Risks are part of being an entrepreneur like drooling trousers are part of being a dog owner – you may not find it beautiful, but you have to be able to endure it. What can you do to still sleep soundly and be as prepared as possible?
Crises can affect any company, no one is immune from them. It is all the more important for managing directors and executives to recognize risks and develop mechanisms to counter them. You can find a few tips here!
1. Deal with potential risks instead of suppressing them
One thing is clear: not every company can pay its own risk management team that deals exclusively with the identification, analysis and quantification of risks on a daily basis. But that shouldn’t lead to ignoring the topic.
On the contrary: at least management and executives should regularly deal with the risks that could affect their own company. It helps to first break down which types of risks are fundamentally differentiated – for example, market, credit and valuation risks, operational risks, business risks and legal risks. As soon as you take a closer look at what this actually means, it often becomes clear very quickly where possible problems lie – from hacked CRM to total failure of the supply chain.
It is important not to simply leave identified risks as such, but to consider how one can and wants to deal with them: Can the realization of the risk be avoided, for example? And if so: is the effort adequate? Or can you protect yourself against the risk – for example by taking out appropriate insurance? Or can measures be taken that at least mitigate the effects? All of these considerations should be made and documented on a regular basis.
Of course, you can’t prepare for all eventualities, and in the end, sometimes the very things that you least expect will happen. But: Risk management is a continuous process that, in the best case scenario, does not start when your company is already in the middle of a major crisis. In this respect, the following applies: the more scenarios you think through, the better you are prepared for an emergency.
2. Work with clear and measurable goals
A risk is not an event. Rather, it is the effects of an event, a development or a circumstance that could endanger your company achieving its goals. In order to be able to assess whether a situation could become a risk for your company, you first have to be able to say what your company’s goals are. You need a clear vision that has been broken down into measurable, clear goals and thus can also serve as a strategic guideline for all your decisions – especially in the event of a crisis, when there is already enough chaos around you.
3. Know your numbers inside out!
You don’t know out of your head how high, for example, sales were in the last quarter, what costs (fixed and variable) you incur every month and how high your workload is right now? Then you should check it out urgently! You can only control what you know – that’s why you should always have an eye on the key figures that are particularly relevant for your company. If something is not going in the desired direction, you should also know where and from whom you can get more detailed insights.
4. Keep reflecting on the strengths and weaknesses of your company
There are sure to be things your company is particularly good at – making customers happy, for example. On the other hand, chaos may break out regularly in accounting. Being aware of this has several advantages: On the one hand, you can better identify and assess risks. In the example mentioned, liquidity bottlenecks due to invoices being sent far too late would probably be a much more likely scenario than customers who suddenly move away in large numbers. On the other hand, it also gives you clues as to what you can build on if your company actually slips into a crisis. But don’t forget that your company is not a static structure, but is constantly developing.
5. Get to know the workflows and workloads of your employees and think about what is really business-critical
As with your figures, the following also applies here: What you don’t know, you can’t manage. Then you cannot prevent internal processes themselves from becoming a risk (for example because legal regulations are not adhered to). You do not know how external changes in the environment affect your company and its processes and therefore you may not recognize impending risks. And in an emergency, you cannot identify which processes and positions are business-critical and how you can keep them functioning by skillfully restructuring the existing structures. Therefore: take a look!
6. Be aware of addictions
No company can exist in isolation – you are always directly dependent on other actors. To your customers. On suppliers. To IT service providers. If necessary, on logisticians. The list can be expanded extensively in many cases. What does this mean for your risk management? That if you want to act with foresight, you also have to keep an eye on the environment of your partners and customers. What developments are there and can they then indirectly pose a risk for you?
Trust your employees and give them the opportunity to openly express concerns about possible risks. (Photo: Shutterstock / Wayhome studio)
7. Empower your employees and ensure an open communication culture
Encourage your employees to take personal responsibility and understand their work as an essential part of the company’s success. Of course, you should approach them with appreciation. Employees who are attentive and motivated, think along and act consistently in the interests of the company, will recognize internal risks much faster and better than those who stoically work through the tasks assigned to them. And if, against all efforts, your company does get into an awkward position, you will hopefully have a loyal, intrinsically motivated team that does not immediately throw its hat, but instead tries to pull the proverbial cart out of the mud. Trust in the expertise of your employees and create an atmosphere In which we speak openly and sometimes constructively and critically – regardless of hierarchies. Perhaps your employees see risks that you were not aware of or have good ideas on how to prevent or mitigate the realization of a risk.
8. Don’t forget your IT
If the keyword IT is used in the context of risk and crisis management, most people first think of IT and data security. Of course, nobody wants a hacker attack or a data protection breach due to faulty software configurations – after all, there is a risk of damage to the company’s image and legal consequences. But that’s not the only aspect you should take a closer look at your tech setup. Fail-safety and performance / scalability are also important. After all, you don’t want your website to collapse under every unexpected surge in traffic and miss out on valuable sales. You should also examine the flexibility of your tech setup at least as thoroughly. If you take the previous points to heart and evaluate various risks, you will probably come to the conclusion that that there are very many situations that could put your business under stress – with varying degrees of probability and varying effects. You will not be able to plan the perfect solution strategies in advance for all these situations. However, it helps if your IT setup is flexible and can be quickly adapted to new requirements – for example, if suddenly – like now during the corona crisis – more and more processes have to be digitally mapped. Microservice architectures usually offer you more options to react quickly than monolithic software. You will not be able to plan the perfect solution strategies in advance for all these situations. However, it helps if your IT setup is flexible and can be quickly adapted to new requirements – for example, if suddenly – like now during the corona crisis – more and more processes have to be digitally mapped. Microservice architectures usually offer you more options to react quickly than monolithic software. You will not be able to plan the perfect solution strategies in advance for all these situations. However, it helps if your IT setup is flexible and can be quickly adapted to new requirements – for example, if suddenly – like now during the corona crisis – more and more processes have to be digitally mapped. Microservice architectures usually offer you more options to react quickly than monolithic software.