SlideShare uma empresa Scribd logo

IRGC Guidelines for Emerging Risk Governance

I
irgc_risk

This peer-reviewed report proposes a set of guidelines to help organisations deal proactively with emerging issues.

Governo e ONGs
1 de 25
Baixar para ler offline
EPFL Center + Foundation GOVERNANCE OF EMERGING RISKS Guidelines for the governance of unfamiliar risks March 2017 No part of this document may be quoted or reproduced without prior written approval from IRGC This presentation deck accompanies the main IRGC report and an appendix, available online: https://www.irgc.org/risk-governance/emerging-risk/a-protocol-for-dealing-with-emerging-risks/
EPFL Center + Foundation Introduction • A risk is an uncertain (mostly negative) consequence of an event or an activity with regards to something that humans value. Emerging risks are ‘new or familiar risks that become apparent in new or unfamiliar conditions’ • Emerging risks should be distinguished from familiar risks: o Familiar risks are well understood by risk managers who know how to manage them o Emerging risks on the other hand are primarily characterised by uncertainty • Knowledge becomes the key concept for emerging risks • The concept of emerging risk is relative, not absolute • In emerging risk management, what matters most to an organisation is its potential exposure 2
EPFL Center + Foundation Characteristics of emerging risks • IRGC suggests three categories of emerging risks: Risks with uncertain impacts Risks in complex, interconnected systems Risks resulting from changes in context High uncertainty and a lack of knowledge about potential impacts and consequences (interactions with risk-absorbing systems). e.g., applications of synthetic biology Increasing complexity, emerging interactions and systemic dependencies have the potential to lead to non-linear impacts and surprises. e.g., systemic risks in energy or ICT systems Changes in context (social, regulatory, natural etc.) may alter the nature, probability and magnitude of expected impacts of previously known risks. e.g., antimicrobial resistance 3
EPFL Center + Foundation Defining an appropriate process for emerging risk governance • The guidelines proposed by IRGC provide an overarching framework to support senior managers address emerging risks. • They help to organise how information and evidence are collected, analysed and combined to design strategies for emerging risk governance. • In particular, the IRGC guidelines: o Provide guidance to organisations in anticipating and responding to emerging risks o Provide transparent and enforceable criteria for the evaluation of the effectiveness of the emerging risk governance process o Embed the emerging risk management process as a routine within the organisation, drawing from existing processes 4
EPFL Center + Foundation Emerging Risk Governance Guidelines 5
EPFL Center + Foundation Step 1: Make sense of the present & explore the future 7 Provide early warning Identify: • Potential threats or opportunities to relevant assets and processes • Contributing factors that create fertile ground for risks and opportunities to develop (emerge, amplify or attenuate) Make sense of signals that might shape the future Detect and explore current and possible future evolutions that may change the organisation’s environment Analyse these changes according to their potential to represent a threat and/or an opportunity Filter and prioritise the detected threats and opportunities that require further attention in Step 2 Regularly update the selection of risks and opportunities as new information becomes available Required actions List of threats and opportunities that require further analysis and exploration Description of the context in which these develop Identification of the necessary or sufficient conditions for the risk or opportunity to materialise List of threats and opportunities that are irrelevant to the organisation's objectives given available information Expected outcomes Key objective
EPFL Center + Foundation Step 1: Make sense of the present & explore the future 8 Emerging risk conductor Defines approaches and facilitates continuous interactions among experts and between experts and decision-makers Experts and analysts Detect signals, perform analyses and suggest necessary characterisation Senior decision-makers Validate Step 1 outputs and decide which issues will be further investigated and what resources will be allocated to the process Key participants & responsibilities • Diversity of information • Scientific soundness of data collection, analysis and prioritisation • Data reliability and consistency • Compatibility with existing and past or familiar threats Key success factors
EPFL Center + Foundation Contributing factors to risk emergence 9 The human factor: Behavioural and cultural advancement The overall context: System complexity The decision- maker 4. Varying susceptibility to risk 3. Positive feedback 2. Loss of safety margins 1. Scientific unknowns 7. Technological advances 6. Social dynamics 5. Conflicts of interests, values and science 12. Malicious attacks 11. Perverse incentives 10. Information asymmetries 9. Communication 8. Temporal complications Source: IRGC (2010). The Emergence of Risks: Contributing Factors. Geneva: International Risk Governance Council. Report available online: https://www.irgc.org/risk- governance/emerging-risk/irgc- concept-of-contributing-factors-to- risk-emergence/
EPFL Center + Foundation Anticipating vs. exploring uncertain futures 10 Level 1 Level 2 Level 3 Level 4 Deep Uncertainty Context A clear enough future Alternate futures (with probabilities A multiplicity of plausible future Unknown futures Familiar risks Emerging risks Source: Walker, W. E., Marchau, V. A. W. J. & Swanson, D. (2010). Addressing Deep Uncertainty Using Adaptive Policies: Introduction to Section 2. Technological Forecasting & Social Change, 77(6), 917–923.
EPFL Center + Foundation Framing discussions of risk and innovation • Innovation creates change • This always carries risk, with the potential for harm as well as benefit • It is difficult to ‘predict’ the future • Complexity, uncertainty and ambiguity (different interpretations, or even controversy) • Often technological innovations and related risks develop in complex systems  Interdependent cascading failures may happen in a network of interconnected system components, where a small localised initial failure (which could result from an emerging risk) may trigger large perturbations elsewhere 11
EPFL Center + Foundation Step 2: Develop scenarios based on narratives & models 12 Develop scenarios of how an emerging risk or opportunity could impact an organisation and its objectives. This: • Offers the possibility for collaborative framing of existing and future threats/opportunities • Provides evidence and support for future decisions concerning the identified threats/opportunities • Updates the scenarios as new information and knowledge become available Develop or use various types of scenarios to explore and evaluate the emerging risk that could affect the organisation in the future Begin to identify possible bifurcations and intervention points, to prepare the development of management options Update the scenarios as necessary, taking into account the emergence of new signals and the outcome of strategic interactions with stakeholders Required actions Set of explorative scenarios. The scenarios describe how the threats and opportunities identified in Step 1 may have an impact on the organisation. Particular attention must be given to: • The contributing factors (amplifying or attenuating) • Events or tipping points that may accelerate, reduce or generally affect the factors • The consequences of each scenario for the organisation Familiarity with concepts Expected outcomes Key objective
EPFL Center + Foundation Step 2: Develop scenarios based on models & narratives 13 Experts in futures studies scientific & scenario- building techniques Facilitate interactions between contributors and ensure the validity of the scenario development exercise Emerging risk conductor Ensures the coherence of the exercise with the threats and opportunities de ned in Step 1 and the organisation’s expectations Decision-makers Confirm their commitment, in particular by allocating resources, providing reward and assigning responsibilities Key participants & responsibilities • Relevance to concerns and needs of decision-makers • Credibility, to assess the scientific soundness of the models and data used as well as the transparency of the choices • Comprehensibility and traceability, to describe the clarity of the sequence of events and the ability of final users to easily understand and follow the underlying rationality • Legitimacy, through openness of the process to various stakeholders, promoting different values and political orientations • Creativity, to stimulate new ways of thinking and dealing with the “unusual” • Distinctness, to assess the ability of the scenarios to jointly convey to decision-makers the diversity of possible futures Key success factors
EPFL Center + Foundation Step 3: Generate risk management options & formulate strategy 14 Design strategies for the management of emerging risks that are proactive, effective, cost- efficient and adaptive in order to deal adequately with the risks and opportunities explored in Step 2 Identify and evaluate possible emerging risk management options. No option should be excluded Define intervention points and indicators. Consider the organisation’s decision-making style, resources and risk appetite Identify thresholds of irreversibility and thresholds of acceptability Communicate this process and the decision that has been made in a transparent manner Include uncertainty: Being aware of what is unknown Required actions Management strategies for each scenario: Provide a strategy for each of the scenarios developed in Step 2. The description of the strategy, its expected performance and the key trade-offs adopted by decision-makers must be made explicit A final decision as to which emerging risk management option(s) will be implemented Expected outcomes Key objective
