Risk Management: Improving Business Performance with Proactive Risk Reduction

Share on facebook
Share on email
Share on twitter
Share on linkedin

Business leaders navigate a complex environment in which the pace of change is rapidly accelerating and this has put pressure on companies to focus on risk management. The risk environment is equally challenging. Organisations are juggling a multitude of risks and it is becoming extremely difficult for enterprises to identify and reduce the impact of risk on their organisations. While managing the failure of critical assets is the top pressure, executives should not forget the risks associated with non-compliance, environmental, financial, logistical and supplier issues.

As such, Enterprise Risk Management (ERM) and Enterprise Resilience have become hot topics. But what are they and are they the same concept?

Enterprise resilience and ERM are related concepts that are associated with risk, but they are different. Enterprise Risk Management is a process that organisations use to rigorously identify, assess, manage and monitor risks that may affect their operations and objectives.

Enterprise resilience, on the other hand, is a capability. It describes an organisation’s capacity to anticipate and react to change that could represent opportunities and threats. Resilience includes two important components: organisational capacity and the ability to adapt and grow from a disruptive experience.


There are four stages to achieving enterprise which include:

  • Stage 1 – prepare and plan for the risk event
  • Stage 2 – absorb the consequences of the risk event
  • Stage 3 – recover from the risk event
  • Stage 4 – successfully adapt to the risk event

ERM is the mainstay of Stage 1 and assists with the other three stages as it cuts across organisational silos and considers internal and external risks, such as cyber-attacks and natural disasters. In this way, ERM allows management to identify risks and absorb the negative impact and assists with recovery by allowing organisations to assess and mitigate risks and plan for adverse events.


A healthy corporate culture promotes long-term resilience. The opposite may also be true. If the board and senior leadership are too focused on containing incidents and minimising bad press to preserve reputation and share value, this may lead to inappropriate responses in crises, and to inappropriate strategies to prepare the company to bounce back better.

Your governance, your values and your stakeholder relationships all determine your resilience. So do your processes.


Good governance comprises four essential elements:

Transparency – being clear and unambiguous about the company’s structure, operations and performance, both externally and internally; and, maintaining a genuine dialogue with and providing insights to stakeholders and the market.

Accountability – ensuring that there is clarity of decision-making within the company; with processes in place to ensure that the right people have the right authority to make effective and efficient decisions; with appropriate consequences delivered for failures to follow those processes.

Stewardship – developing and maintaining a company-wide recognition that the organisation is managed for the benefit of its shareholders, taking into account the interests of other stakeholders.

Integrity – developing and maintaining a corporate culture committed to ethical behaviour and compliance with the law.


Almost all organisations have faced adversity at some point in their history. Those that prosper over long periods of time display a remarkable ability to bounce back from adversity time and time again and to create value in changing circumstances.

Business turbulence and disruptions need to be addressed in the same manner as any other material business risk. Directors have a duty to ensure that the organisations which they govern are sustainable through disruptive events and create a culture in which business opportunities are chosen wisely.

A sustainable organisation is able to quickly adapt and align its strategy, operations, management systems, governance structure, and supply chain to meet the challenges of significantly changing environments. It is also able to create competitive advantage by maximising opportunities in an informed manner.

Sustainability is not only about being able to respond to a single crisis or setback but about continuously anticipating and adjusting to trends that can permanently alter the viability of a business. Traits of sustainable organisations include:

A culture of sustainability – a clear purpose and a core set of values which are more than just platitudes. Leaders of sustainable organisations strive to make the purpose and value a compelling reality at all levels of the organisations. The measure of success of a culture of sustainability is the degree to which the organisation’s people, from the board down, are active participants in understanding and addressing the opportunities and risks associated with the achievement of the organisation’s objectives.

A strong understanding of risks aligned to business strategy – all strategies and all opportunities worth pursuing involve risks that must be monitored and managed. Risk management is about both protecting value and creating value.

Accurate monitoring and detection with relevant reporting to management and the board – reporting mechanisms to raise alerts about risks may also be used to identify opportunities.

Reliable and sustainable processes and infrastructure which balance efficiency with flexibility – contingency and recovery planning and competitive advantage are founded on risk-based analysis and are embedded in operational plans encompassing people, processes, systems and data.


The ISO 31000:2018 Risk Management standard provides principles and generic guidelines on risk management. The framework seeks to replace the myriad of existing standards, methodologies and paradigms that differed between industries, subject matters, and regions. It assists organisations to gain better control and visibility into the risks within their operations.

Cross-functional involvement and collaboration are the keys to a successful risk management and risk mitigation program and these are focus areas in the latest version of the ISO 31000:2018 Risk Management standard.

In a risk environment that is growing more perilous and costly, boards and business owners need to help steer their enterprises toward resilience and value by embedding strategic risk capabilities throughout the organisation. But how do you achieve this? Learn more! Download our FREE guide on How to Achieve A Best-In-Class Risk Management System.


