By Barry Greenhut and Julie Lev, Oracle
Businesses routinely take risks to innovate, grow and compete. But today’s reasonable risk can become tomorrow’s misfortune, so businesses track their risks and mitigate them when needed. That practice has come a long way since its first formalization outside of gambling and finance, when in the mid-1950s it became a way to optimize factory production.
In today’s digitally driven global economy, risk management has transformed into a strategic practice for supporting growth and agility while maintaining control. That’s especially significant when planning for post-pandemic expansion; as our global economy recovers, opportunities are everywhere, and each comes with risks.
Before, during and after a big move—a merger, acquisition, spin-off, new product or service, to name a few—it’s vital to consider risk in every step along your path.
The blazing pace of our digitally driven economy also demands risk intelligence: the real-time assessment of the enterprise’s risk functions and strategies.
When risk intelligence is built into business applications and processes, it extends the reach of risk management practices to every corner of the business and enables a risk-aware culture. It scales with growth and other changes—for example, new people, processes, and markets.
It embeds your organization’s risk knowledge and controls into business processes and workflows. It eliminates time and data gaps between your core business applications and risk management automation, so your people can make faster risk assessments and responses, and know they have the most current information.
Another advantage is the option to embed control enforcement and continuous analysis into your business processes. That means more controls are automated, and more insightful data is available, ensuring that critical processes (such as onboarding new employees after a merger) are secure and audit-ready.
Efficiency improvement is another key benefit. Risk management automation that’s already built into your business applications provides faster collaboration, better coordination of responses to potential problems, and better governance overall.
By contrast, non-native or “bolt-on” automation moves risk information to silos outside your business applications. Data security becomes harder to manage and enforce, and less likely to be consistent with your standards. It can also lead to inconsistent data between one system and the other, and duplication and exposure of this extremely sensitive business data.
In addition to scalability and efficiency, risk intelligence lays the foundation for finance leaders to make big moves (like M&A) with more confidence. For example, Oracle Fusion Cloud Risk Management and Compliance helps leaders assess how influxes of new employees will impact compliance and controls, based on intelligence about how they’ll use the system. If something is found to be out of compliance during the transition period, Oracle Cloud Risk Management automatically alerts process owners, so they can quickly identify the issue and address it.
This is a powerful advantage because it gives leaders a depth of risk knowledge that they haven’t had in the past, helping them better weigh the upside of opportunities against the risks.
Once you have the necessary technology and resources in place, three steps can help you have a successful start:
Get intelligence on your most significant risks first—perhaps by identifying a well-defined financial compliance project (e.g. SOX)—to gain quick results and boost confidence in your strategy. Use that project to identify the people and processes that play critical roles in strong risk management and risk-based decisions.
Start priming your organization with a centralized risk repository. Gradually eliminate manual, spreadsheet-based, ad-hoc processes. Bring together finance, supply chain, and HR processes for well-integrated risk management.
Continuous monitoring gives advanced protection against non-compliance and fraud. It lets you have a real-time dashboard of risk management activities and control effectiveness within your organization, so you can quickly spot and fix potential issues. Continuous monitoring also provides records of system transactions, making audit faster, less laborious, and more automated (to learn more about that, see our post on lightening the load of external audits).
A risk intelligence framework helps you choose new growth opportunities with greater confidence and execute them safely. The value compounds over time as your enterprise grows more risk-aware and audit-ready, day by day.