EPFL Center + Foundation Step 3: Generate risk management options & formulate strategy 15 Decision-makers at the strategic level Select options and demonstrate leadership, especially when it comes to challenging comfortable or routine practices not suited to changing environments Emerging risk conductor Facilitates the decision-making process and ensures that decisions are made Key participants & responsibilities • Flexibility for adaptation and adjustment to new evidence when it becomes available • Consistency with organisational values and culture as well as with procedures • Internal openness and transparency of the process • Clear prioritisation of actions, taking expected impacts and available resources into account • Revision of the strategy if context and conditions change Key success factors
EPFL Center + Foundation Step 3: What to do and how 16 Generating the strategy options for implementation • What strategy and options could respond to the emerging risk? • When could these options be implemented? What would be the intervention timing? Evaluating the strategic options • What criteria will be used to assess and evaluate the options to provide the best response to the variety of possible futures? • How will the performance of the management options be evaluated? Making robust decisions • What decision-making approach will be chosen? How? • What option or combination of options will be decided? • What is the timing for implementation?
EPFL Center + Foundation Step 3: Generate strategy and options for implementation 17 Some of the factors that contribute to risk emergence are controllable. In those cases, an organisation can act to prevent a risk from emerging (or amplifying) or can reduce its consequences if it materialises. 1 Act on contributing factors to risk emergence Trying to avoid the risk can represent a valuable management option in cases where the risk evaluation results in reasoned assumptions of unacceptable consequences. Precautionary approaches should be chosen on a case-by-case basis, in relation to a desired level of protection against identified potential risks. 2 Develop precautionary approaches A reduction in exposure or vulnerability can be a strategic option if an intervention is considered too costly, inappropriate, or impossible For emerging but well identified risks: reduce sensitivity to the risk by developing redundancies, improving personnel training or readjusting protection capabilities. In the case of unexpected events: build resilience 3 Reduce vulnerability 1 Act on contributing factors to risk emergence 2 Develop precautionary approaches 3 Reduce vulnerability 4 Modify risk appetite in line with risk 5 Use risk governance instruments for familiar risks 6 Do nothing Dealing with emerging risks requires that organisations constantly align their risk appetite to changes in their environment, the availability of new knowledge, and their resources and capabilities to tolerate or cope with potential risk losses. 4 Modify risk appetite in line with risk
EPFL Center + Foundation Step 4: Implement the strategy 18 Implement strategy options decided in Step 3 Creating supportive conditions for the organisational, technical and cultural shifts that may be required for the effective deployment of risk management options Put in place the internal and external communication capacities required for a common understanding of the objectives and the rationale behind them Allocate resources to match operational capabilities with strategic orientations Clearly define roles, responsibilities and incentives according to the strategic options adopted Support strategy implementation by ensuring adequate authority and leadership in all phases and enabling the creation of appropriate risk cultures Required actions • Translation of the strategic objectives into individual and collective objectives at the various levels of the organisation • Implementation of the decisions made in Step 3 Expected outcomes Key objective
EPFL Center + Foundation Step 4: Implement the strategy 19 Strategic decision-makers (e.g. chief risk officer) Endorse the responsibility of implementing the strategy; appoint a dedicated team Risk owner (if any) Effectively manages the risk and opportunity for which he/she is responsible, and is rewarded accordingly Other relevant stakeholders Translate the strategic decisions into concrete actions Emerging risk conductor Provides complementary knowledge or expertise regarding the risks and opportunities considered Key participants & responsibilities • Transparency through effective and continuous communication about the strategic objectives and decisions at all levels of the organisation • Including relevant stakeholders for the evaluation of the strategy relevance and effectiveness, and timely reaction to resolve conflicts and trade-offs • Continuous monitoring through the early detection of difficulties and conflicts (with bottom- up reporting) • Continuous interactions with the emerging risk conductor to re-evaluate the relevance of the strategy in light of new signals and knowledge, if necessary Key success factors
EPFL Center + Foundation Step 5: Review risk development and decisions 20 Monitor how emerging risks and opportunities unfold Review the relevance and performance of the decisions made and, if needed, Update the strategy Deploy monitoring capabilities for the decision options described in Step 3 Create the interaction space required for the conductor and other users of the guidelines to exchange and communicate Establish bridges with risk management standards or professional organisations, which may help confer legitimacy to the process Required actions • Risks and opportunities can be decommissioned, or become accepted or sufficiently well known for familiar risk management measures to be employed • Risks and opportunities outside of these options must remain the subject of careful and continuous monitoring, analysis and revision Expected outcomesKey objective
EPFL Center + Foundation Step 5: Review risk development and decisions 21 Senior managers Review decisions about the organisation’s emerging risk management, i.e. the design and implementation of internal structures and processes Business managers Deploy the adopted risk management strategies Emerging risk conductor Creates interaction space for reflection and confidence Key participants & responsibilities • Involvement of all internal stakeholders • Open and transparent discussions • Regular updates of strategic decisions based on new information Key success factors
EPFL Center + Foundation The emerging risk conductor • Emerging risk governance requires leadership, it requires a ‘risk conductor’ to ensure the effective implementation of the guidelines • Specifically, the risk conductor must have the mission and resources to lead the process and to: o Facilitate interactions among participants o Validate technical frameworks and approaches adopted in the process o Monitor performances and, if required, identify and correct weaknesses o Promote necessary changes in attitude and behaviour o Communicate to increase awareness and explain decisions o Report on the potential impact of emerging risks o Review 22
EPFL Center + Foundation Conditions for success 23 Provide a supportive environment Tolerance for failure Acknowledge cognitive biases Dialogue about the challenges of investing in emerging risk governance Communicate Proactive attitude to change Creating meaningful interactions between stakeholders Demonstrate that it is effective and worth the investment The emerging risk conductor must not be a ‘prophet of doom’
EPFL Center + Foundation Conclusion • Frameworks for the governance of familiar risks are often not appropriate for emerging risks: Need for internal processes to anticipate and respond to risk • Create conditions for opportunity management as well as for risk management • Innovation management and emerging risk management are interlinked • At a broad strategic level, implementing these guidelines should result in four distinct key capabilities: o Proactive thinking o Willingness to bear or to avoid risk o Prioritising investments o Internal communication 24
EPFL Center + Foundation How IRGC developed its guidelines for emerging risk governance • Look at how practitioners do it: ENISA – EU Agency for Network and Information Security, EFSA – European Food Safety Authority, Swiss Re SONAR, CEN workshop agreement on managing emerging technology-related risks (Din_CWA 16649) • Look at theoretical foundations in cultural theory of risk, dynamic capabilities in strategic and innovation management, use of signals and early-warnings in technology management, foresight and scenario development, robust decision-making, and strategy implementation • Previous IRGC work o Factors contributing to risk emergence (2010) o Improving risk management in industry (2011) o Public sector governance of emerging risks (2013) o On-going discussions with practitioners and academics at workshops 25
EPFL Center + Foundation www.irgc.org http://irgc.epfl.ch No part of this document may be quoted or reproduced without prior written approval from IRGC © EPFL International Risk Governance Center and Foundation, 2015 - 2017

