4 Takeaways from RIMS 2019

The Resilient Enterprise | The riskmethods Blog

The Risk Management Society (RIMS) annual conference just took place down the street from the riskmethods Boston office, and I was excited to get the chance to go with some of my colleagues to hear the latest on risk management—and also get to know more about the work of Zurich Insurance Group, one of our newest partners. Here are my 4 big takeaways from the sessions I attended and the conversations I heard around the watercooler.

#1: Risk Is Going Digital. Full Stop.

If this one is surprising to you, you haven’t been paying attention. Here at riskmethods, we’ve been talking about it for a while, and the topic was definitely embraced by this year’s RIMS crowd. My favorite thoughts on this were actually contained in a presentation about emerging risk, but they went a long way to enumerate the ways that digital tech can mitigate risk—and, just as importantly, what you should demand from a digital risk management solution. These were a few of the highlights.


Rich Data Set

A digital risk management tool should source information from a broad, rich data set.


Process Automation

A digital risk management tool should give you the ability to automate your risk management processes.


Self-Service Dashboards

A digital risk management tool should enable you to create dashboards that will identify trends and inform analysis.

#2: You Have to Manage Known Knowns and Known Unknowns

…[T]here are known knowns; there are things we know we know. We also know there are known unknowns; that is to say, we know there are some things we do not know. But there are also unknown unknowns—the ones we don't know we don't know.
Donald Rumsfeld, Former US Secretary of Defense

The famous Donald Rumsfeld quote from years ago still gets a lot of attention on the risk management scene. It may sound like a brain teaser, but the core of the quote is absolutely true, and hits at the heart of risk management. How does your organization handle the risks it knows it’s likely to encounter? Probably pretty well—or at least you have a plan. But what about the risk you don’t know you’re going to encounter? That’s a bit harder.

The key to effective risk management is making sure that you have processes in place for sussing out the risk you don’t yet know is on your horizon. There are always going to be unknown unknowns—but with an effective risk management strategy in place, you can reduce their number.


#3: Emerging Risks are a Key Focus for Organizations

RIMS defines emerging risk as follows: “Those risks an organization has not yet recognized or those which are known to exist, but are not well understood.” Traits of emerging risk include: difficulty to communicate, uncertain relevance and difficulty to assign ownership, among others.

To do a better job at identifying emerging risk, you have to understand what potential threats might impact your business objectives, whether they’re the effect of regular market shifts (a change in customer buying behavior, for example) or extraordinary events (disasters, geopolitical events, etc.).  

 At the end of the day, though, the key to mastering emerging risks is simple: Data. Without useful data that will alert you to potential business threats, every emerging risk is simply going to go ignored until it is an actual risk.

#4: Risk Management Creates Value

I guess it shouldn’t be surprising that a building full of people who care about risk feel strongly that risk management creates value. But it’s not just about a feeling—there are actual hard facts to support this. According to a study from Ernst & Young (“Turn risks and opportunities into results”):

  • The top 20% of companies with the most effective risk management practices perform significantly better financially than other companies
  • The bottom 80% of companies derive significantly fewer economic benefits from their efforts, with no significant difference between the middle 60% and the bottom 20%.

My takeaway from this is related to the effort that organizations decide to put behind risk management: Big steps are more effective than smaller steps. If you want to create value with your risk management program, make sure you’re executing it with the right people, processes and technology in place.

Thanks to RIMS for a great show—looking forward to next year!

Back to Home

More from The Resilient Enterprise Blog

Get tips and tricks right in your inbox

Back to top