New employee insights: Only 46% of employees feel inspired by their organisation's vision.

Here are 7 ways to bring your vision to life

Controls – the heart of managing risk

Control risk managment

The four core questions to risk management

A lot of the theory and discussion around risk management can seem complex, but essentially everything boils down to four core questions….

  1. Do you know the things that matter most to help you succeed?
  2. Do you understand how and why these things might be disrupted through uncertainty and what you can do about that?
  3. Are you doing something to minimise the effect of uncertainty on the things that matter most?
  4. Do you know if what you are doing is working or not?

Everyone needs to understand the risks they face to get the outcome they want. Choosing which risks to control and which to live with reflects your appetite for risk and the potential exposure you can manage.

What is a control?

A ‘control’ (or group of controls) provides you with the ability to monitor and influence risks through a pre-determined risk treatment strategy. A control can also give you an improved measurement to understand the level of risk you are facing at any point in time.

Controls take many forms, but generally they are one of the following:

  • a process,
  • an activity,
  • a physical mechanism or;
  • a pre-set threshold

Benefits from defined controls

If you have the right controls in place then you can measure the reduction in risk exposure that they provide, versus the cost of the controls. It is one important way of measuring how well your risks are being managed. If you have set a Risk Appetite Statement and you do not have defined controls, then you will almost certainly struggle to be able to operationalise it and understand whether you are really taking acceptable risks.

Controls give you the ability to see early warning signs that risks might be about to escalate into a problem. This in turn gives you the opportunity to proactively address the risk and keep it from becoming an unacceptable issue.

When you look at this process at scale in a complex organisation it is critical to know that all your controls work to prevent risks from becoming problems, keep you within your budget and keep your staff working on building business rather than responding to avoidable issues.

For all of your risks, you need to understand what your controls are, who owns them and whether they are the right controls:

Example 1, If there is a risk of fire in a building, some preventative risk controls would include:

  1. conduct a sprinkler system diagnosis/test by a qualified technician and;
  2. conduct a regular test of the fire alarm and staff evacuation strategy.

The controls here are a physical mechanism/test and a process/activity. If these controls were not identified and the risk treatment was to simply to ‘call the fire brigade’ (transfer the risk), then the risk may quickly become an issue as a fire may have broken out, the sprinkler system may not be responding correctly, and people may be hurt before a fire engine arrives.

Example 2, If a gas compression cylinder relies on a valve handle to be closed when not in use and if the handle is not closed properly, a dangerous gas leak could become an explosion risk. Some of the preventative controls would include:  

  1. a locking mechanism on the valve handle;
  2. an indicator light (green/red) indicating that the tank pressure is stable,
  3. this may also be connected to an alarm which sounds if the tank pressure drops and the valve handle is not in the locked position.

If the ‘control’ was simply to ensure that the last person to use the tanks shuts off the valve, then there is little to prevent this from causing an incident if the person is distracted and doesn’t shut the valve properly.

Controls are important in managing your business and avoiding failure/s which could hurt your staff, customers, supply chain, finances and hard-earned brand.

Are you in control of your risk profile?

So how do I know if I am prepared and in control of my risk profile for my business? 

Some of the key questions we find many organisations – even the largest and most well managed – benefit from asking are:

  1. Do I know what the most important controls are in my organisation?
  2. Is it clear who is accountable for all of these controls?
  3. How do I know that these controls are the right controls?
  4. How do I know if these controls are working the way they should?

If you don’t know the answers to the four questions above, then you would likely benefit from an assessment of controls current state.

Click here to learn how to better understand your risk culture and make better quality decisions.

Want to learn more?

Talk to a friendly member of our team about how we can help you with benchmarked and customised risk and compliance consulting services

Latest Insights

Read all Insights
  • Employee Experience
  • Our Books and Research
    • Driving employee engagement for a safer workplace

    A study of employee engagement trends in the Asia Pacific transport and logistics industry including actionable insights to increase employee engagement for a safer ...

  • Patient Experience
    • Special Report: Press Ganey 2020 Award Winner Best Practices

    Press Ganey's latest knowledge brief acknowledges top-performing organisations, highlighting proven strategies for achieving and sustaining success.

  • Employee Experience
  • Leadership
  • Our Books and Research
    • Bring your vision to life with our range of data-driven resources

    Insync found less than half of employees are inspired. So we have compiled our best and latest research to support you!

  • Employee Experience
  • Leadership
  • Our Books and Research
    • So less than half your employees are inspired by the organisation’s vision… Does it matter?

    Insync’s not-for-profit benchmark reveals that only 46% of employees are fully inspired by the vision of their NFP employer. So why does this matter?