Recomendados

Integrating Strategy and Risk Management
Integrating Strategy and Risk ManagementIntegrating Strategy and Risk Management
Integrating Strategy and Risk Management
Andrew Smart
 
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksStrategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
International Federation of Accountants
 
Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard
Andrew Smart
 
127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0
Rachael Phelan
 
Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...
Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...
Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...
Zanders Treasury, Risk and Finance
 
Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011
Andrew Smart
 
Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)
Diane Christina
 
Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides
SlideTeam
 

Recomendados

Integrating Strategy and Risk Management
Integrating Strategy and Risk ManagementIntegrating Strategy and Risk Management
Integrating Strategy and Risk Management
Andrew Smart
 
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected RisksStrategic Risk Management in the Face of Uncertainty and Unexpected Risks
Strategic Risk Management in the Face of Uncertainty and Unexpected Risks
International Federation of Accountants
 
Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard Integrating Risk into your Balanced Scorecard
Integrating Risk into your Balanced Scorecard
Andrew Smart
 
127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0127017438_RMA_OperationalRiskAppetite_v1.0
127017438_RMA_OperationalRiskAppetite_v1.0
Rachael Phelan
 
Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...
Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...
Risk Appetite: A new Menu under Basel 3? Pieter Klaassen (UBS) voor het Zande...
Zanders Treasury, Risk and Finance
 
Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011Integrating Risk Appetite With Strategy Feb 14 2011
Integrating Risk Appetite With Strategy Feb 14 2011
Andrew Smart
 
Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)
Diane Christina
 
Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides
SlideTeam
 
Enterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceEnterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and Performance
Resolver Inc.
 
Risk Management Lifecycle Process PowerPoint Presentation Slides
Risk Management Lifecycle Process PowerPoint Presentation SlidesRisk Management Lifecycle Process PowerPoint Presentation Slides
Risk Management Lifecycle Process PowerPoint Presentation Slides
SlideTeam
 
Operational Risk Management Under Basel II & Basel III
Operational Risk Management Under Basel II & Basel IIIOperational Risk Management Under Basel II & Basel III
Operational Risk Management Under Basel II & Basel III
Eneni Oduwole
 
Risk Appetite
Risk AppetiteRisk Appetite
Risk Appetite
Towers Perrin
 
Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute
Turlough Guerin GAICD FGIA
 
Governance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskGovernance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational Risk
Andrew Smart
 
Risk Identification PowerPoint Presentation Slide
Risk Identification PowerPoint Presentation SlideRisk Identification PowerPoint Presentation Slide
Risk Identification PowerPoint Presentation Slide
SlideTeam
 
Risk Management Process And Procedures PowerPoint Presentation Slides
Risk Management Process And Procedures PowerPoint Presentation SlidesRisk Management Process And Procedures PowerPoint Presentation Slides
Risk Management Process And Procedures PowerPoint Presentation Slides
SlideTeam
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...
Eneni Oduwole
 
The link between risk management critical controls and auditing
The link between risk management critical controls and auditingThe link between risk management critical controls and auditing
The link between risk management critical controls and auditing
Nimonik
 
BCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking ReportBCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking Report
NQA
 
Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite
Andrew Smart
 
Operational Risk Loss Forecasting Model for Stress Testing
Operational Risk Loss Forecasting Model for Stress TestingOperational Risk Loss Forecasting Model for Stress Testing
Operational Risk Loss Forecasting Model for Stress Testing
CRISIL Limited
 
Fundamentals Of Risk Management
Fundamentals Of Risk ManagementFundamentals Of Risk Management
Fundamentals Of Risk Management
Dr David Hancock
 
Aligning strategy decisions with risk appetite, presented by David Shearer, 1...
Aligning strategy decisions with risk appetite, presented by David Shearer, 1...Aligning strategy decisions with risk appetite, presented by David Shearer, 1...
Aligning strategy decisions with risk appetite, presented by David Shearer, 1...
Association for Project Management
 
Risk Assessment PowerPoint Presentation Slides
Risk Assessment PowerPoint Presentation Slides Risk Assessment PowerPoint Presentation Slides
Risk Assessment PowerPoint Presentation Slides
SlideTeam
 
Risikostyring av kontrakter
Risikostyring av kontrakterRisikostyring av kontrakter
Risikostyring av kontrakter
Kjell Steffner
 
Embedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business StrategyEmbedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business Strategy
Andrew Smart
 
Risk appetite
Risk appetite Risk appetite
Risk appetite
Michel Rochette
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management Right
Proformative, Inc.
 
