News and Info

Risk Management Leader

Why is Risk Management Important?

For large companies, having a comprehensive risk management plan is critical. Shawn O’Rourke, President of Pro-Concepts and Lea Anne Nelson, a Risk Management Consultant and Trainer, discuss the importance of implementing a risk management system.

Why is risk management necessary?

Shawn: Why do you think people need Risk management?

Lea Anne: First of all [companies] want to earn a profit. Companies are in business to earn profits. Not necessarily to satisfy customers. You can make software or whatever it might be. They’re in business to make a profit. One of the best ways to make sure you’re on track to meet those goals is to have a risk management program in place.

Shawn: The other thing with risk management is that you’re trying to, back to your point of profitability, you want to be able to be proactively looking at your organization across all the functions of the organization for any of those functions that make an impact to your ability to meet your corporate goals and objectives. The next thing is being proactive

It is a lot cheaper when an issue happens and preventing an issue from happening than being reactive and it’s costing you more resources, more time, more money and maybe your reputation as a company.

You go back and look at some of the things that happened recently with Boeing and hiding a defect and then having that impact their reputation for a while. You look at the security firms who supposedly have protected our personal information and they have breaches like Equifax. Those are all risks they were facing but they weren’t managing them.

Risks management prevents you from having a major event happening. Those events are going to happen if you don’t do risk management. It’s either pay me now or pay me later. You either do risk management now then pay me later.

Executives don’t like surprises

Lea Anne: In all the years that I’ve done training and coaching of project managers and program managers, what I would always tell them is

“Surprises are great for wedding proposals, marriage proposals and surprises are great for birthdays. But executives don’t like surprises.”

And risk management is really the way you keep them informed of what’s happening really throughout the organization.  — all levels. But it’s been my experience, executives — they don’t love surprises. And so, with a great risk management methodology in place that everybody follows, then you can eliminate surprises. Because you’re right, things are going to come up and you want to be prepared and be intentional about how you handle it.

  • OMB A-123
  • NIST 800-53
  • ISO 31000
  • ISO 9001-2015
  • COSO
  • CMMI