic risk management solutions venture wide,” said Mansoor Osmani, President CLCI.

“This partnership between BPS Resolver Inc. and CLCI is truly a fusion of two leaders in their field providing leading edge Enterprise Risk Management and Strategic Planning solutions to their clients.” said Steve Taylor, CEO, BPS Resolver Inc.

About CLCI

CLCI’s mission is to help their clients transform their businesses into High Performance Organizations™ (HPO). CLCI is a boutique management consulting firm passionate about helping clients achieve strategic performance improvement by implementing performance measurement and management systems.

CLCI’s Integrated Performance Management™ (IPM) methodology is based on the premise that organizations can successfully reach their full potential by transforming into High Performance Organizations. The key to their success is the well-defined and proven methodology, process, tools and facilitation techniques they use.

About BPS Resolver Inc.

BPS Resolver products are acquired by companies that have material exposure to failures in legislative compliance, shareholder assurance and long term sustainability.

We make it simple for companies to effectively mobilize people to address these issues proactively and to demonstrate and document these efforts to third parties. BPS Resolver adds value by replacing informal, unreliable, expensive or inflexible systems with easy to adopt and easy to use solutions.

To achieve this, BPS Resolver brings together the best possible technology foundations with the most current industry information and best practice. Since 2002 we have invested over $20 Million in product development and continue to invest a high percentage of our revenues in maintaining and development of leading products.

For further information, please contact:
Elaine Buzma
Marketing Manager, BPS Resolver Inc.
Tel: (416) 622-2299 x 306
E-mail: elaine.buzma@bpsresolver.com

I was talking to a client recently about the bigger risks that could seriously harm their company. He cited a recent example where a newly acquired small entity almost caused the parent company to be delisted from their exchange. The acquired company refused to share some of their financial information with the parent and as a result they weren’t able to file quarterly reports until the subsidiary was sold. They came within a inch of being delisted.

Every company has hidden liabilities such as this. Some are obvious such as having too much reliance on a single customer for revenue, or too much reliance on a single supplier for goods or services. In other cases the problem is equally risky but not as obvious. An effective way to get visibility on ALL of these major risks is to combine business continuity planning (BCP) with risk management.

Risk management tries to determine the likelihood of uncertain events occurring, while BCP assumes these uncertain events occur and plans alternate routes and recoveries. During your risk identification process you will inquire about events that may prevent your company from achieving its objectives. Try reverse engineering this process to say, “assume that this objective fails – what events could cause this to happen?”. The answers you receive will include catastrophic risks that no one assumes will happen.

For example, asking about risks related to loosing a big revenue stream may result in a limited list of risks due to optimism about how the company is operating. However, assuming that the big revenue stream just disappeared, and asking for potential causes, will uncover new potential risks. The optimism that blinds you to potential risk will be replaced by creative thinking about previously unconsidered risks.

A case in point is the recent volcanic eruption in Iceland that grounded entire fleets of planes. If you asked what risks would ground an entire fleet, volcanoes may not have been identified. But assuming the entire fleet has just been grounded, and asking for potential reasons why, will prompt potentially uncreative people to think more broadly.

by Richard Wilson
BPS Resolver Risk Advisory Practice Leader
richard.wilson@bpsresolver.com

In 2010 it’s not uncommon for a Board to give their management team a mandate to implement a risk management capability.  I’m seeing it more and more.  In this situation the internal or external consulting team engaged to implement the mandate will need to approach the management team in a very specific way.

Firstly, expect that the CEO or CFO may not fully understand the benefits of risk management and may interpret this as a challenge to their corporate governance.  It is important to communicate the benefits of an ongoing risk management process upfront.  Clarifying to management that this is a value sustaining or value creation activity is critical. Here are several key benefits:

• Increase the likelihood that your organization will achieve its objectives (by integrating risk management with the strategic plan)
• Lowering business volatility by increasing visibility on events that can derail your performance
• Treating risk as “neutral” so that opportunities can also be identified and pursued
• Creating a centralized view or risks and creating efficiencies in risk identification and treatment
• Closing the gap between risk management and capital allocation
• Etc…

Secondly, position it as a process, as opposed to a project.  Processes get dedicated resources, projects don’t!

Thirdly, demonstrate how a well run risk management program creates a culture of accountability across the organization for identifying and managing risk.  This will result in higher product/service quality, fewer incidents, and better planning overall.

Finally, show your CEO how the market rewards companies with sound risk management practices.  Ratings agencies, capital markets, and creditors are all starting to differentiate risk-informed companies from the rest of the competition.