Presentation manage risk
Presentation manage riskPresentation manage risk
Presentation manage risk
Michael Curtis
 
RMP.ppt
RMP.pptRMP.ppt
RMP.ppt
AgusNursidik
 

Mais conteúdo relacionado

Mais procurados

Enterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceEnterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and Performance
Resolver Inc.
 
Risk Management Lifecycle Process PowerPoint Presentation Slides
Risk Management Lifecycle Process PowerPoint Presentation SlidesRisk Management Lifecycle Process PowerPoint Presentation Slides
Risk Management Lifecycle Process PowerPoint Presentation Slides
SlideTeam
 
Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute
Turlough Guerin GAICD FGIA
 
Risk Identification PowerPoint Presentation Slide
Risk Identification PowerPoint Presentation SlideRisk Identification PowerPoint Presentation Slide
Risk Identification PowerPoint Presentation Slide
SlideTeam
 
Risk Management Process And Procedures PowerPoint Presentation Slides
Risk Management Process And Procedures PowerPoint Presentation SlidesRisk Management Process And Procedures PowerPoint Presentation Slides
Risk Management Process And Procedures PowerPoint Presentation Slides
SlideTeam
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...
Eneni Oduwole
 
BCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking ReportBCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking Report
NQA
 
Risk Assessment PowerPoint Presentation Slides
Risk Assessment PowerPoint Presentation Slides Risk Assessment PowerPoint Presentation Slides
Risk Assessment PowerPoint Presentation Slides
SlideTeam
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management Right
Proformative, Inc.
 

Mais procurados (20)

Enterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceEnterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and Performance
 
Risk Management Lifecycle Process PowerPoint Presentation Slides
Risk Management Lifecycle Process PowerPoint Presentation SlidesRisk Management Lifecycle Process PowerPoint Presentation Slides
Risk Management Lifecycle Process PowerPoint Presentation Slides
 
Operational Risk Management Under Basel II & Basel III
Operational Risk Management Under Basel II & Basel IIIOperational Risk Management Under Basel II & Basel III
Operational Risk Management Under Basel II & Basel III
 
Risk Appetite
Risk AppetiteRisk Appetite
Risk Appetite
 
Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute Risk Management for Directors - Governance Institute
Risk Management for Directors - Governance Institute
 
Governance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskGovernance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational Risk
 
Risk Identification PowerPoint Presentation Slide
Risk Identification PowerPoint Presentation SlideRisk Identification PowerPoint Presentation Slide
Risk Identification PowerPoint Presentation Slide
 
Risk Management Process And Procedures PowerPoint Presentation Slides
Risk Management Process And Procedures PowerPoint Presentation SlidesRisk Management Process And Procedures PowerPoint Presentation Slides
Risk Management Process And Procedures PowerPoint Presentation Slides
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...
 
The link between risk management critical controls and auditing
The link between risk management critical controls and auditingThe link between risk management critical controls and auditing
The link between risk management critical controls and auditing
 
BCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking ReportBCI ISO 22301 Benchmarking Report
BCI ISO 22301 Benchmarking Report
 
Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite Shaping Your Culture via Risk Appetite
Shaping Your Culture via Risk Appetite
 
Operational Risk Loss Forecasting Model for Stress Testing
Operational Risk Loss Forecasting Model for Stress TestingOperational Risk Loss Forecasting Model for Stress Testing
Operational Risk Loss Forecasting Model for Stress Testing
 
Fundamentals Of Risk Management
Fundamentals Of Risk ManagementFundamentals Of Risk Management
Fundamentals Of Risk Management
 
Aligning strategy decisions with risk appetite, presented by David Shearer, 1...
Aligning strategy decisions with risk appetite, presented by David Shearer, 1...Aligning strategy decisions with risk appetite, presented by David Shearer, 1...
Aligning strategy decisions with risk appetite, presented by David Shearer, 1...
 
Risk Assessment PowerPoint Presentation Slides
Risk Assessment PowerPoint Presentation Slides Risk Assessment PowerPoint Presentation Slides
Risk Assessment PowerPoint Presentation Slides
 
Risikostyring av kontrakter
Risikostyring av kontrakterRisikostyring av kontrakter
Risikostyring av kontrakter
 
Embedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business StrategyEmbedding RCSA into Strategic Planning and Business Strategy
Embedding RCSA into Strategic Planning and Business Strategy
 
Risk appetite
Risk appetite Risk appetite
Risk appetite
 
Strategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management RightStrategic Risk Management as a CFO: Getting Risk Management Right
Strategic Risk Management as a CFO: Getting Risk Management Right
 

Semelhante a IRGC Guidelines for Emerging Risk Governance

Presentation manage risk
Presentation manage riskPresentation manage risk
Presentation manage risk
Michael Curtis
 
How to Create a Risk Profile for Your Organization: 10 Essential Steps
How to Create a Risk Profile for Your Organization: 10 Essential StepsHow to Create a Risk Profile for Your Organization: 10 Essential Steps
How to Create a Risk Profile for Your Organization: 10 Essential Steps
Case IQ
 
Assessment Of Risk Mitigation
Assessment Of Risk MitigationAssessment Of Risk Mitigation
Assessment Of Risk Mitigation
Eneni Oduwole
 
Development of a Compendium of Effective Structural Interventions for HIV Pre...
Development of a Compendium of Effective Structural Interventions for HIV Pre...Development of a Compendium of Effective Structural Interventions for HIV Pre...
Development of a Compendium of Effective Structural Interventions for HIV Pre...
CDC NPIN
 
Application of Q methodology in critical success factors of information secur...
Application of Q methodology in critical success factors of information secur...Application of Q methodology in critical success factors of information secur...
Application of Q methodology in critical success factors of information secur...
stuimrozsm
 