Risks ZA works with organisations in numerous ways to help you understand and manage your risks.

Don’t miss our ISO 31000:2018 Introduction to Risk Management Public Training Event which aims to deliver better solutions for managing complex risks and identifying competitive advantages in an ever-changing business environment.

Gain invaluable insights into Risk Management principles and be in a position to establish best-in-class Risk Management practices. Visit our Training Schedule page to view when the next course is running in your area!

To book your seat, call our team on +27 (0) 31 569 5900, email info@riskza.com or complete our Online Booking Form.

You can share this blog post on your preferred social media platform:

Share on facebook
Share on email
Share on twitter
Share on linkedin

Thinking Differently about Workplace Safety Risks

Share on facebook
Share on email
Share on twitter
Share on linkedin

I’m A Celebrity… Get Me Out Of Here! is classic reality TV show. What could be better than putting a bunch of famous people in a jungle, surrounding them with creepy crawlies and putting them through gruelling challenges in return for food tokens?

To put you in the picture – if you’re not yet a fan – the first season of the Australian smash-hit TV series was filmed in the Kruger National Park. The series’ Risk Adviser described this experience as being “on another level”.

“We had a cast and crew of 400-plus people with hippos, lions and snakes everywhere – basically everything that can kill you,” he says. “Then we pushed celebrities downhill and had them swinging from hot-air balloons 50 metres above the ground. It was a monstrous undertaking and while I loved the challenge, it really tested my ability to manage risk.”

Clearly few workplaces face the same challenges. But the point of this anecdote is to illustrate that Risk Management shouldn’t be about preventing risk-taking; rather it should be about using it for opportunity and success!

Download our FREE Guide ‘The Key to a Winning Health & Safety Program: Behaviour Change’ to learn how to foster a safety culture and measure it.


According to the CEO of Wynleigh International Certification Services, Tony Cunningham:

“There’s been a shift in Risk Management thinking. In the past, Risk Management was often an exercise in avoidance and focused mainly on completing compliance-driven activities. Now many organisations are reviewing risk in terms of its potential to drive performance and value.”

Tony points out that the approach to risk in workplaces is going through a similar shift. “The safety profession is now looking at both leading and lagging indicators to examine safety and health risks present within an organisation,” he says.

As part of an effective Occupational Safety and Health (OS&H) program, you should track both lagging and leading indicators. Lagging indicators measure what has already happened and allow you to track the changes in incident rates over a specific time period in the past but are a poor gauge of prevention.

Leading indicators, on the other hand, help you to evaluate whether safety and health performance is improving and whether it will continue to improve in the future. They are proactive, preventative and predictive measures and focus on future safety performance and continuous improvement.

This evolution of the safety profession towards risk-based prevention analysis and continuous improvement culminated in the ISO 45001:2018 Occupational Health and Safety Management System standard.


ISO 45001:2018 helps to identify OH&S hazards, risks and opportunities and proactively manage workers’ wellness and safety. In addition, the standard calls on management and leadership to:

  • Integrate responsibility for health and safety issues into the organisation’s overall strategic plan
  • Demonstrate engagement with employees (and where they exist employees’ representatives) to create a safety culture that encourages active participation in the OH&S management system. This encourages workers to take ownership and adopt a risk-based thinking approach to health and safety risks and opportunities.
  • Ensure the OH&S management system is integrated into business processes.


Clause 6 of ISO 45001:2018 addresses the Assessment of Risks and Opportunities, which is a significant departure from OHSAS 18001:2007 as it requires proactive management of risks and opportunities.

Below are 4 important tips for managing risks and opportunities to meet the standard’s requirements:

  1. Plan a thorough induction training process for new staff.
  2. Invest in ongoing training.
  3. Peer reviews. Use Document Control Software to manage workflows and send risk assessment results to the wider business to get a complete view.
  4. Click to read our blog – Do Revised Standards Mean New Documents & Control Procedures?


ISO 45001:2018 stresses that all employees must actively participate in developing and improving the health and safety system. Culture is a major contributor to workplace safety. But culture is intangible, presenting a real challenge for organisations working towards ISO 45001:2018.

So how do you go about fostering a safety culture and measuring it?

Download our FREE Guide ‘The Key to a Winning Health & Safety Program: Behaviour Change’ to find out how.


Here at Risk ZA we have a collective experience of over 30 years in training, consulting and implementing ISO related management solutions, for organisations of all types and sizes in the Southern African region. We can assist you in assessing your Health and Safety risks and we offer a variety of ISO 45001:2018 training courses and consulting services to meet your needs.

For assistance and more information about our training and consulting services, call our friendly team on +27 (0) 31 569 5900 or email info@riskza.com.


Call us TODAY and SAVE! Use promo code WINTERSPECIAL when booking on any upcoming Online or Public Training Course to claim your exclusive discount. T’s & C’s apply. Offer valid until 30 August 2019.

You can share this blog post on your preferred social media platform:

Share on facebook
Share on email
Share on twitter
Share on linkedin