To reinvent a company means to take opportunities. Each company regularly has to face the challenge to take decisions about the future business areas, business models and business processes. To what degree changes take place depends on the single company. Some bigger companies in Germany are currently working on bigger changes to be able to meet the requirements of the markets in a better way. Not only in the history of bigger companies but also in smaller companies and especially in the so called German Mittelstand there have been always changes and developments regarding the business activities. And that is exactly the way how future-oriented and successful companies act: they take opportunities. Each opportunity is accompanied by threats or risks. Especially in times of bigger changes, regarding the business activities and the structure of a company, potential threats and risks have to be checked carefully.
Since decades not only in Germany and Europe but worldwide there are legislations requiring from companies to take care for potential risks and to take appropriate measures. But in each culture the way how to deal with risks is different. About the Germans it is often said that there is more the thinking to avoid failure than to take risks. In other cultures it is said that failing is no problem, expecting the person that failed, to stand up and try it again. Regarding product liability the situation seems to be different. In some parts of the world compensations for damages in context with product liability or any other incident are many times higher than in Germany. Another aspect is data security. Collecting data and information to help to avoid damages, makes sense. To collect and exchange data in a supply chain to improve planning and optimize processes for each participant in this supply chain is a successful development. Collecting data and information by all means and the misuse of data and information to damage competitors and to gain positions and business is not acceptable at all. Not only based on legal requirements but also in their own interest, today all bigger companies have a complex and in most cases centrally controlled risk management system that is integrated in the business processes. Depending on parameters, e.g. the size, the legal form, the business sector of a company there are international and national regulations also including requirements with regard to controlling bodies, e.g. the supervisory board in Germany. Amongst others this board has the task to take decisions, e.g. to appoint the management board, to control the company in consultation with external auditors and the internal audit and to make sure and to monitor that the management board has implemented a risk management system. Normally on company level there is a risk management officer and each decentralized location has employees that are responsible to ensure that the risk strategy, defined by the management board, is implemented. The decision makers of all levels and locations of a company regularly have to make a risk assessment and to give a report about risks and the appropriate measures that are taken.
On top level of a company different types of risks are differentiated, e.g. market risks, strategic and operational risks, external risks, compliance risks, risks that might occur in context with IT, staff or business partners. In a top-down/bottom-up process also each department, e.g. procurement, production area, sales department, logistics has to assess and report on risks and especially on the appropriate measures. The risk management process consists of several steps (s. figure). Based on a defined risk strategy the risk identification, risk analysis, risk evaluation, steering and monitoring as well as risk reporting, documentation and training have to take place in a continuous loop.
In this way the identification and verification of potential risks and especially the definition of appropriate measures are possible at an early stage. The prioritization of risks and the risk evaluation differ between the sectors and depend on the business activities of a company. While the automotive sector e.g. has especially the focus on high quality, other sectors focus on compliance risks and risks connected with the project management. In times of reinventing a company the prioritization of the risks will change and new risks might occur. Risks of business activities that are no longer part of the company will disappear or in case of a spin-off of business activities the appropriate risks will be treated in a much more focused way in the separated company.
Digitalization is one topic that changes the risk portfolio. More efficient processes, information transparency, improved and easier communication and cooperation between the market participants, a higher quality of data and therefore a better basis for planning activities result in improvements regarding the time, cost and quality targets as well as flexibility and sustainability aspects. But to gain these positive effects, potential risks have to be faced and appropriate measures have to be taken. As an example, there might be a “staff risk” for example in case the required competences are not available within the company. Appropriate measures might be to develop required competences or to agree cooperation with external companies and start-ups. Required technology has to be available to be able to use the new possibilities and to realize ideas like the autonomous driving. The security of data and know-how are further important topics.
In summary it can be stated that the risk management plays an important role and accompanies taking opportunities in a successful way. And listening to top managers, risks are always mentioned together with other important topics such as trust, innovation and changes. The only thing is to find the right balance between opportunities and risks in a responsible way, to define the risk strategy depending on the business activities of a company, the business area and business model and to create the risk portfolio to ensure the competitiveness and a successful future for the company. Today there are tremendous opportunities. Let us realize fantastic ideas together!
What are your experiences regarding these topics? Are you currently working on these topics ? Do you need any support to improve your processes or do you want to discuss any of the issues raised in greater detail? Please send an email toThis email address is being protected from spambots. You need JavaScript enabled to view it. This email address is being protected from spambots. You need JavaScript enabled to view it. This email address is being protected from spambots. You need JavaScript enabled to view it. This email address is being protected from spambots. You need JavaScript enabled to view it. .