Semelhante a IRGC Guidelines for Emerging Risk Governance (20)

Presentation manage risk
Presentation manage riskPresentation manage risk
Presentation manage risk
 
RMP.ppt
RMP.pptRMP.ppt
RMP.ppt
 
RMP.ppt
RMP.pptRMP.ppt
RMP.ppt
 
RMP.ppt
RMP.pptRMP.ppt
RMP.ppt
 
How to Create a Risk Profile for Your Organization: 10 Essential Steps
How to Create a Risk Profile for Your Organization: 10 Essential StepsHow to Create a Risk Profile for Your Organization: 10 Essential Steps
How to Create a Risk Profile for Your Organization: 10 Essential Steps
 
Software IT risk-management
Software IT risk-managementSoftware IT risk-management
Software IT risk-management
 
Rmp
RmpRmp
Rmp
 
IRGC Guidelines for Emerging Risk Governance, Marie-Valentine FLORIN
IRGC Guidelines for Emerging Risk Governance, Marie-Valentine FLORINIRGC Guidelines for Emerging Risk Governance, Marie-Valentine FLORIN
IRGC Guidelines for Emerging Risk Governance, Marie-Valentine FLORIN
 
risk management.pdf
risk management.pdfrisk management.pdf
risk management.pdf
 
Risk Management Process.ppt
Risk Management Process.pptRisk Management Process.ppt
Risk Management Process.ppt
 
Assessment Of Risk Mitigation
Assessment Of Risk MitigationAssessment Of Risk Mitigation
Assessment Of Risk Mitigation
 
NCV 4 Project Management Hands-On Support Slide Show - Module5
NCV 4 Project Management Hands-On Support Slide Show - Module5NCV 4 Project Management Hands-On Support Slide Show - Module5
NCV 4 Project Management Hands-On Support Slide Show - Module5
 
Development of a Compendium of Effective Structural Interventions for HIV Pre...
Development of a Compendium of Effective Structural Interventions for HIV Pre...Development of a Compendium of Effective Structural Interventions for HIV Pre...
Development of a Compendium of Effective Structural Interventions for HIV Pre...
 
Bcu msc cg week 4 risk management
Bcu msc cg week 4 risk managementBcu msc cg week 4 risk management
Bcu msc cg week 4 risk management
 
Foresight 4 Cybersecurity
Foresight 4 CybersecurityForesight 4 Cybersecurity
Foresight 4 Cybersecurity
 
About the IRGC Foundation
About the IRGC FoundationAbout the IRGC Foundation
About the IRGC Foundation
 
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain timesPECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
PECB Webinar: ISO 31000 - The Benchmark for Risk Management in uncertain times
 
Risk management
Risk managementRisk management
Risk management
 
Application of Q methodology in critical success factors of information secur...
Application of Q methodology in critical success factors of information secur...Application of Q methodology in critical success factors of information secur...
Application of Q methodology in critical success factors of information secur...
 
Information security – risk identification is all
Information security – risk identification is allInformation security – risk identification is all
Information security – risk identification is all
 

Último

Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
tanu pandey
 
Night 7k to 12k Call Girls Service In Navi Mumbai 👉 BOOK NOW 9833363713 👈 ♀️...
Night 7k to 12k Call Girls Service In Navi Mumbai 👉 BOOK NOW 9833363713 👈 ♀️...Night 7k to 12k Call Girls Service In Navi Mumbai 👉 BOOK NOW 9833363713 👈 ♀️...
Night 7k to 12k Call Girls Service In Navi Mumbai 👉 BOOK NOW 9833363713 👈 ♀️...
aartirawatdelhi
 
(NEHA) Call Girls Nagpur Call Now 8250077686 Nagpur Escorts 24x7
(NEHA) Call Girls Nagpur Call Now 8250077686 Nagpur Escorts 24x7(NEHA) Call Girls Nagpur Call Now 8250077686 Nagpur Escorts 24x7
(NEHA) Call Girls Nagpur Call Now 8250077686 Nagpur Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
VIP Call Girls Agra 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Agra 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Agra 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Agra 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...
VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...
VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...
SUHANI PANDEY
 
VIP Model Call Girls Shikrapur ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Shikrapur ( Pune ) Call ON 8005736733 Starting From 5K t...VIP Model Call Girls Shikrapur ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Shikrapur ( Pune ) Call ON 8005736733 Starting From 5K t...
SUHANI PANDEY
 
Call Girls in Chandni Chowk (delhi) call me [9953056974] escort service 24X7
Call Girls in Chandni Chowk (delhi) call me [9953056974] escort service 24X7Call Girls in Chandni Chowk (delhi) call me [9953056974] escort service 24X7
Call Girls in Chandni Chowk (delhi) call me [9953056974] escort service 24X7
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
best call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakur
best call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakurbest call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakur
best call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakur
SUHANI PANDEY
 

Último (20)

World Press Freedom Day 2024; May 3rd - Poster
World Press Freedom Day 2024; May 3rd - PosterWorld Press Freedom Day 2024; May 3rd - Poster
World Press Freedom Day 2024; May 3rd - Poster
 
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Akurdi ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
 
An Atoll Futures Research Institute? Presentation for CANCC
An Atoll Futures Research Institute? Presentation for CANCCAn Atoll Futures Research Institute? Presentation for CANCC
An Atoll Futures Research Institute? Presentation for CANCC
 
Night 7k to 12k Call Girls Service In Navi Mumbai 👉 BOOK NOW 9833363713 👈 ♀️...
Night 7k to 12k Call Girls Service In Navi Mumbai 👉 BOOK NOW 9833363713 👈 ♀️...Night 7k to 12k Call Girls Service In Navi Mumbai 👉 BOOK NOW 9833363713 👈 ♀️...
Night 7k to 12k Call Girls Service In Navi Mumbai 👉 BOOK NOW 9833363713 👈 ♀️...
 
Financing strategies for adaptation. Presentation for CANCC
Financing strategies for adaptation. Presentation for CANCCFinancing strategies for adaptation. Presentation for CANCC
Financing strategies for adaptation. Presentation for CANCC
 
Scaling up coastal adaptation in Maldives through the NAP process
Scaling up coastal adaptation in Maldives through the NAP processScaling up coastal adaptation in Maldives through the NAP process
Scaling up coastal adaptation in Maldives through the NAP process
 
The Economic and Organised Crime Office (EOCO) has been advised by the Office...
The Economic and Organised Crime Office (EOCO) has been advised by the Office...The Economic and Organised Crime Office (EOCO) has been advised by the Office...
The Economic and Organised Crime Office (EOCO) has been advised by the Office...
 
