No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Risk

Strategic Resilience Will Be Key to the Post-Pandemic Future

Most Risk Management Strategies Look in Through the Rear View, But It's Time to Focus on the Road Ahead

by Jim DeLoach
April 20, 2021
in Risk
Strategic Resilience Will Be Key to the Post-Pandemic Future

As the global economy remains in flux, most risk management strategies remain backward-looking. Risk needs to adopt strategic resilience strategies if it is to stay abreast of the inevitable changes to come.

Winston Churchill’s observation, “However beautiful the strategy, you should occasionally look at the results,” takes on fresh meaning when nearly seven of 10 directors believe they need to strengthen the resiliency of their organizations.

A National Association of Corporate Directors’ survey conducted before the onset of the pandemic noted that a large majority of directors, almost 70 percent, believe their boards must strengthen their understanding of the risks and opportunities affecting company performance. A more recent survey conducted after the pandemic had disrupted markets for the better part of a year noted that “improved oversight of strategy is more critical than ever in this period of extreme uncertainty.” These findings allude to the struggle of companies and their boards to keep pace with fast-moving market developments that create or destroy enterprise value and frustrate the achievement of performance goals if not addressed in a timely manner.

Strategic resilience is likely at the root of the directors’ concerns due to three issues. First, there is the uncertainty around the pandemic and its impact on market behavior. Second, there is the current and post-pandemic competitive environment and sheer pace of change in the digital economy. Third, most performance metrics are retrospective in nature, recording history as it occurs and focusing on the question of “How we are doing?” instead of “Where are we going, and can we get there?” Metrics not linked to critical strategic assumptions or key execution risks inherent in the strategy may not provide sufficient reaction time for leaders to focus efforts on putting the strategy back on track to deliver expected results.

Strategic resilience is the capacity to turn threats into opportunities and the ability to take advantage of opportunities in a timely, non-crisis-like manner. That kind of resilience is possible only through continuously anticipating and adapting to market trends that can severely impair the earning power of the core business and consummating needed change before the case for change becomes perilously evident – which, in the digital economy, is too late.

This is why the ex post facto characteristics of the so-called lag metrics dominating performance management systems of many companies may be a contributing factor to directors’ concerns about keeping pace with changing markets. Alone, they’re not enough. As the underpinning of perpetual renewal, strategic resilience requires more forward-looking measures to monitor performance. Lead metrics are input-oriented, offer an earlier warning of emerging issues and are more susceptible to enabling needed change.

How to Adopt Strategic Resilience Practices

When linked to critical assumptions relating to external market factors and key risks relevant to the strategy, lead metrics offer an early warning of market opportunities as well as increased or emerging risks warranting immediate attention in the C-suite and boardroom. When coupled with tolerance levels linked to performance objectives and targets, these key risk indicators provide boundaries of acceptable outcomes related to achieving a business objective – that is, they feature both the upside boundary of exceeding the target and the downside boundary of trailing the target. When these boundaries are breached, they trigger management follow-up.

To illustrate, an organization with multiple operating units uses selected strategic documents and business plans to develop a profile of the critical risks around key strategic initiatives. The profile includes risks to the execution of the strategy as well as risks inherent in the strategy. In making this assessment, management considers plausible and extreme scenarios that could invalidate critical assumptions underlying the strategy. For scenarios having the greatest impact, key risk indicators, trending metrics and other relevant information are identified to facilitate monitoring processes and, for high-velocity scenarios, the development of response readiness plans.

For example, many of an organization’s most critical risks are driven, at least in part, by the digital economy. Performance monitoring is deficient from a strategic resilience standpoint if it doesn’t address signs the business model is decaying as circumstances change. That is why directors need to concern themselves with the lack of agility in keeping pace with changing market realities, including: the existence or threat of more nimble competitors, ensuring the company has the talent needed to compete and win long term in the digital age, addressing changing demographics and demand for new skills that are altering the workplace, managing the restrictive burden of significant technical debt constricting resilient response and engaging in out-of-the-box thinking about the business model’s continued relevance.

After confirming the risk profile with the executive team, conceptual alternatives for reporting on strategic execution are evaluated and an approach selected that addresses several objectives:

  • Provide transparency into strategic execution risks;
  • Augment quarterly strategic reviews to enable timely action to address risks to achievement of strategic goals and keep the company on track with strategic milestones;
  • Identify signs of stress on the business; and
  • Supplement the CEO’s periodic strategy updates and discussions with the board.

Based on the strategic risk profile, potential metrics are identified, with an emphasis on lead metrics. Not intended to replace the lag performance metrics currently in place, lead metrics are focused on trends and warning signs that the business model may be under threat from alternative offerings, losing its grip on customer loyalty, facing displacement by emerging technologies or impacted by other external factors affecting critical assumptions, indicating the strategy may be losing steam.