These are just some of the tangible benefits that you should communicate to your management team to ensure they are supportive of your risk management program.

by Richard Wilson

BPS Resolver Risk Advisory Practice Leader

Richard.wilson@bpsresolver.com

One of the greatest risk management challenges I have seen over the years is wording risks properly. It sounds simple enough (and it is!). So why is there such inconsistency in wording risks? The first reason is that there is no universal standard to follow. The second is that there are too many interpretations about what risk is. Finally, risk carries a negative connotation in many organizations, (sadly), so people try to describe their risks in a positive way to position them more favourably.

Well worded risks are a cornerstone to a successful risk management program. If people across your organization end up with multiple interpretations about your risks, the credibility around your risk scores will fall. Getting the wording right is pretty important.

Allow me to suggest an easy and reliable way to word your risks. To begin with, remember that a risk is an event. Secondly, it is an event that may prevent you from achieving your objectives. Therefore, the simplest way to word your risk is” X may happen”. For example, “Sr. executives may leave the company”, or “Production at the plant may fall by 20%”, or “Interest rates may rise above 5%”. All of these risks are clear, and since they are worded in the future, should not be threatening to newly emerging risk management cultures.

Follow each risk with “context bullet-points”. These are the data points about the risk that people should consider. For example:

Production at the plant may fall by 20%

• our packaging supplier is in financial trouble
• our competitors are trying to hire away plant staff
• our plant wages are not competitive
• unpredictable weather patterns in that region are expected
• etc…

Here is a test to see if your current set of risks need rewording:

• Do any of your risks begin with “A lack of…”, or “The inability to…”? (If so, they are describing situations within which a risk may occur and not the event itself.)
• Do any of your risks contain the words “and”, or “or”? (If so, you have combined two events which will be difficult to score.)
• Are your risks worded as objectives in the positive? For example, “Retain our senior executives”. It’s a great objective but doesn’t describe the effect of uncertainty on objectives.
• Is the risk tied to one or more objectives so that it is clear where the challenge to the organization lies?
• Do your risks have contextual data points attached to them?

Following this approach will clarify your risks and heighten the likelihood of a common interpretation. It’s really that simple!

by Richard Wilson

BPS Resolver Risk Advisory Practice Leader

Richard.wilson@bpsresolver.com

Toronto – May 1, 2010 – BPS Resolver Inc., a recognized leader in Governance, Risk and Compliance (GRC) Management, announced today the release of BPS Resolver GRC Suite 6.2. BPS Resolver GRC Suite leverages the best of the Resolver and BPS Suites to provide their clients with a simple effective application for Risk, Compliance, and Audit. BPS Resolver GRC Suite 6.2 will officially be released to the public May 15, 2010.

BPS Resolver GRC Suite 6.2 represents the first phase of the integration of the BPS and Resolver platforms, allowing customers to begin to leverage the strengths of each in a seamless environment.

BPS Resolver GRC Suite will tailor to all of your organizations current needs. Organizations that are embracing the idea of GRC, often use components of the suite to tackle immediate concerns, knowing that the capabilities exist to grow with the organization.

Many of BPS Resolver’s clients start with just one pressing demand like Vendor Risk Management, Sustainability, IT Governance, or NERC, then transition into ERM, Audit, or Compliance to leverage the natural overlaps.

“With the release of BPS Resolver GRC Suite, BPS Resolver is leading companies into the future of GRC across the organization. BPS Resolver GRC Suite enables all business units to successfully manage risk and controls increasing a company’s productivity and ability to embrace risks while recognizing key opportunities. BPS Resolver GRC Suite truly is where risk meets reward.” — Steve Taylor, CEO of BPS Resolver Inc. 

BPS Resolver is also entering into new and exciting markets, like Medicare Payment Criteria via the CMS PI Warehouse, an exciting new program that helps hospitals avoid costly RAC appeals.

About BPS Resolver Inc.

BPS Resolver products are purchased by companies that have material exposure to failures in legislative compliance, shareholder assurance and long term sustainability.

We make it simple for companies to effectively mobilize people to address these issues proactively and to demonstrate and document these efforts to third parties. BPS Resolver adds value by replacing informal, unreliable, expensive or inflexible systems with easy to adopt and easy to use solutions.

We proudly support over 300 top brand companies in over 100 countries. Our approach has generated thousands of happy users where we are the governance, risk and compliance system of record. BPS Resolver is the result of a merger between BPS Inc. and Resolver Inc. Both organizations had been working together since 2006. The merger brought together under one roof one of the best teams in the GRC industry as well as complementary products and services.

For further information, please contact:
Elaine Buzma
Marketing Manager, BPS Resolver Inc.
Tel: (416) 622-2299 x 306
E-mail: elaine.buzma@bpsresolver.com