(NEHA) Call Girls Nagpur Call Now 8250077686 Nagpur Escorts 24x7
(NEHA) Call Girls Nagpur Call Now 8250077686 Nagpur Escorts 24x7(NEHA) Call Girls Nagpur Call Now 8250077686 Nagpur Escorts 24x7
(NEHA) Call Girls Nagpur Call Now 8250077686 Nagpur Escorts 24x7
 
Antisemitism Awareness Act: pénaliser la critique de l'Etat d'Israël
Antisemitism Awareness Act: pénaliser la critique de l'Etat d'IsraëlAntisemitism Awareness Act: pénaliser la critique de l'Etat d'Israël
Antisemitism Awareness Act: pénaliser la critique de l'Etat d'Israël
 
The U.S. Budget and Economic Outlook (Presentation)
The U.S. Budget and Economic Outlook (Presentation)The U.S. Budget and Economic Outlook (Presentation)
The U.S. Budget and Economic Outlook (Presentation)
 
VIP Call Girls Agra 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Agra 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Agra 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Agra 7001035870 Whatsapp Number, 24/07 Booking
 
VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...
VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...
VIP Model Call Girls Narhe ( Pune ) Call ON 8005736733 Starting From 5K to 25...
 
VIP Model Call Girls Shikrapur ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Shikrapur ( Pune ) Call ON 8005736733 Starting From 5K t...VIP Model Call Girls Shikrapur ( Pune ) Call ON 8005736733 Starting From 5K t...
VIP Model Call Girls Shikrapur ( Pune ) Call ON 8005736733 Starting From 5K t...
 
WORLD DEVELOPMENT REPORT 2024 - Economic Growth in Middle-Income Countries.
WORLD DEVELOPMENT REPORT 2024 - Economic Growth in Middle-Income Countries.WORLD DEVELOPMENT REPORT 2024 - Economic Growth in Middle-Income Countries.
WORLD DEVELOPMENT REPORT 2024 - Economic Growth in Middle-Income Countries.
 
Call Girls in Chandni Chowk (delhi) call me [9953056974] escort service 24X7
Call Girls in Chandni Chowk (delhi) call me [9953056974] escort service 24X7Call Girls in Chandni Chowk (delhi) call me [9953056974] escort service 24X7
Call Girls in Chandni Chowk (delhi) call me [9953056974] escort service 24X7
 
best call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakur
best call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakurbest call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakur
best call girls in Pune - 450+ Call Girl Cash Payment 8005736733 Neha Thakur
 
2024: The FAR, Federal Acquisition Regulations, Part 30
2024: The FAR, Federal Acquisition Regulations, Part 302024: The FAR, Federal Acquisition Regulations, Part 30
2024: The FAR, Federal Acquisition Regulations, Part 30
 
Tuvalu Coastal Adaptation Project (TCAP)
Tuvalu Coastal Adaptation Project (TCAP)Tuvalu Coastal Adaptation Project (TCAP)
Tuvalu Coastal Adaptation Project (TCAP)
 
Regional Snapshot Atlanta Aging Trends 2024
Regional Snapshot Atlanta Aging Trends 2024Regional Snapshot Atlanta Aging Trends 2024
Regional Snapshot Atlanta Aging Trends 2024
 
2024: The FAR, Federal Acquisition Regulations - Part 29
2024: The FAR, Federal Acquisition Regulations - Part 292024: The FAR, Federal Acquisition Regulations - Part 29
2024: The FAR, Federal Acquisition Regulations - Part 29
 

