Risk culture 
292
TAbLE 
24.2
Implementation barriers and actions
barrier
action
Lack of understanding of risk
management and belief that it will
suppress entrepreneurship
Establish a shared understanding, 
common expectations and a consistent 
language of risk in the organization
Lack of support and commitment
from senior management
Identify a sponsor on the main board of 
the organization and confirm shared and 
common priorities
Seen as just another initiative,
so relevance and importance
not accepted
Agree a strategy that sets out the 
anticipated outcomes and confirms
the benchmarks for anticipated benefits
Benefits not perceived as being
significant
Complete a realistic analysis of what can 
be achieved and the impact on the mission 
of the organization
Not seen as a core part of business 
activity and too time-consuming
Align effort with core processes and 
achievement of the mission of
the organization
Approach too complicated and
over-analytical (risk overkill)
Establish appropriate level of sophistication 
for risk management framework and 
undertaking risk assessments
Responsibilities unclear and need for
external consultants unclear
Establish agreed risk architecture with 
clear roles and accepted risk 
responsibilities
Risks separated from where they
arose and should be managed
Include risk management in job descriptions 
to ensure that risks are managed within 
the context that gave rise to them
Risk management seen as a static
activity not appropriate for a dynamic
organization
Align risk management effort with the 
mission of the organization and with
the business decision-making activities
Risk management too expansive and 
seeking to take over all aspects of
the company
Be realistic: do not claim that all the 
business activities within the organization 
are risk management by another name

Download 3.45 Mb.

Do'stlaringiz bilan baham: