From a risk management perspective, digitalization will present unprecedented new challenges. It will take discipline – seven disciplines to be precise – for organizations to get a handle on these risks.
Organizations are embracing transformation in a big way. And for good reason since - in a world where the cloud, social media, the Internet of Things, and mobile technology are the major forces driving demand and customer expectations - it’s not a question of “if” digital transformation is needed but “how” to realize it.
Like CIO Magazine recently said in its article, The Seven Disciplines of Digital Transformation: “A business today can no more compete without digital transformation than an elite athlete can compete without the highest levels of fitness.”
But with digital progress comes digital risks. Digitalization is not only creating new and higher levels of risk; it’s creating completely new types of risk. Successful companies will be the ones that cannot just take advantage of the valuable opportunities of digital transformation, but are also able to quickly address and manage the rapidly evolving risks.
So let’s have a closer look at the seven guiding principles for digital transformation. Are these guiding principles also relevant in the context of managing risk? I believe they are.
- Transformation: Streamlined processes orchestrated across multiple systems.
This is all about carefully planning and executing a digital transformation plan which is derived from a clear digital transformation strategy. Is this relevant for managing risk? Absolutely! Connecting risks to strategic objectives and making sure that risks and appropriate mitigation strategies are taking into account when designing as-is and to-be architectures -both from a business and IT perspective- is critical.
- Integration: Consistent connectivity across all IT operations.
This relates to breaking down siloes so that transformation can occur. From a risk management perspective this is key since the siloed nature of most GRC software solution implementations today is actually blocking the cross-organization collaboration between risk, compliance, audit, security and so on, that is required to get at the root of the risk issues and the true emerging risks that will impact organizations in the future.
- Data: Accounting for expanding data models across myriad systems.
Too often disconnected, siloed data in multiple systems is hampering the ability to aggregate risk data and provide full insight into the risk exposure an organization is facing. The data discipline is key to understand and articulate an organization’s total risk exposure in relation to a given strategic objective.
- Visibility: A real-time understanding of the entire business that enables quick response to challenges and opportunities.
This refers to visibility of data moving around the organization now and the ability to rapidly respond to business insights based on real-time dashboards, rather than the traditional risk and audit reports showing how bad things went two months ago. Real-time visibility is critical in order to be able to make the right (risk-based) decisions at the right time.
- Applications: Controlling and automating processes that span multiple applications and systems.
This means rapidly developing and deploying applications on top of your platform. In order to follow the pace of digitalization, risk management needs to become more agile. Rapid development of new risk management applications on your own digital platform makes firms faster–instead of relying on vendor build one-size-fits-all risk management solutions.
- Scale: Leveraging Big Data for business benefits with processes that are driven by sophisticated analytics.
Today, a vast amount of data is available and accessible to organizations. In-memory data solutions are key to leveraging all new information – for instance, granular customer-payment and spending behavior, social-media presence, and online browsing activity—in risk decision making. Accessing external, unstructured data offers substantial upside not only for better risk decisions, but also for early warning systems, detection of financial crimes, prediction of operational losses, etc.
- Connectivity: Easily sharing data both internally and externally in order to improve overall efficiency.
Risks do not necessarily stop at the boundaries of an organization, so being able to easily, consistently, and reliably connect to external partners, vendors and/or suppliers is a critical enabler for managing risk across the value chain.
Risk management needs to follow the pace of digitalization and the seven disciplines of digital transformation illuminate the path! What are you waiting for?