Where does the coronavirus fit within business risk management strategy?

As you will have no doubt seen or heard over the past month or so, the world is currently in the grip of a coronavirus pandemic. As the time of writing (March 2020), Italy has gone into complete lockdown, Spain has closed its parliament, major sporting and business events are being cancelled or postponed all over the world and most people are in a state of confusion as to what the true risk is.

The same is as true for enterprises as much as it for consumers. There has been so much information about what to do / what not to do, that it is very hard to assess and mitigate risk. Company bosses would want to keep employees safe and uninfected as a priority, but they also must factor in how this would affect productivity, efficiency and overall risk management.

It’s common for both larger and mid-market businesses to invest in risk management software, as part of a greater willingness to treat risk with the seriousness it warrants. But how can they incorporate the coronavirus into their overall business risk management strategy, and what are the implications for not doing?

The coronavirus risk challenge

Managing and mitigating any type of risk is difficult. While smart risk management software such as Oxial’s sGRC contains sophisticated risk mapping tools, it is impossible to predict with 100% accuracy just how damaging a risk might prove to be to an organisation.

Risk management is essentially an on-going process of businesses deciding which risks are worth taking and which are not, and then putting in place measures to mitigate those. This process is even harder when it comes to something like coronavirus, which has come out of leftfield.

There isn’t a great deal of precedent for coronavirus. The past few decades have given us the SARS virus and swine flu, but neither were as impactful as coronavirus is shaping up to be. There are currently more than 100,000 confirmed cases across more than 100 countries, and there have so far been more than 4,000 deaths.

It’s clearly a significant problem, but what specific impact could this have on businesses around the world?

The potential impact

Coronavirus appears to be much more contagious than other viruses, which means controlling it is proving to be almost impossible. The average infected person passes the disease to 2.6 other people.

This means that many organisations are starting to impose a work from home policy until further notice, while others are having to deal with employees needing to work from home because of school closures. This is all very sensible in terms of preventing the virus from spreading further but such measures do affect how a business operates.

Some sectors rely heavily on face-to-face interaction with clients and customers, with sales and account management dependent on such personalised engagement. Some businesses models are entirely based on travel, while other organisations make extensive use of conferences and events to drive revenue and attract customers, all of which have all been affected significantly by coronavirus.

The secondary threats could also include increased cybercrime, with cybercriminals using the chaos and uncertainty to unleash additional ransomware and malware attacks via phishing emails. This outbreak has major risk repercussions which must be identified and managed

Mitigating the coronavirus risk

While it’s true that coronavirus has seemingly come out of nowhere, organisations with a sensible risk management strategywill have included some sort of global health pandemic in their planning and used their enterprise risk management software to undertake risk mapping for such an occurrence.

This would have included the impact of large percentages of the workforce working from home andwhat the effect would be of travel restrictions meaning executives can’t visit customers, partners and suppliers.

There is also the sense of being fully prepared in office locations too. This is not merely ensuring supplies of hand sanitizer are available but putting in place proper mechanisms and processes that give employees the confidence to make the right decisions. Are they fully equipped to work from home effectively, with all the required technology?Do they know which sources of information to trust and follow the advice of?

It’s even important for a plan to be put in place for risk managers themselves – what happens if / when the risk team catches the virus? Of course, all this risk management can be carried out with the right risk management software. Oxial’s sGRC solution is a proven and highly effectiveplatform and Oxial’s consulting partners are all highly trained and experienced in understanding and mitigating a variety of risks.

If you think that your risk management strategy could be due an overhaul in the light of the current crisis, then please get in touch with us here.

Share This!