By the OGJ Online Staff
HOUSTON, Nov. 2, 2001 Terrorist attacks in the US underscore how much risk has changed in the past decade and how corporations must responding accordingly, James Wiegner, manager director of Rolls- Royce PLC’s power generation unit, said in Houston Friday.
Companies once identified risk as primarily such basic issues as property risk and fire and theft. Today, the list has grown and it still growing to include corporate governance, extortion, terrorism, environmental liability, political risk, and finally, e-age risk. Risk management has become a bottom line business.
But in the final analysis, Wiegner said there are two types of corporate risk: it’s in the plan or not in the plan. Rolls-Royce, with a long history of producing jet engines, has established a “risk register,” assigns an owner to each risk, and how it will be identified.
So-called gates are also established which require go or no-go decisions. Going through the gate requires a solution. If there isn’t one, he said, it means walking away. Risks can be insured, passed to consumers, or passed back to vendors, Wiegner explained.
“No one wants a surprise,” he said. “No one wants to show up on the front page of the Wall Street Journal or Financial Times because of something we blew,” he said. At Rolls-Royce risk management includes protection of the corporate reputation, profits, global image, and shareholder interests.
The importance of identifying, assessing, and managing risk was driven home after scandals, involving media baron Robert Maxwell, who looted company pension plans in an attempt to prop up his debt-ridden businesses, and rogue trader Nick Leeson, who helped bring down Barings Bank, London, shook London’s financial district.
Those episodes drove home the point company officers can “be held personally liable,” Wiegner said, when things go wrong on their watch. When risks materialize, processes must be in place to manage them until they are resolved, Wiegner said.
Such processes can’t be discrete and separate activities from other management activities. “Management involvement and buy in are essential,” Wiegner said. While still not science, if risk can be measured, it can be managed, he added.