The 365 day-a-year renewal cycle can become a perpetual hamster wheel, which picks up speed somewhere between four-to-six months out from the renewal date. Inevitably, the short-term needs can overtake the opportunity for future planning. The renewal process is time consuming, which often does not allow the ability to be strategic. Many feel that being strategic is aspirational, but the time just is not there to accomplish those good intentions. In this session at RIMS 2021, Louise Pennington from Willis Towers Watson explains the benefits of a sustainable risk strategy that serves your organization 365 days a year.
It is time to pivot to a new normal…a better normal. Instead of driving risk management towards an annual renewal date, let’s drive risk management to a risk strategy process and platform that is not tethered to any date, but it tethered to sustainable, long-term risk management, mitigation and control.
There are three key elements to developing an effective risk strategy:
1. An intentional strategic plan.
2. The application, utilization and evaluation of analytics and other relevant data to inform objective decision-making.
3. Consistent plan execution.
Begin with building your plan. It should align with your organization’s goals as well as with your own goals as a risk manager. What are you being held accountable for and how can you push past that to drive greater results? Does this match your organization’s long-term goals? Those are not insurance goals. Those are plans that address things like mergers and acquisitions, global expansion and liquidation, for example. The conversation should start with these objectives, rather than how last year’s insurance program performed. This helps flush out your own corporate risk profile. Identify these items and prioritize them.
The next step is to identify what your organization values. What does it need versus what you want, and what that means to the organization. Be transparent. This helps define success and develop a tailored approach. Once you determine potential risks and have them prioritized, shift to identifying your company’s tolerance for risk. This is the quantification step. Does the company’s balance sheet have the ability to assume the risks you have noted? At what point do the risks become harmful? How much can your organization absorb before they need to transfer those risks? Your balance sheet may be strong, but the organization’s tolerance for risk may be conservative. Does the financial ability meet the corporate willingness to assume those risks?
Without a plan, you cannot identify or define success. This plan must simultaneously connect your risk profile, risk tolerance, risk appetite and their alignment with business goals.