IRGC Guidelines for Emerging Risk Governance

  • 1. EPFL Center + Foundation GOVERNANCE OF EMERGING RISKS Guidelines for the governance of unfamiliar risks March 2017 No part of this document may be quoted or reproduced without prior written approval from IRGC This presentation deck accompanies the main IRGC report and an appendix, available online: https://www.irgc.org/risk-governance/emerging-risk/a-protocol-for-dealing-with-emerging-risks/
  • 2. EPFL Center + Foundation Introduction • A risk is an uncertain (mostly negative) consequence of an event or an activity with regards to something that humans value. Emerging risks are ‘new or familiar risks that become apparent in new or unfamiliar conditions’ • Emerging risks should be distinguished from familiar risks: o Familiar risks are well understood by risk managers who know how to manage them o Emerging risks on the other hand are primarily characterised by uncertainty • Knowledge becomes the key concept for emerging risks • The concept of emerging risk is relative, not absolute • In emerging risk management, what matters most to an organisation is its potential exposure 2
  • 3. EPFL Center + Foundation Characteristics of emerging risks • IRGC suggests three categories of emerging risks: Risks with uncertain impacts Risks in complex, interconnected systems Risks resulting from changes in context High uncertainty and a lack of knowledge about potential impacts and consequences (interactions with risk-absorbing systems). e.g., applications of synthetic biology Increasing complexity, emerging interactions and systemic dependencies have the potential to lead to non-linear impacts and surprises. e.g., systemic risks in energy or ICT systems Changes in context (social, regulatory, natural etc.) may alter the nature, probability and magnitude of expected impacts of previously known risks. e.g., antimicrobial resistance 3
  • 4. EPFL Center + Foundation Defining an appropriate process for emerging risk governance • The guidelines proposed by IRGC provide an overarching framework to support senior managers address emerging risks. • They help to organise how information and evidence are collected, analysed and combined to design strategies for emerging risk governance. • In particular, the IRGC guidelines: o Provide guidance to organisations in anticipating and responding to emerging risks o Provide transparent and enforceable criteria for the evaluation of the effectiveness of the emerging risk governance process o Embed the emerging risk management process as a routine within the organisation, drawing from existing processes 4
  • 5. EPFL Center + Foundation Emerging Risk Governance Guidelines 5
  • 6. EPFL Center + Foundation Step 1: Make sense of the present & explore the future 7 Provide early warning Identify: • Potential threats or opportunities to relevant assets and processes • Contributing factors that create fertile ground for risks and opportunities to develop (emerge, amplify or attenuate) Make sense of signals that might shape the future Detect and explore current and possible future evolutions that may change the organisation’s environment Analyse these changes according to their potential to represent a threat and/or an opportunity Filter and prioritise the detected threats and opportunities that require further attention in Step 2 Regularly update the selection of risks and opportunities as new information becomes available Required actions List of threats and opportunities that require further analysis and exploration Description of the context in which these develop Identification of the necessary or sufficient conditions for the risk or opportunity to materialise List of threats and opportunities that are irrelevant to the organisation's objectives given available information Expected outcomes Key objective
  • 7. EPFL Center + Foundation Step 1: Make sense of the present & explore the future 8 Emerging risk conductor Defines approaches and facilitates continuous interactions among experts and between experts and decision-makers Experts and analysts Detect signals, perform analyses and suggest necessary characterisation Senior decision-makers Validate Step 1 outputs and decide which issues will be further investigated and what resources will be allocated to the process Key participants & responsibilities • Diversity of information • Scientific soundness of data collection, analysis and prioritisation • Data reliability and consistency • Compatibility with existing and past or familiar threats Key success factors
  • 8. EPFL Center + Foundation Contributing factors to risk emergence 9 The human factor: Behavioural and cultural advancement The overall context: System complexity The decision- maker 4. Varying susceptibility to risk 3. Positive feedback 2. Loss of safety margins 1. Scientific unknowns 7. Technological advances 6. Social dynamics 5. Conflicts of interests, values and science 12. Malicious attacks 11. Perverse incentives 10. Information asymmetries 9. Communication 8. Temporal complications Source: IRGC (2010). The Emergence of Risks: Contributing Factors. Geneva: International Risk Governance Council. Report available online: https://www.irgc.org/risk- governance/emerging-risk/irgc- concept-of-contributing-factors-to- risk-emergence/
  • 9. EPFL Center + Foundation Anticipating vs. exploring uncertain futures 10 Level 1 Level 2 Level 3 Level 4 Deep Uncertainty Context A clear enough future Alternate futures (with probabilities A multiplicity of plausible future Unknown futures Familiar risks Emerging risks Source: Walker, W. E., Marchau, V. A. W. J. & Swanson, D. (2010). Addressing Deep Uncertainty Using Adaptive Policies: Introduction to Section 2. Technological Forecasting & Social Change, 77(6), 917–923.
  • 10. EPFL Center + Foundation Framing discussions of risk and innovation • Innovation creates change • This always carries risk, with the potential for harm as well as benefit • It is difficult to ‘predict’ the future • Complexity, uncertainty and ambiguity (different interpretations, or even controversy) • Often technological innovations and related risks develop in complex systems  Interdependent cascading failures may happen in a network of interconnected system components, where a small localised initial failure (which could result from an emerging risk) may trigger large perturbations elsewhere 11
  • 11. EPFL Center + Foundation Step 2: Develop scenarios based on narratives & models 12 Develop scenarios of how an emerging risk or opportunity could impact an organisation and its objectives. This: • Offers the possibility for collaborative framing of existing and future threats/opportunities • Provides evidence and support for future decisions concerning the identified threats/opportunities • Updates the scenarios as new information and knowledge become available Develop or use various types of scenarios to explore and evaluate the emerging risk that could affect the organisation in the future Begin to identify possible bifurcations and intervention points, to prepare the development of management options Update the scenarios as necessary, taking into account the emergence of new signals and the outcome of strategic interactions with stakeholders Required actions Set of explorative scenarios. The scenarios describe how the threats and opportunities identified in Step 1 may have an impact on the organisation. Particular attention must be given to: • The contributing factors (amplifying or attenuating) • Events or tipping points that may accelerate, reduce or generally affect the factors • The consequences of each scenario for the organisation Familiarity with concepts Expected outcomes Key objective
  • 12. EPFL Center + Foundation Step 2: Develop scenarios based on models & narratives 13 Experts in futures studies scientific & scenario- building techniques Facilitate interactions between contributors and ensure the validity of the scenario development exercise Emerging risk conductor Ensures the coherence of the exercise with the threats and opportunities de ned in Step 1 and the organisation’s expectations Decision-makers Confirm their commitment, in particular by allocating resources, providing reward and assigning responsibilities Key participants & responsibilities • Relevance to concerns and needs of decision-makers • Credibility, to assess the scientific soundness of the models and data used as well as the transparency of the choices • Comprehensibility and traceability, to describe the clarity of the sequence of events and the ability of final users to easily understand and follow the underlying rationality • Legitimacy, through openness of the process to various stakeholders, promoting different values and political orientations • Creativity, to stimulate new ways of thinking and dealing with the “unusual” • Distinctness, to assess the ability of the scenarios to jointly convey to decision-makers the diversity of possible futures Key success factors
  • 13. EPFL Center + Foundation Step 3: Generate risk management options & formulate strategy 14 Design strategies for the management of emerging risks that are proactive, effective, cost- efficient and adaptive in order to deal adequately with the risks and opportunities explored in Step 2 Identify and evaluate possible emerging risk management options. No option should be excluded Define intervention points and indicators. Consider the organisation’s decision-making style, resources and risk appetite Identify thresholds of irreversibility and thresholds of acceptability Communicate this process and the decision that has been made in a transparent manner Include uncertainty: Being aware of what is unknown Required actions Management strategies for each scenario: Provide a strategy for each of the scenarios developed in Step 2. The description of the strategy, its expected performance and the key trade-offs adopted by decision-makers must be made explicit A final decision as to which emerging risk management option(s) will be implemented Expected outcomes Key objective
