A StrategyDriven Advisor mapped a large Midwestern utility’s corporate risks to their nuclear business unit risks and then to the processes from which those risks could be manifest. Oversight mechanisms for these programs were identified including gaps; providing a basis for a multiyear internal audit assessment schedule.
Our advisor worked with the utility’s corporate managers and staff to capture the existing internal audit framework and developed a gap analysis of their risk profile; identifying risks not currently categorized or audited and opportunities for further program enhancement based on industry leading practices.
Only seventy-five percent of the utility’s nuclear-related high-risk programs were routinely assessed by either the utility’s nuclear quality assurance or its corporate internal audit programs. Addressing the twenty-five percent gap will enable the utility to considerably reduce its safety, reliability, and efficiency risk exposure.
Other Case Studies
In our experience, oversight organizations eliminating low-value, redundant assessments realize the following annual savings:
$30,000 – $50,000 per base load audit eliminated
$75,000 – $105,000 per specialty audit eliminated
Common, overall audit reduction: elimination of 3 – 5 audits per year per major business group / facility
StrategyDriven Risk Assurance Mapping Process
Even in today’s heavily regulated environment, company oversight organizations may not substantially cover several operational functions important to managing the business’s top-tier risks. In other instances, internal and external oversight groups redundantly monitor business processes and/or unnecessarily assess low and no-risk activities. Additionally, simultaneously occurring assessments often burden and may overwhelm the company’s operational staff. Consequently, there exists a need to better align assessment activities with business risks and coordinate audits between oversight groups. StrategyDriven’s Risk Assurance Maps address all of these challenges.
StrategyDriven’s Risk Assurance Maps enable visualization of the relationships between enterprise risks and their associated operational processes. Concurrently, they reveal the degree of oversight applied to these processes and the residual risk remaining based on the outcomes of these assessments and the performance revealed by the organization’s performance measurement system.
When building a Risk Assurance Map, StrategyDriven Advisors align corporate risks to the day-to-day operational programs through which these risks would be manifest. We then document the internal and external oversight activities associated with these programs; closing gaps and eliminating redundancies that results in a more effective oversight program. We finalize the map by levelizing the assurance activity schedule so to minimize the oversight burden on the operational organization. The result is a fully integrated oversight schedule that optimally covers all of the company’s top-tiered risks.
Beneficial Oversight Organization Impacts
Improves overall effectiveness:
Focuses resources on the performance of risk-based assessments
Enables leveraging of assessments by other internal groups
Eliminates redundant oversight activities
Reduces the number of low value evaluations performed
Identifies the common processes in place to mitigate key risks
Reduces Nuclear Oversight’s impact on the business
Provides for near and long-term assessment schedule planning
Enables identification of near and long-term assessor knowledge, skills, and experience needs
Establishes standard organizational risk definitions
Organizational Value Proposition
Reveals the organization’s residual risk levels
Assists executive management and the Board of Directors understanding of the organization’s key risks and the oversight process
Aligns assessment activities with key organizational risks
Identifies areas where assessment coverage can be enhanced
Coordinates the organization’s oversight activities
Levelizes the evaluation-related burdens placed on the operating organization
Promotes collaboration between executive management and oversight organizations
Increases the credibility of internal oversight groups with the organization at-large
The StrategyDriven Difference
StrategyDriven‘s Risk Assurance Maps have been recognized as a Nuclear Industry Best Practice by an independent industry oversight organization that establishes operational standards for and evaluates performance of all domestic nuclear power plants.
StrategyDriven’s Detailed Risk Assurance Map Framework enables visualization of the relationships between enterprise risks and their associated processes. Concurrently, it reveals the degree of oversight applied to these processes.
StrategyDriven’s Board / Executive Level Risk Assurance Map Framework provides a high-level visualization of the relationships between enterprise risks and their associated major processes. Concurrently, it provides a ‘heat map’ of oversight activities applied to each major process by the organization’s several assurance groups.
Cascading Enterprise Risk Catalog
StrategyDriven’s Cascading Enterprise Risk Catalog supports rapid identification of an organization’s risks as well as providing a benchmark reference to the operational, financial, reputational, and regulatory risks identified by similarly situated peers.
Oversight Activity Levelizing Tools
StrategyDriven’s Risk Assurance Map Oversight Activity Levelizing Tools analyzes the aggregate oversight burden on the organization’s operational personnel; facilitating activity distribution that both optimizes oversight effectiveness and minimizes operational impact.
Risk Assurance Map Development and Maintenance Instructional Guide
StrategyDriven’s Risk Assurance Map Development and Maintenance Instructional Guide provides oversight organization personnel with a step-by-step procedure for the long-term maintenance and use of their risk assurance map.
Integrated Risk Assurance Map Software
StrategyDriven’s Risk Assurance Maps are fully supported by DevonWay’s integrated Risk Mapping software. This world-class application enables collaborative development and maintenance of an organizaton’s risk assurance map and facilitates automatic updating when combined with DevonWay’s suite of performance improvement process applications.
StrategyDriven Risk Management Forum
All organizations face a host of risks incurred during the conduct of day-to-day business operations and stakeholder interactions. These risks challenge executives and managers in so far as they can have consequentially negative impacts on the organization’s ongoing sustainability from an operational, financial, reputational, and regulatory perspective.
Focus of the Risk Management Forum
Materials within the risk management forum focus on those principles, best practices, and warning flags associated with the effective monitoring, mitigation, and response to both identified and unidentified – Black Swan – risks. StrategyDriven regularly publishes articles, podcasts, documents, and resources within the forum cover those topics critical to effective work management and execution.
Click here to visit the StrategyDriven Risk Management Forum.
Learn effective methods of dealing with unexpected, catastrophic events: