Let's Buy Software and Start From There!
Clay Scott
Business Development Manager @ Sustain Group | Facilities Management, Asset Management, Strategic Risk Management | RMIA Professional Member
It can be quite a daunting process implementing a company wide risk management strategy. Where do you start?
In some cases you are going to have people using discrete pieces of software, paper based recording mechanisms, excel spreadsheets or even nothing at all.
It can be tempting to shortcut all the research, communicating with propeller heads and plebs and going to a vendor to buy off the shelf or verbose software and then reverse engineering the package to kill two birds with one stone.
- You get free and enthusiastic pre-sales and sales people more than willing to shape your requirements to fit the package. Free consulting to boot.
- You get a software package that resembles Risk Management and gives you a bunch of reports that "look good" and "make sense"
Shall we call this a win for all? Or are there pitfalls?
Let's go back to the start and ask ourselves a couple of simple questions.
Why do we need Risk Management in our business?
What is it that I need to do to make sure I am fulfilling the role I signed up for?
What part does software play in all of this, if at all?
What is the difference between ERM, GRC, IRM, EHS?
How do I measure success? KRI? Leading indicators? Lagging Indicators? Dashboards?
Who are the personas I am catering for?
How do I support them?
How do I support the management team, the board and the executives in their decision making process?
What is opportunity?
I can't answer those questions for you as I am just an enthusiastic software sales person, but what I can do is let you know that successful software implementations in the risk space are always supporting a strong risk profile, not the other way around.
Answering these questions will allow you to perform a gap analysis on your current process. You will then have a better understanding of your requirements, what it is you are trying to achieve. You will be less inclined to chase the shiny showy novelty items and start looking at the big picture. Effective and evidence driven decision making and opportunity exploitation.
As much as I would like to say yes we can do it, we can help you establish your context, we can help you understand your requirements, we can't, shouldn't.
Once you have established your requirement feel free to reach out to me, I will enthusiastically enable you to deliver your risk strategy. And if you need help with any of this I can point you in the direction of some pretty good professionals and thought leaders to assist you.
Please feel free to comment your experience.
Good luck
Certified IT Professional | Cloud & Infrastructure Specialist | Modern Workplace Consultant | Backup & Virtualisation Expert | IT Solutions Architect
5 年The implementation life cycle of software is dictated by the business use case and the functional/non-functional requirements. Once you know those you can select the correct software for your business. Good post Clayton. Hope your well.
founder AI
5 年Risk management is a very important work.