- Increased wage costs
- Production inefficiencies
- Increased workers’ compensation expenses
- Inability to meet customer demand and potential loss of market share
- Inability to expand
- Decreased R&D effectiveness
In addition to the skills gap, manufacturers face numerous other risks arising from factors that include new regulations, geopolitical shifts, supply chain vulnerabilities, and environmental impacts. Added on top of that are the traditional risks that face all industries such as market risk, disruptive competitors, technology obsolescence, and health/safety risks. Collectively, manufacturers must address a larger number of risks, that change more frequently, and are more interconnected than most industries.
Patricia Van Arnum notes the degree of difficulty manufacturers face in Risk Management in Manufacturing: Does Your Company Measure Up? “Considering the complexity and velocity of risks facing manufacturers, as well as the growing importance of understanding strategic risks for the board, consideration should be given to whether it is time for a risk committee of the board. In many respects, it becomes a question of when, and not if, for manufacturers,” she states.
In the same article, however, Van Arnum also says, “93% of survey respondents indicate risk management oversight rests with the full board or audit committee. Only 2% of respondents reported having a risk committee.” Despite the fact that the industry must contend with rapidly shifting, highly complex risks, it is still uncommon to elevate this function to the level where the c-suite can actively engage in managing it.
How ERM can elevate manufacturing risk management
A flexible, objective-driven ERM program can connect the strategic efforts of the executive team with the wide-ranging risks that potentially affect the organization. Deloitte notes, “These factors demand a more analytical, a more agile, and a more clinical view of risk to effectively model the complexity and velocity of top risks and business disruptors. The evolution should focus on better use of technology, changes in the frequency of risk assessment cycles, and imbedding risk management practices within all levels of an organization. In short, risk assessment and management techniques should advance at a rate equal to or greater than the underlying business if they are to satisfy their business imperatives into the future.”
While the right technology has a large influence on the results of an ERM solution, it should not be the only focus. As we stated in Creating a Successful ERM Program: Why Ditching Spreadsheets Isn’t Enough “Technology choices are a critical component when considering how to build a successful ERM program. However, relying on technology alone, without first considering exactly the results your organization needs to achieve, is likely to lead to increased scrutiny and unmet expectations.” The first step is more basic.
Starting with the current state assessment
Before applying technology solutions to the effort, Randy Schumaker of Corporate Board Member magazine suggests re-examining the entire risk management process. “Does your current risk management process adequately provide you, your shareholders, customers and employees with all the information they need? A robust process allows you to focus on your organization’s most critical issues and assure your customers and stakeholders that your team has its eye on the right issues and is actively taking steps to solve them. A robust process is not done annually; it is a living process which captures risks as they appear and evolve.”
Van Arnum offers a list of eight questions that can help when drilling into the current state:
- Does risk have a dedicated role at the board level with sufficient time and capability?
- Does the board receive frequent updates on the effectiveness of key risk actions?
- In management, who owns risk and ERM and who should own it in the organization?
- Do the organization owners have sufficient authority and credibility to drive action on key risks?
- Is risk identification/mitigation integrated with the strategic planning process?
- Does management meet frequently enough to identify and address material changes to the company's risk profile?
- Are senior leaders held accountable for achieving commitments related to risk identification and mitigation strategies?
- Is internal audit objective to monitor the effectiveness of risk management functions?
The goal of this assessment is to determine two key points. Is your organization properly equipped to make smart risk decisions? Can the organization measure if risk controls are effective?
Demystifying ERM in manufacturing
Michael Yip, Vice President of Risk Management with DFW International Airport, recently shared with us that ERM programs do not need to be unnecessarily complicated. The core ERM process is the same one used for most business decisions: identify the options, weigh the options, reap the benefits (or suffer the consequences) of the decision. “No matter what organization you are a part of,” Yip says, “you are already doing some form of it today.”
Manufacturers have an advantage over other industries in this regard. The prevalence of KPIs and quality metrics means that the entire organization is already familiar with measurement and analysis. ERM simply takes those metrics and ties them to organizational objectives to leverage the power of insight and observation arising out of the data. The organization already uses this analytic language, ERM simply extends it further into the strategic planning realm.
Applying ERM to the skills gap
In The manufacturing skills gap: Why HR audits are good risk management, we discuss how the use of HR audits can help assess the effectiveness of efforts to reduce the skills gaps. The data from these audits can measure everything from the rate of training and internal promotion, to the length of time each critical position remains unfilled. Turnover data, pipeline metrics, salary trends, certification rates, and other metrics can be analyzed and monitored in the same manner as other quality measures.
By connecting this data with productivity metrics, safety and claims data, defect rates, and other KPIs, it becomes easier to see which HR programs are actually moving the needle, and which ones are struggling. Linking this analysis to specific objectives allows for targeted prioritization, and the ability to identify the “bang for the buck” of each risk management effort.
Create the data, but leverage the conversations
ERM is not a paint-by-numbers exercise. Effective programs require more than simple if/then statements when examining the data. The critical step is to use this data to inform the conversations that drive strategic decision making. If the new benefits package doesn’t seem to be increasing the applicant pool, what else should we try? If the new hires are three times more likely to file an incident report than a seasoned employee, how can we change that? These are the type of conversations that lie at the heart of board engagement.
Shumaker notes, “The accountability of board members is expanding daily and there are real expectations that you are not just sitting in meetings rubber-stamping the status quo. The risks of manufacturing are real, but with a robust risk identification, assessment, and mitigation process, you can be assured that you are doing your part to minimize those risks to your team, your shareholders and your customers.” ERM is a vehicle to allow the board to be most effective at minimizing risks.
The benefits of Cost of Control Analysis
While the conversations triggered by data are where the ERM program moves from academic to actionable, adding a Cost of Control Analysis can greatly enhance the process. ERM programs that include this analysis allow for competing “what if” responses to these challenges, which can then be costed and weighed next to each other. While the data connected to objectives can spur the conversation, Cost of Control Analysis can project whether the proposed solution is really worth the expense.
Delivering results
The ERM process should not be an annual exercise—draining critical resources but only producing soon-to-be-shelved reports. It should be iterative, continual, and intertwined with the strategic planning efforts. Connect risks to objectives, analyze options, make choices, measure results. Then begin again. Origami Risk can help simply that process and support an on-going, interconnected approach that delivers actionable data.
ERM can seem overwhelming, which can lead to programs that struggle to find acceptance and impact within an organization. By breaking these nebulous risks down into more basic, tangible connections with the type of data you already use, the ties to objectives can be made much clearer. And by using Cost of Control Analysis, you can give the board the type of analysis it needs to drive decisions. It is all possible, with the right, flexible ERM solution.
Get in touch with an expert today to see what right ERM technology can do for your organization.