Risk management is moving quickly in an ever changing world. Even organisations accustomed to volatility and uncertainty have recently been taken by surprise at the speed of change and the increasing velocity of risk they face.
This complex landscape is even more difficult when you work in an innovative sector dealing with challenging technical development, multiple (often international) stakeholders and high security requirements. In this environment, getting a handle on risk is more important than ever.
Risk management in defence
When it comes to risk in defence, it’s about managing it throughout the entire delivery mechanism, from customer and stakeholders right down to the smallest suppliers. Successful delivery is dependent on the weakest link in the chain.
Prime contractors generally have high level of risk awareness and maturity. With good reason, as they have a lot at stake: it’s not just from the bottom line they must concentrate on, but also reputation risk and the ability to win future contracts as a recent QinetiQ analysis of major UK defence projects showed. Projects with mature risk management practices (Level 3+ on a scale of 1-4, as measured against the QinetiQ Risk Maturity Model), indicated an average schedule over-run of 4%. Whereas for projects with a low level of risk management maturity, this increases to 56%.
As scrutiny over defence procurement spend rises, so does the demand for visible demonstration of prudent management and fiscal control. In this environment, risk based decision making constantly demonstrates its value. It’s also the preferred way to address complex defence decisions, especially significant procurement and acquisition decisions.
As a result, prime contractors are increasingly expecting their major suppliers to demonstrate a high level of risk maturity to safeguard their major defence programs through early identification of schedule and cost impacts together with their treatment.
Along with improved cost and schedule outcomes, the advantage of providing openness and decision traceability are both essential for audit and review purposes, and support transparency.
What good risk management looks like
So how can your organisation ensure it is supporting good risk practices? Risk management works best when leadership teams set the right culture within the organisation – including risk appetite and attitude. With risk it’s ultimately people who make it all work so it needs to be part of defence organisations’ DNA; senior buy-in is critical to success and is the starting point for embedding it throughout the enterprise, from programme governance and supply chain to export controls and IT.
All systems need to be joined up, from stakeholder expectations and demands all the way down through the supply chain. It’s also important that risk spans the whole organisation. Modern day conflict requires a joined-up approach – a necessity for communication and management of risk.
Integrating risk across the organisation in turn fosters positive organisational behaviours, where risk management becomes part of a success mind-set:
- Understanding of the risk exposure informs better decision-taking
- People aren’t afraid to communicate bad news, instead putting forward solutions
- Proactive action replaces ‘heroic’ fire-fighting
The future of risk in defence
Risk management will become even more important to defence as it adapts to more volatility and uncertainty. In addition to the uncertain business environment caused by globalization, organisations must also deal with rapidly shifting political landscapes, emerging technologies, demographic and workforce changes. Looking ahead, risk management will become more outward looking at the project level, and take in a wider understanding of the context in which equipment is being developed. It will also need to respond to worldwide developments in real-time by monitoring risks continuously and responding in an agile way.
This change will not only be good for the way risk management can support the industry. It will deliver far more quickly to the end-user. The need for faster decision-making, requires increased forward planning, with a much more informed view of the risks that could materialise out of any snap decision that is required. Placing risk management at the centre of defence thinking will avoid unnecessary financial costs, lives lost and national security compromised.