Creating a Healthy ERM Culture – Part 6

May 2014 Feature Article

By Diana Del Bel Belluz, M.A.Sc., P. Eng.

This is Part 6 of a series of articles that define 12 cultural traits that are essential for a healthy risk management culture (shown in green font in Figure 1).

The earlier articles in the series covered these 10 traits:

Figure 1 - 12 traits of healthy risk culture

The 12 cultural traits support specific phases of the ERM Implementation and Organizational Learning Cycle. (For details on the cycle, see the Advisory issues of April 2011October 2011, December 2011, and March 2012).

In this article, I provide tips on how to promote two more of the 12 essential traits for a healthy risk management culture, i.e., being Resilient and Adaptable.

Healthy Risk Culture Trait #11: Adaptable

There are two purposes of Enterprise Risk Management (ERM). First, ERM must contribute to value creation by managing the risks to the achievement of corporate objectives. The second purpose is to protect value by ensuring the sustainability of the enterprise over the long-term. In my experience, it is the value protection role of ERM that is of particular interest to board directors.

Organizational sustainability is directly linked to the capacity to anticipate and adjust to shifting business circumstances. Ironically, to sustain itself, an organization must embrace change!

How to cultivate it:

I shared tips on how to anticipate critical changes in the business environment in Part 3 of this series (see the trait Vigilant in the March 2013 Advisory issue).

To cultivate adaptability in your people, build up their skills in optimizing business processes.

Here it pays to borrow the four-step Plan-Do-Check-Act process from the continuous improvement discipline. Those four steps represent an adaptation process that does double duty when it comes to ERM.plan do check

First, the continuous improvement process supports value creation by enabling the organization to evolve its business strategies and processes to take advantage of emerging opportunities.
Second, it protects value by continually evolving business strategies and processes to better meet stakeholder needs and to offset emerging adverse conditions in the business environment.

A dash of the continuous improvement discipline is also essential to advance on the ERM implementation journey. That’s because implementing ERM is an exercise in adaptation on an organizational level, i.e., organizational development and change. It’s no accident that the four phases of the Risk Wise ERM Implementation and Learning Cycle (see Figure 1) bear a resemblance to the Plan-Do-Check-Act process.

I’ve helped many organizations to chart a practical roadmap for their ERM journey in as little as 2 hours using the Risk Wise ERM Roadmap Workshop service. Here are the three steps I use. I share them here as an example of how you can go about evolving your ERM capabilities to adapt to your changing business environment and needs.

Step 1: Define Your Vision for ERM.

In the ERM Roadmap Workshop service, I apply some time-tested questions to facilitate your leadership team to define their long-term vision.

Step 2: Measure your organization’s current ERM maturity and performance.

In the ERM Roadmap Workshop service, I lead the team to conduct a self-assessment of the organization’s risk management performance and maturity. You learn how to use the Risk Wise ERM maturity model. This includes access to the Risk Wise ERM Capabilities Assessment Instrument - the most comprehensive tool of its kind available and the only one that assesses ERM performance.

When senior leaders see the strengths and weaknesses in the organization’s current risk management practices and results, it is a strong motivator to commit to evolving the organization’s ERM capabilities and capacity.

Step 3: Chart Your ERM Development Roadmap.

In the ERM Roadmap Workshop service, I facilitate a discussion with your senior team to define key long-term milestones and a short-term action plan for ERM implementation. I share my extensive experience to ensure that the roadmap you create is achievable and will enable you to methodically build ERM capacity and maturity.

As the ERM leader, you need to be adaptable about the route and pace that you take on your organization’s ERM journey. That means being realistic about what can be accomplished given the organization’s capacity to absorb change as well as its other priorities and demands on its resources.

Whether you are just getting started or have been on your ERM journey for years, the Risk Wise ERM Roadmap Workshop service can help you to quickly get focused on your best route to better performance.

Healthy Risk Culture trait #12: Resilient

Resilience is the capacity of an organization to quickly return to original position after unforeseen changes or catastrophic incidents. It is often described with images of survival such as the ability to ‘bounce back’ or ‘buoyancy’ - the ability to stay afloat in rough seas.

According to author David Hurst, resilience is a common feature of complex systems such as organizations, cities or ecosystems. These systems perpetually evolve through cycles of growth, crisis and renewal and often self-organize into unexpected new configurations. How resilient would your organization be to a major shock to the system?

How to cultivate it:

Organizational resilience is not the result of any one skill. The capacity to survive, adapt and grow under extreme, adverse conditions requires a set of management competencies and strategies that enable you to change course, to reorganize and to deftly redeploy resources, for example:

  • Design flexibility into corporate plans, i.e., strategic plans, workforce plans, disaster management plans, and business continuity plans.
  • Be ready and willing to change course. Don’t be afraid to rework or abandon a strategy or plan that isn’t working well.
  • Nurture strong communication and problem solving skills to enable timely course corrections.
  • Prepare your people so they know what steps to take to carry out their role in responding to catastrophic events. This includes having them practice to develop the skills they will need in a crisis and gain confidence in their abilities.
  • Use every risk event, problem, near miss, failure or strategic mis-step as an opportunity to learn how to improve the integrity, reliability, and resilience of business processes and ultimately performance. Also evaluate missed opportunities that you failed to recognize or capitalize on.

The Risk Wise bottom line…

To sustain your organization’s ability to create value, you need to embrace change. Cultivating the trait of adaptability will help your organization to keep pace with changes in its business environment.

As a risk management leader, you need to be adaptable about the route and pace that you take on your organization’s ERM journey. Our Risk Wise ERM Roadmap Workshop service can help you to quickly chart your best route to better performance.

To be resilient to major shocks, your organization needs a suite of management competencies and strategies that will enable you to change course, to reorganize and to deftly redeploy resources.


My forte is coaching executives on how to integrate ERM into their organization’s unique business practices and culture. If you want strategies to strengthen your organization’s ERM discipline and culture that are both effective and simple to implement, contact Diana Del Bel Belluz at Risk Wise at Diana.Belluz @ or by telephone at (416) 214.7598.

Follow the links to:

Current Special Offers for Subscribers

Current Special Offers for Subscribers

The codes to access the following special offers have been emailed to all Risk Management Made Simple Advisory subscribers:

Not yet a subscriber, but want to access these special offers?

When you subscribe to the Advisory, we'll send you the code for all current special offers along with a link to your New Subscriber Bonus, a copy of Moving Beyond the Risk Map to Operational Vigilance.

FIND OUT FOR YOURSELF why risk management leaders subscribe, click to access the ARTICLE INDEX of all past issues of the Risk Management Made Simple Advisory.

"I save and study each issue of the Advisory. I appreciate how Diana gives very practical advice and links it to fundamental theories and best practices." 

Sherrie Hyde, Risk Manager, Lutherwood


Moving Beyond the Risk Map to Operational Vigilance

Read more about the Risk Management Made Simple Advisory.

"It is so refreshing to read a newsletter that offers real solutions for risk management challenges."
Cathy Taylor
Director, Risk
Kinross Gold Corporation

Diana's Pick

The Neuroscience of Enterprise Risk Management (written by Diana Del Bel Belluz of Risk Wise) expores findings from the field of neuroscience and shares practical tips on how to apply them to enhance individuals' risk management thinking and implement brain-friendly ERM practices in organizations.

The article was published by The Conference Board of Canada in the Autumn 2017 issue of the journal Risk Watch.