We’re still in the midst of one of the largest risk events in generations, which not only exposed the holes in many companies’ risk management strategies, but underscores the need for continued work on their plans.
For years, risk management plans might have mentioned a “pandemic” in jest as an example of why having a detailed plan is necessary, but when Covid-19 struck, most programs probably saw that their strategies did not in fact address such a risk. While we’re still dealing with the fallout of Covid-19, program managers need to keep their risk management strategy current, which means establishing and executing a deliberate risk mitigation strategy. This should be then updated on an annual basis.
Risk management strategies need to cover an array of risk issues that can range from the frequently addressed legal, misclassification challenges to operational hazards, brand reputation threats and data integrity management complications.
The key strategies for choosing an appropriate mitigation plan and response to CW Program risk are:
- Identify your risk events based on your CW program and organization objectives;
- Assess trade-off of business benefit and risk by understanding probability of occurrence and overall impact;
- Establish informed mitigation and response plans if a risk event were to occur; and
- Monitor and control the performance of your risk management strategy.
Inventory your risk. Formalizing an effective risk management strategy requires inventorying all the risks your program will encounter. SIA has identified five common areas of risk for CW programs: strategic, operations, compliance/legal, reporting and safeguarding resources. Additionally, a less-commonly discussed area is personal risk (for the CW program leadership). While news headlines might fall within the “compliance/legal” risk component category, the others need to be addressed in an effective and mature CW program risk management strategy.
SIA’s Risk Assessment Framework methodology offers a straightforward approach to organizing your program’s risk management strategy. The methodology comprises the following aforementioned critical steps: event identification, risk assessment and prioritization, establishing risk mitigation and management response, and ongoing risk performance monitoring and control.
Build the strategy. Once you have inventoried your program risk across the comprehensive risk portfolio categories outlined above, you need to document your strategy and detailed plan on how each of these risk categories/individual events are going to be managed. Remember, effective risk management is not to eliminate all and any risk exposure; that would be too financially burdensome and operationally restrictive. The most effective, balanced approach is to measure your organization’s risk tolerance profile and build a plan that meets that guideline in each of the risk categories mentioned above. It’s important to note that each risk category will contain multiple risk event elements.
Once individual risk events are assessed and measured in terms of probability and impact, specific action plans can be designed to address them; these could range from sharing the risk with capable partners to ultimately avoiding and reducing the risk through strict mitigating policy guidelines, insurance coverage and other methods. SIA’s Risk Assessment Matrix tool (pictured) can help you assess and build a risk mitigation strategy for your CW program.
At the very least, you should know what your plan of action is if and when a CW program risk event occurs. You should have an organized risk response plan that has been pre-designed to address the consequences of a risk event occurring. At a high level, some of those response strategies can be:
- Acceptance. Accept the risk as a cost of doing business.
- Avoidance. Take actions to avoid the risk or stop the risk situation completely.
- Reduction. Find ways to reduce the impact of the risk event.
- Sharing/Offloading. Mitigate risk through use of insurance, indemnification or other means.
This four-step management framework can help you choose an appropriate risk management strategy for your CW program.
Don’t over-medicate. But a critical thing to remember is to understand what real risks exist; build a plan to manage/respond to them, and avoid implementing errant program policy burdens that have no meaningful effect on mitigating risk challenges and ultimately leave one’s CW program at a distinct competitive disadvantage in the marketplace. Yes, a CW program can be over-medicated with a burdensome risk mitigation plan that makes it almost impossible for critical stakeholders such as engagement managers, staffing partners and contingent workers to perform in a high-quality competitive manner on behalf of CW program’s goals and objectives.
Risk assessments should be a routine, annual part of a program’s processes conducted with input from internal risk experts within your organization. Key supply chain partners such as VMS and/or MSP partners should be included as well. MSP solution providers are taking steps to enhance their strategic relationship value with clients; leading the establishment and ongoing administration of a CW program’s risk management strategy would be a powerful strategic value to provide.
Risk mitigation and management strategy is one of the most sought-after and important content areas of SIA’s CCWP certification program. Find more information about the certification program online or email Stephen Clancy at firstname.lastname@example.org. New CCWP class dates are published monthly.