  • 14. EPFL Center + Foundation Step 3: Generate risk management options & formulate strategy 15 Decision-makers at the strategic level Select options and demonstrate leadership, especially when it comes to challenging comfortable or routine practices not suited to changing environments Emerging risk conductor Facilitates the decision-making process and ensures that decisions are made Key participants & responsibilities • Flexibility for adaptation and adjustment to new evidence when it becomes available • Consistency with organisational values and culture as well as with procedures • Internal openness and transparency of the process • Clear prioritisation of actions, taking expected impacts and available resources into account • Revision of the strategy if context and conditions change Key success factors
  • 15. EPFL Center + Foundation Step 3: What to do and how 16 Generating the strategy options for implementation • What strategy and options could respond to the emerging risk? • When could these options be implemented? What would be the intervention timing? Evaluating the strategic options • What criteria will be used to assess and evaluate the options to provide the best response to the variety of possible futures? • How will the performance of the management options be evaluated? Making robust decisions • What decision-making approach will be chosen? How? • What option or combination of options will be decided? • What is the timing for implementation?
  • 16. EPFL Center + Foundation Step 3: Generate strategy and options for implementation 17 Some of the factors that contribute to risk emergence are controllable. In those cases, an organisation can act to prevent a risk from emerging (or amplifying) or can reduce its consequences if it materialises. 1 Act on contributing factors to risk emergence Trying to avoid the risk can represent a valuable management option in cases where the risk evaluation results in reasoned assumptions of unacceptable consequences. Precautionary approaches should be chosen on a case-by-case basis, in relation to a desired level of protection against identified potential risks. 2 Develop precautionary approaches A reduction in exposure or vulnerability can be a strategic option if an intervention is considered too costly, inappropriate, or impossible For emerging but well identified risks: reduce sensitivity to the risk by developing redundancies, improving personnel training or readjusting protection capabilities. In the case of unexpected events: build resilience 3 Reduce vulnerability 1 Act on contributing factors to risk emergence 2 Develop precautionary approaches 3 Reduce vulnerability 4 Modify risk appetite in line with risk 5 Use risk governance instruments for familiar risks 6 Do nothing Dealing with emerging risks requires that organisations constantly align their risk appetite to changes in their environment, the availability of new knowledge, and their resources and capabilities to tolerate or cope with potential risk losses. 4 Modify risk appetite in line with risk
  • 17. EPFL Center + Foundation Step 4: Implement the strategy 18 Implement strategy options decided in Step 3 Creating supportive conditions for the organisational, technical and cultural shifts that may be required for the effective deployment of risk management options Put in place the internal and external communication capacities required for a common understanding of the objectives and the rationale behind them Allocate resources to match operational capabilities with strategic orientations Clearly define roles, responsibilities and incentives according to the strategic options adopted Support strategy implementation by ensuring adequate authority and leadership in all phases and enabling the creation of appropriate risk cultures Required actions • Translation of the strategic objectives into individual and collective objectives at the various levels of the organisation • Implementation of the decisions made in Step 3 Expected outcomes Key objective
  • 18. EPFL Center + Foundation Step 4: Implement the strategy 19 Strategic decision-makers (e.g. chief risk officer) Endorse the responsibility of implementing the strategy; appoint a dedicated team Risk owner (if any) Effectively manages the risk and opportunity for which he/she is responsible, and is rewarded accordingly Other relevant stakeholders Translate the strategic decisions into concrete actions Emerging risk conductor Provides complementary knowledge or expertise regarding the risks and opportunities considered Key participants & responsibilities • Transparency through effective and continuous communication about the strategic objectives and decisions at all levels of the organisation • Including relevant stakeholders for the evaluation of the strategy relevance and effectiveness, and timely reaction to resolve conflicts and trade-offs • Continuous monitoring through the early detection of difficulties and conflicts (with bottom- up reporting) • Continuous interactions with the emerging risk conductor to re-evaluate the relevance of the strategy in light of new signals and knowledge, if necessary Key success factors
  • 19. EPFL Center + Foundation Step 5: Review risk development and decisions 20 Monitor how emerging risks and opportunities unfold Review the relevance and performance of the decisions made and, if needed, Update the strategy Deploy monitoring capabilities for the decision options described in Step 3 Create the interaction space required for the conductor and other users of the guidelines to exchange and communicate Establish bridges with risk management standards or professional organisations, which may help confer legitimacy to the process Required actions • Risks and opportunities can be decommissioned, or become accepted or sufficiently well known for familiar risk management measures to be employed • Risks and opportunities outside of these options must remain the subject of careful and continuous monitoring, analysis and revision Expected outcomesKey objective
  • 20. EPFL Center + Foundation Step 5: Review risk development and decisions 21 Senior managers Review decisions about the organisation’s emerging risk management, i.e. the design and implementation of internal structures and processes Business managers Deploy the adopted risk management strategies Emerging risk conductor Creates interaction space for reflection and confidence Key participants & responsibilities • Involvement of all internal stakeholders • Open and transparent discussions • Regular updates of strategic decisions based on new information Key success factors
  • 21. EPFL Center + Foundation The emerging risk conductor • Emerging risk governance requires leadership, it requires a ‘risk conductor’ to ensure the effective implementation of the guidelines • Specifically, the risk conductor must have the mission and resources to lead the process and to: o Facilitate interactions among participants o Validate technical frameworks and approaches adopted in the process o Monitor performances and, if required, identify and correct weaknesses o Promote necessary changes in attitude and behaviour o Communicate to increase awareness and explain decisions o Report on the potential impact of emerging risks o Review 22
  • 22. EPFL Center + Foundation Conditions for success 23 Provide a supportive environment Tolerance for failure Acknowledge cognitive biases Dialogue about the challenges of investing in emerging risk governance Communicate Proactive attitude to change Creating meaningful interactions between stakeholders Demonstrate that it is effective and worth the investment The emerging risk conductor must not be a ‘prophet of doom’
  • 23. EPFL Center + Foundation Conclusion • Frameworks for the governance of familiar risks are often not appropriate for emerging risks: Need for internal processes to anticipate and respond to risk • Create conditions for opportunity management as well as for risk management • Innovation management and emerging risk management are interlinked • At a broad strategic level, implementing these guidelines should result in four distinct key capabilities: o Proactive thinking o Willingness to bear or to avoid risk o Prioritising investments o Internal communication 24
  • 24. EPFL Center + Foundation How IRGC developed its guidelines for emerging risk governance • Look at how practitioners do it: ENISA – EU Agency for Network and Information Security, EFSA – European Food Safety Authority, Swiss Re SONAR, CEN workshop agreement on managing emerging technology-related risks (Din_CWA 16649) • Look at theoretical foundations in cultural theory of risk, dynamic capabilities in strategic and innovation management, use of signals and early-warnings in technology management, foresight and scenario development, robust decision-making, and strategy implementation • Previous IRGC work o Factors contributing to risk emergence (2010) o Improving risk management in industry (2011) o Public sector governance of emerging risks (2013) o On-going discussions with practitioners and academics at workshops 25
  • 25. EPFL Center + Foundation www.irgc.org http://irgc.epfl.ch No part of this document may be quoted or reproduced without prior written approval from IRGC © EPFL International Risk Governance Center and Foundation, 2015 - 2017