The coronavirus or COVID-19 presents a significant threat to all kinds of business and more to SMEs. Among the many other problems, the moves of the government to contain the public health risk may have caused a sudden fall in demand for your products or services, staff shortage and supply chain disruption.
Your business may be more fragile or cash-strapped due to lowered demand. Nobody knows how long the COVID-19 crisis will last. If the crisis is going to be a prolonged one, either the consumers will consume less or change the way they purchase. Now’s the time to activate a robust action plan to position your business to navigate the COVID–19 crisis and be ready for a rapid recovery when things show positive signs. Your risk management strategies will come in handy to help you sail through the disruption and lift you through the coming hardship.
Here are the key steps to success:
he first step is to identify and understand risks which are very unique to your business. The best way to do it is to use the existing risk management principles to make improvements as per your current needs so that you will not only weather the present COVID-19 crisis, but also get back to high performance quickly.
What are the Risks to Identify?
The biggest risk is COVID- 19. Infection to those who may be at risk may include your staff, visitors to your business facility, cleaners, contractors, etc.
Other risks may include disruption due to social distancing, plummeting employee productivity, tensed supply chains, recession, unemployment, investment pull-back and civil unrest.
Apply the principles of Risk Management to identify the risks
If you already have a risk management practice in place, you can use its principles as shown below as ready reckoners, or you can start following the tried and tested practices.
Enterprise Risk Management (ERM): Systematically helps identify, assess and monitor a wide range of risks (e.g. strategic, financial and legal risks) and the need to find mitigation strategies.
Operational risk management (ORM): Provides insights on how to catalog operational risks and associated details in a common risk repository called a risk register, and link risk appetites to business objectives which can enable assessments of risk to calculate inherent and residual risks and help in creating risk mitigation strategies.
Digital Risks: These can occur due to risks associated with enterprise technologies and third parties. During this time of COVID-19 Crises, risks can come even from social engineering scams.
Business continuity management: Covershow to plan and execute a centralized approach to business continuity and disaster recovery (DR) management across organizational functions, to improve response time during critical events, and more.
Internal Audit management: Provides insights onrisks including risk assessments and defines action plans to remediate issues and monitor them to closure.
How to Assess Risks
Steps to follow are:
The next steps in risk assessment steps include risk analysis, risk evaluation, risk communication, and risk response.
Risk assessment helps in reducing operational risks, improving safety and performance, and achieving objectives.
Depending on your industry, company size, location, and other factors, you can make a wide range of preparations. Your risk response should be driven by the decision of risk acceptance, reduction, sharing, avoidance or complete elimination of each risk.
Below are some common areas that will help you plan your risk mitigation:
After you have put all risk mitigation strategies and controls in place, you need to do auditing to check if all is working well. But during this restrictive time, you will have to adapt to remote auditing as it is a quick and efficient way to assess and minimize errors, and enable significant savings on time and effort. The use of audit functionalities on smart devices has been greatly transforming the changing audit landscape.
Whether you already have a business continuity plan or are putting a plan in place now, consider addressing COVID-19 in the plan. A continuity plan calls out the critical and time sensitive applications, vital records, processes, and functions to be maintained, as well as the personnel and procedures necessary to do so, while the entity is being recovered. It needs to have six major components: data critical analysis and data back-up plan ( DCA & DBP ), Business Continuity Plan (BCP), Emergency Response Plan (ERP), Contingency Testing Plan (CTP) and Disaster Response Plan (DRP)
Here are a few important steps to follow while creating a plan:
Despite the uncertain times we’re living in right now, with a risk management and business continuity plan in place, you won’t miss a beat. One thing that’s special about businesses that have a robust risk management plan is that they will get through the difficult COVID-19 crisis, will have a V-shaped recovery curve and bounce back faster than others.
Stay Safe & Stay Alert