By: Robert Avsec
What is organizational risk and why should you work to “make it go away” in your department? Today, many companies have adopted a regiment to analyze all the risks they face collectively, rather than individually or in segments. A new term, enterprise risk management (ERM), has become the most popular way to describe this systems approach to reducing organizational risk.
In organizations that practice ERM, the leadership takes the various aspects of risk and places them side by side so that managers can seek how risks affect the organization’s overall health. The following photo provides a useful “connecting of the dots”:
Related Post: The Evolution of Enterprise Risk Management
Types of Organizational Risk (With some examples of each, but by no means everything)
- Operational liability arising from line-of-duty deaths and injuries in training and response situations arising from outdated equipment and techniques or lapses in judgment and oversight;
- Legal liability arising from vehicle incidents in which third parties are injured or killed;
- Financial liability when an officer of the organization is found to have embezzled $145,000 from departmental financial accounts;
- Governance and financial liability arising from questionable trips and purchases under the guise of fire training; and
- Compliance liability arising from failure to follow rules, e.g., NFPA 1403, for conducting live and simulated training.
Follow the “Trail”
Individually, any of these sources of liability are “bad news” for an organization, and collectively they can inflict more substantial damage (can you say “synergistic affect”?). See how these couple of “pieces of the puzzle” can fit together:
A female member of the organization files a complaint with Equal Employment Opportunity Commission (EEOC) in which she claims that she’s been a victim of on-going sexual harassment in the form of a hostile work environment. (For the sake of brevity, the EEOC found the complaint to have merit and ruled in favor of the complainant).
So how does this case reflect organizational risks? Let’s take a look:
Compliance risk. The EEOC agreed with the complainant that everyone in her chain-of-command was guilty of non-compliance with city and departmental policies and procedures regarding the prevention of sexual harassment in the work place.
Financial risk. The city’s Legal Department and Human Resources Department had to spend time and resources researching and responding to the inquiries of the EEOC. The Fire Department had to spend time and resources researching and responding to the inquiries of the EEOC.
When the complainant–who had been terminated 10 months prior to the EEOC’s finding–was given back pay, plus interest, and given her job back, the city incurred a very big, and un-budgeted “bill” that required payment. Same goes for the fine that the EEOC assessed against the city for its EEO compliance failures. (These unfunded financial liabilities had to come from somewhere else in the city budget).
Legal Risk. It seems like the only group of people who come out of situations like these are the lawyers involved. Not only are there the financial aspects (the city paying for legal representation to supplement its staff), but there’s the risk of additional litigation involving the city if, and when, additional sexual harassment complaints or lawsuits come forward as a result of the attention focused on this case. (Not to mention, that a successful outcome for the complainant, as in this case, can be a positive motivator to others who may have been fearful of coming forward.)
Operational Risk. With all those unfunded financial liabilities being paid from the city’s operational budget, the “ripple affect” is likely to have some negative impact on the city’s ability to provide the necessary services to its citizens.
…And all of these present serious reputation risks that can hurt a department’s ability to raise money, gain support for projects or attract quality candidates. What Fire and EMS organization anywhere needs to take that kind of “hit”!