Risk management tools
Making risk management more interconnected with IT systems
Making risk management more interconnected
In an internationally networked economy characterised by innovation pressure and geopolitical uncertainties, the demands on risk management (RM) are increasing. More than ever, it should be able to manage and control risks efficiently.
Unfortunately, a look at corporate practice shows that there is still a lot of work to be done here: The RM of companies is often too fragmented. It is run with Excel, PowerPoint, Word and Outlook - this makes the RM vulnerable to errors and ensures insufficient transparency.
Fragmented RM processes lead to wasted resources
A well-organised and clear coordination of internal and external risks within the company is not possible with such fragmented RM systems. Fragmented RM processes lead to insufficient documentation, useless complexity, waste of resources and, last but not least, unclear responsibilities. This also makes it difficult to meet regulatory requirements.
This is where countermeasures need to be taken. Modern IT systems with intuitive operation, dashboard solutions and well thought-out workflows strengthen acceptance among important stakeholders in the company and facilitate external risk reporting.
With such IT systems, risks as well as opportunities can be recorded more quickly and easily by all relevant employees. This facilitates internal coordination. When fed with internal company data, for example from finance, as well as external sources, the systems contribute to comprehensive data-based risk identification. In addition, real-time monitoring of already identified risks can take place.
IT-based RM reduces complexity and increases transparency
A practical example: At a large medium-sized company, we found that the RM was carried out with system breaks. Risk catalogues and assessments were kept via Excel and risk reduction measures were coordinated and recorded via Outlook. Reporting was then done via Word and PowerPoint. The RM process was time-consuming, costly (in terms of staff) and at the same time extremely unpopular within the company. In addition, the overall risk situation was misrepresented because interdependencies between risks were not recognised.
As a result, appropriate steps to reduce risks were not taken in time and had to be made up for afterwards at great expense. In a specific case, the RM did not sufficiently determine the risk of default of a supplier in a purchasing process that seemed harmless at first. When the supplier filed for insolvency after some time, this resulted in a loss of production and costs for replacement procurement.
We introduced an IT-based RM system suitable for the company. This allowed us to reduce the complexity of the process and increase efficiency. The implemented tool also improved reporting, increasing transparency. All relevant employees could now identify, assess, document and monitor risks quickly and easily. This ultimately led to an accurate representation of the overall risk situation.
There are many IT providers for RM systems. Which one is right for your company is often difficult to identify. The implementation and licensing costs for an IT-based RM tool can range from a mid-five-figure to a high six-figure sum, depending on the level of sophistication and the size of the company. The annual maintenance costs are usually in the low double-digit percentage range.
A criteria-based evaluation of different providers is therefore essential. KPMG supports you in the selection and implementation of a suitable IT system.