Predictable is Preventable: Understanding Real Risk Management
At the 2017 annual PRIMA conference, Gordon Graham, Lexipol discussed how to better protect their agencies and employees as well as help individuals with their organizations to integrate risk management into daily routines by identifying the 10 families of risk.
10 Families of Risk
Family 1 – External Environment – Risks arising from outside the organization that impact your operations. And we know there are a number of these and they are increasing in frequency and severity. Weather, a pandemic, terrorism, criminal street crime, and arson are all examples of external risks.
Family 2- Legal and Regulatory– Risks arising from the complexity of or non-compliance with of the legal framework imposed on your operations in your specific state. If there is a law, ordinance, or statute that requires action or prohibits action this rule must be known and followed.
Family 3- Strategic – Risks arising from the lack of priority setting and appropriate planning leading to a reactive organization that is not prepared or flexible enough to deal with unforeseen events. This happens often, particularly in smaller organizations that do not have sufficient personnel or time to plan for the future.
Family 4- Organizational – Risks arising from not clearly defining roles and responsibilities, not demonstrating the values of your agency or not having monitoring processes in place. As a leader in your organization, you have a key role in getting and keeping good people, developing and maintaining good policy, building a training program, ensuring that there is appropriate supervision of personnel, and having a discipline system in place to address the people who think that rules were meant to be broken.
Family 5- Operational -This is all about how we manage the risk of a specific task, incident, or event. It is critical that supervisors are enforcing policy and making sure things get done correctly.
Family 6- Information – Risks arising from untimely, inaccurate, or unreliable information that supports the discharge of roles and responsibilities. Be aware of the dangers of ignorance, complacency, and cognitive bias.
Family 7- Human Resources – Risks arising from work environments that do not receive adequate resource allocations, lack internal mutual trust, acceptable performance levels, or suffer from a lack of transparency or good management.
This is one of the greatest financial risks faced today in 2017. It is a simple risk to address. When you study the data involving litigation involving law enforcement operations around America, HR risks are among the top three most expensive risks.
Family 8- Technology – Risk arising from outdated or unreliable information systems where user requirements are not met. There are a lot of risks involved in cybercrime, malware, freeware, hacking, theft of confidential data, viruses and many others.
Family 9- Financial and Reputational – Risks arising from improper budgeting, forecasting and expenditure controls, including contracting, asset management, internal audits, improper salaries, misuse of overtime and poor revenue oversight.
Family 10- Political – All government personnel should stay out of the fray of politics. Your mission should not be impacted by which political party is in control of the country.