Working with owners of different aspects of the strategy, recommended metrics are reduced (by as much as 60 percent) to the vital few. Criteria such as availability, relevance (to strategic risks), criticality (the most important indicators) and practicality are considered in this process. With respect to availability, emphasis is placed on using metrics that already exist either formally or in shadow systems. With respect to criticality, less is regarded as more. As for practicality, the standard adopted is that a metric’s insights must merit its development costs.

Using these criteria, the metrics are narrowed down to a family of measures that are either currently available or can be tracked at reasonable cost. Working with key process owners, tolerances are developed to provide the foundation for a scorecard or dashboard that tracks whether actual performance is meeting or exceeding the target, short of the target within tolerance limits, or badly missing the target.

The metrics and underlying thresholds are used to develop indices for various risk categories to trend quarterly for use in communicating with the executive team and board. Trending reports should help answer three questions:

  1. Are we riskier this quarter than we were last quarter?
  2. Are we entering a riskier time in delivering our strategy?
  3. If so, why?

Because the indices are based on risk metrics, drill-down capability is available to answer the “why” question. The result is a reporting framework providing early warning alerts of increasing risk exposures or potential opportunities, indicating the need for management action.

The following questions apply to every organization and represent the ultimate measure of strategic resilience:

  • When the company’s fundamentals change, which side of the change curve will it be on?
  • Will it be facing a market exploitation opportunity or the need to react to a crisis precipitated by an obsolete strategy?

Time advantage is attained when the organization obtains knowledge of a unique market opportunity or an emerging risk. More important, it creates decision-making options for the company’s leaders, enabling them to act before that knowledge becomes widely known in the market. Using forward-looking reporting linked to the strategy, companies are able to function as “early movers” and see change on the horizon as a potential market opportunity rather than a looming crisis.

Questions for Executive Teams and Boards

Following are suggested questions senior executives and boards of directors may consider, based on the risks inherent in the company’s operations:

  • Are we assessing the company’s execution of strategy in a comprehensive manner with a forward-looking discipline linked to critical strategic assumptions and risks? Are strategic execution monitoring and actionable early-warning capabilities in place that inform management promptly of new market developments?
  • Are these capabilities working effectively to inform strategic decision-making? Is management setting the tone for strategic resilience through actions and words emphasizing the importance of improving digital readiness, staying close to the customer with focused data analytics, keeping an eye on relevant market trends, organizing for speed and embracing change? Is the tone in the middle aligned with the tone at the top?
  • Would we characterize the company’s decision-making processes as “high-velocity, high-quality?” For example, does the process keep things simple, flatten the organization and emphasize taking appropriate risks, failing fast and listening to feedback?

Tags: Business Continuity PlanningRisk AssessmentRisk Management Frameworks
Previous Post

Passageways Announces Bold New Brand Vision for Leading Board Management Platform OnBoard

Next Post

A-LIGN: Compliance Programs Overwhelmingly on Track Despite Pandemic

Jim DeLoach

Jim DeLoach

Jim DeLoach, a founding Protiviti managing director, has over 35 years of experience in advising boards and C-suite executives on a variety of matters, including the evaluation of responses to government mandates, shareholder demands and changing markets in a cost-effective and sustainable manner. He assists companies in integrating risk and risk management with strategy setting and performance management. Jim has been appointed to the NACD Directorship 100 list from 2012 to 2018.

Related Posts

ai policy

Planning Your AI Policy? Start Here.

by Bradford J. Kelley, Mike Skidgel and Alice Wang
May 7, 2025

Effective AI governance begins with clear policies that establish boundaries for workplace use. Bradford J. Kelley, Mike Skidgel and Alice...

business relationship concept hands

Relationship (Owner) Goals: Why Half Your TPRM Red Flags Stay Hidden

by Chris Audet
April 9, 2025

The front-line staff who manage vendor relationships are uniquely positioned to spot problems before they escalate, yet many organizations fail...

cute robot looking at financial volumes

AI’s Dual Role in FinServ Risk Management

by Nalini Priya Uppari
March 28, 2025

As technology evolves, so do the tools that help banks and investment firms maintain stability amid uncertainty

mineral mining operation

Why Critical Minerals Demand a Compliance Revolution

by Rebeca Vergara Gaona
February 11, 2025

Corporate compliance lessons could help strengthen intergovernmental mineral agreements before problems arise

Next Post
A-LIGN: Compliance Programs Overwhelmingly on Track Despite Pandemic

A-LIGN: Compliance Programs Overwhelmingly on Track Despite Pandemic

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights