As Chief Resilience Officer, CROs will play a more strategic role, looking beyond risk to trust and how the sea of challenges ahead can be reframed as opportunities to reimagine or transform the organization with renewed purpose and vision to generate long-term value.
Changing the ‘R’ in CRO from risk to resilience
As organizations shift their focus from risk to resilience, the role of the CRO will need to change with it. As Chief Resilience Officer, CROs will play a more strategic role, looking beyond risk to trust and how the sea of challenges ahead can be reframed as opportunities to reimagine or transform the organization with renewed purpose and vision to generate long-term value.
There are several examples of companies that have reimagined themselves over the years to respond to disruptive forces and prevail to sustain their competitive advantage. In the Netherlands, DSM began its organizational journey more than 100 years ago as Dutch State Mines, a coal mining company. When the Netherlands began phasing out coal as a major fuel source, DSM saw an opportunity to reinvent itself as a chemical company. More recently, based on new global environmental shifts, it has transformed its organization again as a life sciences company.
By its own admission, Nokia has been “adapting to the needs of an ever-changing world for over 155 years.” From its roots as a paper mill, Nokia has repurposed and reimagined itself several times over, remaining resilient through ever-changing times. In the 1990s, its name became synonymous with mobile phone devices. When the competition in that market became fierce, Nokia pivoted again, expanding its market focus to telecommunications networking. The company is now positioned to be an industry leader in the transition to 5G wireless technology.
A risk can be an opportunity an organization saw too late.
In the wake of COVID-19, and with primary forces pushing a host of disruptive megatrends forward at a rapid clip, every global organization will need to reimagine their futures by identifying opportunities before they become risks, and managing risks before they become catastrophes in ways that build and sustain stakeholder trust. A Chief Resilience Officer can help to lead the way.
Three steps Chief Resilience Officers can take to reframe the future of their organizations
Here are three ways Chief Resilience Officers, with the support of the rest of the C-suite and the board, can reframe the future of their organizations.
1. Reimagine enterprise resilience
Trust is the primary currency in today’s uncertain world. Customers, employees, suppliers, partners, shareholders, regulators and governments need to feel as if they can trust the organization they’re buying from, working for or with, investing in or overseeing. All stakeholders want to have confidence that no matter the disruption, the organization has the agility and resilience to thrive in the long term. Trust will only be rewarded to organizations that have robust resilience built into their organizations.
Yet, organizations tend to think about resilience as a blueprint for getting through a crisis. Once the crisis is gone, they revert back to the old way of doing things. It’s time to reimagine resilience in the context of anticipating and identifying opportunities to grow before they become risks, and having the agility to respond to and mitigate the risks before they can have a shattering impact on the organization.
EY’s Trust by Design (TxD) framework offers a practical approach for building a resilience program that reaches for the opportunities while considering the upside, downside and outside risks. Considering risks across these categories is a first step. As its next step, organizations need to build a resilient infrastructure that uses data and technology to remove human bias and provides insights and transformative mechanisms that can signal when a Grey Rhino is starting its charge. Today’s cloud-based technology framework, combined with artificial intelligence (AI), machine learning and advanced analytics, opens up a new world of possibilities to unlock a powerful source of information at speed and forecast future scenarios.
At the same time, organizations will need to nurture a transformative and agile culture and develop a talent management framework that ensures they have the right people with the right skills in the right places.
With sensors in place to detect the weak signals, organizations can implement practices and controls that allow them to act early to either prevent or minimize the impact of emerging risks, even as their transformative culture enables them to pivots to seize the opportunities that can help the organization grow.
Questions for the C-suite
- How do we act upon weak signals, aligning the increase in the organization’s intensity to the velocity of the underlying risk?
- How do we balance building resilience “storage” while remaining lean and agile enough to respond to emerging risks?
- How do we create insight and foresight in the dynamic risk landscape we are dealing with to optimize our responses?
- Do we have the right digital capabilities to embrace real-time and forward-looking risk insights?
2. Embark on a trusted transformation
While building resilience and getting the strategic opportunities in sight, organizations can redefine their purpose and vision with a focus on long-term value creation. For most organizations, this will require a significant and complex business transformation. Yet, this is exactly where boards and CROs are struggling. Our research suggests that seven of 10 major strategic transformation programs fail to realize their intended business benefits. And the cost of that failure is increasing.
As boards and C-suite executives feel increasing pressure to successfully deliver large and complex transformation programs, they would do well to pair their business transformation with comprehensive program risk management. EY refers to this as “trusted transformation.”
Trusted transformation for long-term value creation combines business transformation anchored by three drivers that put humans at the center, deploy technology at speed and innovation at scale, with program risk management that emphasizes transparency and control as part of a positive organizational risk culture. By embedding transparency and control from planning until closure in a project lifecycle, organizations can better understand the project risk profile and complexity, bring together program risk, quality, benefit and performance management to help management make well-informed decisions, and articulate the benefits and value delivered.
Questions for the C-suite
- How do we redesign our purpose, long-term value proposition, business strategy and associated risk awareness with our business ecosystem in mind?
- How do we instill trust in the new technologies our organization is implementing, and the processes and information we’re using to make key decisions?
- How can we build and maintain trust with regulators, investors, clients and third parties while addressing the current pace of change?
- How are we fostering continuous transformation?
3. Sustain resilience through actionable insight and assurance
To sustain enterprise resilience, organizations need to demonstrate to their stakeholders that the actions they have taken will stick. This means implementing the internal controls and ERM protocols necessary to manage the upside, downside and outside risks, not only within the organization but across the ecosystem.
It also means using trusted intelligence from within and outside the organization to monitor, capture and evaluate market trends that can be used for future-back scenario planning. When an opportunity or risk emerges, organizations can put it through the lens of reimagining enterprise resilience and the cycle begins again, thereby creating a virtuous circle of resilience and long-term value creation that stakeholders can trust.
Questions for the C-suite
- Are we getting the factual insights on risks evolving in our business ecosystem?
- Are we able to objectively analyze and project these insights into our resilience operating model
- Do we have the right agile governance and risk culture in place to act decisively and sustain organizational resilience?
- Do the data technologies we have in place provide trusted intelligence that can compensate for the human bias when our people are confronted with the emotional impacts of disruption?
The future of business depends on resilience and trust
With some exceptions, organizations were unprepared for the catastrophic event that emerged in early 2020. While it’s easy to blame the CRO, risk wasn’t their responsibility to shoulder alone. Further, in a future where significant outside risks move from outliers into the mainstream, managing risks isn’t going to be enough.
Organizations will need to reframe their futures, and the role of the CRO, in terms of reimagined resilience, trusted transformation and actionable insight and assurance. Stakeholder trust and the future of business depends on it.
Summary
In the wake of the COVID-19 pandemic, many CROs have been facing questions asking why they didn't see this coming. It's prompted many to observe that the role of the CRO should now be that of Chief Resilience Officer rather than Chief Risk Officer. With the support of the rest of the C-suite, Chief Resilience Officers can reframe the future for their organizations by: reimagining enterprise resilience; embarking on a trusted transformation; and sustaining resilience through actionable insight and assurance.
