The risk register is a great tool to help organisations identify, assess and mitigate risks. However for it to be an effective tool, it must be used and not just reviewed. It surprises us in our board support work how much good effort is put into creating risk registers and how little is delivered from them.

The most common mistakes we find in working with risk registers are:
  • reviewing the risks together as a topic, rather than reviewing risks as a part of critical agenda items
  • reviewing a huge number of risks, many of which are really remote and may never occur
  • not removing or lowering the priority of risks when mitigation plans have been implemented
  • adding a new project and then immediately placing a risk that the project may not be achieved
  • allowing risks to remain highly rated with no realistic mitigation
The role of board members is to seek assurance that the organisation has identified substantial risks, rated them effectively and has placed mitigation controls on the most likely with mitigation plan outlines for the less likely. A quick review of the risk register highlights and trends should provide this, together with an occasional deep dive into a specific risk.

The monthly review should focus on what risks were added, those that have escalated in priority, those that remain high risk without mitigation and those that are recommended for dropping from the register. Supporting documentation for these conditions should be provided to the board members to be read before the meeting. Board members should then ratify the register at the board meeting.

Let's look at these issues in a little more detail:
  • Reviewing the risks together as a topic. This occurs when the risk register becomes an agenda item on its own, disconnected from the critical issues on the board agenda. For example, if revenue is a problem, then risks associated with it should be reviewed at the same time as the income streams and forecasts are reviewed. If new projects are added, project risk should be reviewed with the project. The result of not doing this is that the board member loses the context within which the risk has been raised. It is not an effective use of the board members time.
  • Reviewing a huge number of risks. Overload is an obvious flaw in any management process. In a complex organisation there may be a large number of risks at any one time, however those that require board focus are limited to the most critical. We find that strong boards review many risks when there is no assurance that the management team has control of them. Otherwise the review of many risks takes focus away from the most critical. Again, this is not an effective use of board member time and indicates strengthening of management skill is necessary.
  • Not removing or lowering the priority of risks. Once a risk has been identified and rated as critical, then mitigation plans must be implemented by management. However once these plans are in place, the risk rating must have reduced by definition. The board can choose to maintain a list of critical risks that have mitigating plans in place, but this should be separate from the active register. Board members need to focus on risks that are changing.
  • Adding projects with risk of non achievement. This is a sign of management allowing imcomplete or poorly developed project plans being put in place. When a project is started, it should be assumed that risks have been identified and that mitigation activities are already built into the plan. There is always a risk that the market may move during a project plans duration and that a change becomes necessary, but this should be being managed by the project manager. The risk register should never be used to excuse poor performance or missed targets.
  • Allowing risks to remain highly rated. This is usually a sign of superficial problem solving. A common risk we see is that an IT system or a piece of equipment is becoming obsolete and there is no funding to replace it. Mitigating actions should include work arounds in the event the system or equipment fails, or other financial tradeoffs that could be made to fund replacement. Leaving the risk categorised high, with the assumption that nothing can be done but replace, does not give the board assurance that the organisational continuity is real.
The board members also have a role in contributing to the register. They represent the eyes and ears of the organisation outside and are often better placed to identify external risks than anyone else. Beyond that, there is always the risk that nobody sees coming until it hits. No matter how good the risk register, it will not help in that situation and management must be ready to adapt quickly to the new situation.

For a good discussion on four good practices to document risk, using an IT project example, see this article by Lokesh Aggarwal. The concepts remain applicable outside IT.

Also useful is this download from actuaries.org.uk discussing the level of trust we can have with risk registers.

Risk registers are powerful tools and really assist board members get assurance that risk is being monitored and actively mitigated in an organisation, but like most tools, it must be used effectively.

We would like to hear your ideas on how to make risk registers more effective too. Please comment.
Published in Fundamental Management
Sunday, 25 September 2016 19:19

Sales IS a Boardroom Issue

Is Sales a Boardroom Issue? We always thought so and felt the question was self-evident. But this is apparently not the case as more and more small to medium enterprises (SMEs) we work with demonstrate a superficial understanding of the board members role in sales. There is also a surprising lack of published research on the topic, although we do list some references below. One excellent case study can be found here. Let me share our findings and then invite you to comment on this important issue.

When we ask businesses why they do not see sales as a boardroom issue, we get answers that broadly follow these three lines of reasoning:
  • sales is included in the financials and therefore needs no further emphasis
  • sales process is the role of the Head of Sales, not the board
  • we review product performance and it is an integral part of that review
Are these plausible reasons? There is validity in what is being said, but the question to look at from a governance perspective is: “Is this sufficient?”

We find that when the above reasoning is followed by a board, the coverage of sales becomes superficial and essentially a hands-off exercise. When we compare the amount of time and focus spent on sales against that spent on cost control, we see a ratio of 1:4 to 1:5. In other words, although sales is one of only two levers management can control directly for financial success, they spend much more time on the other lever – expenses - plus risk and administrative issues where a 1:3 ratio of sales : expenses and administration would be far more powerful.

SMEs that are performing well and growing exhibit certain boardroom traits that are quite straightforward and easily copied but too often it takes a change in management thinking, or a crisis, to get these traits adopted. Sales should not be a passive issue in the boardroom.

In SMEs that are performing well, members of both the executive and the non-executive directors ask for evidence and drill down into detail on the following ten questions:
  • what is the revenue plan (by product, region etc..)?
  • what assumptions were made to create the forecast?
  • how will the forecast be achieved?
  • what risks are inherent in the forecast and what mitigating action is being taken against the risks identified?
  • what is the average, high and low in time to sale?
  • what is the average, high and low in time to cash?
  • what is the sales efficiency – sale size, effort to sell, etc?
  • what is the rate of customer losses, complaints and refunds?
  • do we have the right skills and approach in our sales team?
  • are we projecting the right image in our sales and in our sales team?
In addition to asking for detailed answers to these questions, board members should be actively involved with key customers and key accounts. By doing this, they provide themselves assurance that the sales forecast is real, that therefore decisions on growth and investment are being taken on realistic business cases. Additionally they can be assured that they will be first to find growth among their competitors. This focus is supported by coaching and mentoring their key sales people and learning how the customer wants to buy. These help assure the sales process is designed to match and can be fine tuned when a change in customer needs is detected. See this excellent McKinsey piece on understanding the customer experience here.

Even the board structure is an indicator of the level of importance placed on sales. When the board contains at least one member who has been a salesperson on the road, not a former marketing director, then it is likely to have a much more nuanced understanding of the sales forecast and how the company can take advantage of small indicators when the buying patterns have changed.

In short, directors should engage with the people and the process of sales to assure themselves of the confidence level in the forecast, that the risks are truly being managed and not just relegated to another line on the risk register and that customers needs are truly being met.

Perhaps the fact that there is little published research on this topic means it should be self-evident but actual performance in the market indicates it is not common practice. Corporate governance standards have become more stringent in recent years so it is even more important than ever the board members assure themselves of the quality of the sales process.

In future posts we will look at behaviours that are essential for boards that have key account customers and consider some powerful questions for board members to ponder, and ask. Also, we will be looking at the impact of emerging big data and artificial intelligence capabilities and how the board can benefit from them.

Having dedicated a large part of our own careers to customer experience and top line sales, we believe emphatically that sales is a boardroom issue. We welcome your thoughts as to why so many SMEs don’t pay sales the in-depth, focused attention it deserves – the attention that can accelerate their growth and protect their business success long term.
Published in Fundamental Management