Risk Management Process Series: Implementation
Implementing a Risk Management Plan sounds intimidating and daunting. The good news is you have made the proverbial leap by committing to the process and simply getting started. At this point in time, you have completed a risk assessment for your organization and risks have been identified, categorized, and prioritized. The organization has determined acceptability and controls in terms of risk, based on the organization's risk tolerance. Whether the team has chosen to avoid, transfer, mitigate, or accept the associated risk, the organization is ready to implement and carry out their plan.
The steps your organization takes during the implementation process will ultimately determine the success and impact of your overall risk management plan. While each organization's final risk management plan will be specific to their needs, the plan should be fully descriptive and SMART (Specific, Measurable, Accurate, Realistic, and Time Specific). The following paragraphs highlight a few key ideas and strategies to best obtain the intended outcomes you are seeking.
Build Trust
For any plan to be successful, buy in and trust is essential for all involved. It is important for the owners (risk team, safety committee, upper management, administration, etc.) of the plan to be unified in their approach to supporting safety. Working together to support the plan will promote buy-in and support from all members of the organization, top down.
Educate Everyone on the Plan
Employee buy-in and support within each organization can be a challenge, so it is important all employees understand why the plan was formed and why enforcement and documentation is required. Consider developing a risk register or spreadsheet that identifies key areas such as description, risk control, risk response, goal, status, person identified as the owner, and other factors the organization may seem important. Be transparent by providing factual evidence from your organization and similar entities. Further, ensure everyone is aware of your current risks and risk controls.
Set Clear Expectations
Clean, clear, and concise expectations should be communicated with all stakeholders. All employees of the organization should be held to the same standard. For example, if a member’s policy does not allow portable heaters to be used, then it needs to be clearly communicated and enforced for all employees regardless of position or title.
Continuous Monitoring and Assessment
Be sure to monitor and assess risks continuously throughout the project and beyond. Celebrate successes, recognize and understand mistakes, and learn from failures through continued monitoring of the project. It is completely normal that observed outcomes may not initially be the desired outcomes. One of my favorite professional sports athletes and NBA legend Michael Jordan sums it best, “I’ve missed more than 9,000 shots in my career. I’ve lost almost 300 games. 26 times, I’ve been trusted to take the game winning shot and missed. I’ve failed over and over and over again in my life. And that is why I succeed.”
Follow-up
Finally, check your plan’s effectiveness by conducting continual periodic audit reviews of the risk management policy. Periodic audit time frames could look different depending on the level of risk associated with a given activity. Stay tuned for the final article in developing a risk management plan where the follow up piece will be examined more closely.
Please contact the Risk Management team at SDAO with any questions or for more information at riskmanagement@sdao.com or 800-285-5461.