What does good risk culture look like? How do you know that your risk culture programme is in line with your peers? Is your risk culture framework as comprehensive as similar organisations?
In this article, we outline the process involved in creating a tailored solution for a Risk Leadership Network member who needed answers to these questions - but didn't have any extra budget. The solution was a peer-contributed and validated Risk Culture Maturity Framework which is now available to all members in our network.
Member challenge
“We're beginning to put together a new risk culture programme to implement across the organisation. But we're worried that our approach might not be in line with other listed organisations. Is our risk culture maturity on the same level as our peers? Has our framework covered all grounds? We don't have any budget to pay a consultant for a maturity model”
.png?width=1080&height=1080&name=Untitled%20design%20(2).png)
Risk Leadership Network member
CRO, ASX-listed technology company
Our solution - creating the Risk Culture Maturity Framework
The process
We have worked with risk culture experts and practitioners to develop the Risk Culture Maturity Framework, a practical assessment tool designed to give risk leaders a baseline to compare the strength of their risk culture against, and to help them prioritise and drive change.
How does it work?
| Organisational Processes | The effectiveness and alignment of organisational structures and processes designed to influence/drive risk culture and behaviours (e.g. via the implementation of policies, frameworks, processes, structures that set expectations and provide clarity, direction and boundaries regarding risk. |
| Intangible Aspects |
Factors that both influence and reflect attitudes, mindsets and behaviours through their impact and reflect group dynamics (e.g. via effects on norms, implicit values, ethical outlook and biases). |
|
The capability the organisation has to assess and influence risk culture and its connectivity with the rest of the organisation |
And then each dimension is broken down into a number of key "Areas" and then further into "Sub-Themes". For each Sub-Theme, we've given examples and descriptions for Immature, Improving and Optimised organisations in a 3-stage maturity framework.
Example: Organisational processes > Incentives alignment
Example: Intangible > Psychological safety & transparency
Why this is different to other risk culture maturity frameworks:
What's next for the member who raised this challenge?
We set up a series of in-depth discussions between the ASX-listed technology firm who raised the priority, and more mature organisations (in risk culture). The member could learn how CROs at these organisations had implemented risk culture improvements, successfully, within their business.
The member was able to hone in on certain aspects of their framework, learning from a risk leader who had practical experience in specific areas of weakness that they'd identified in the framework (e.g. improving escalation processes).
Harness the power of peer collaboration
Are you working on a risk priority or challenge that could benefit from targeted peer collaboration, facilitated by our dedicated team of network managers?
Book an introductory call to discover more about how we could work with you, and other tailored solutions we've provided for our members.
Share this
Five ways to boost executive engagement with risk
What metrics are organisations using to measure risk culture?