The first question should NOT be about your strategic risk compass. The most important question is, why did you get lost in the first place?

Our understanding of the strategic risk landscape is changing and as the pace of change accelerates its perhaps understandable that managers don’t always keep up. A depletion in the organisation’s way-finding skills can result in it getting ‘lost’. This can simply be due to a lack of situational awareness and an inability to recognise the landmarks and warning signs which other organisations invest so heavily in.

Coupled with the pace and sophistication of response which is now required, this can easily lead to the organisation finding itself off course and not at all where it intended to be.

How to get ‘un-lost’.

So, how good is your risk compass and do you have the skills to use it? The fact that you’re lost suggests a deficiency somewhere along the line.

Is your compass calibrated to risks which are truly strategic – ie those related to your business plan and your approach to its execution – or does it remain sensitive only to more traditional risk categories such as compliance and finance?

Do you have an effective model or framework through which to request, receive and digest risk information? For example, what did you actually ask for in respect of assurance, or was it the case that internal audit simply presented you with an output they felt comfortable explaining?

Insightful assurance can be invaluable, helping management make better-informed decisions. Strategic risk assurance provides insight specifically in respect of the gaps between perception and reality and helps management capitalise on risk and gain competitive advantage.

It’s highly likely that some (or even all) seniors within your organisation view risk management as simply an administrative exercise aimed at compiling and managing a list of risks, and doing so in glorious isolation from the real demands of the business.

Perhaps this is why you got lost.