There has been some interesting feedback to the Next Gen Risk posting [LINK] from yesterday which was mostly positive (I was expecting some practitioners to become defensive). However, I clearly needed to be a little bit more illustrative with my dialogue.
"Martin, Your article needs some examples"
"Thanks, Martin Davies. I just read your article. Not sure I got the point. I guess I am looking forward to the next post to understand what next gen risk management is. Unclear at the moment."
Next Gen Enterprise Risk Management isn't a concept, it isn't some best practice guidance you can acquire from a consultant nor is it risk management regulations, although it might end up being mandated ~ it's quite simply the future evolution of ERM.
To make it straightforward to appreciate, and we'll post some additional reading on Next Gen ERM and articles from other authors too !!! but in the meantime, I have assembled a small list of Risk Management Ideologies or appliances which demonstrate Next Gen ERM at work. Next Gen as in the future versus where we have come from in risk management.
Quite often people say to me that Risk Management is about Decision-Making, just as one example, and not risk registration lists. It's a popular trending topic among ISO 31000 practitioners at the moment that risk management's end game is decision-making. One would have thought that was obvious and I too agree, this is the fundamental purpose of risk management but, and yes there is a "but" in there. BUT Risk Decisions that are not from the critical thinking domain or decisions loaded with informal fallacies, formal fallacies (plenty of those) and biases are not useful on a good day, let alone when things are going wrong. When what you are doing breaks, clear-headed "critical risk thinking" is desperately needed, nothing else except umm may be luck will help you.
You don't have comprehensive risk decision-making capabilities without lists~data~information, it's just a fail and to consider otherwise is not a tomorrow with a future. So Yesterday Risk Management artifacts are important, they are useful but they are not where this risk management evolution finishes up.
Next Gen Enterprise Risk Management brings Decision-Making to the risk centre by making information contextually relevant and autonomous to the stakeholder but in a governed and transparent way. It's natural yet ergonomic, responsive yet proportionate, it's self-learning, dynamic and it not only maximizes survival, it thrives in volatile situations.
It even has a management language, let's demonstrate:
"The only way forwards is ..." or "Given your position against your objective, your most likely set of options are ... and it might be worth considering the objective and its basis"
"We failed ..." or "What can we learn from this, could the outcome have been worse?"
"We succeeded ..." or "What could we have done better, is this repeatable, is this optimised?"
Anyway, we will publish more articles on Next Gen ERM in the coming months ahead. In the meantime, I would be interested if you could add to the Next Gen ERM list, feel free to reach out with some suggestions.