Risk Mitigation Team and their Role in Business Continuity Management

In previous articles, we have seen how Business Continuity Programs are formulated and how they are executed in times of crisis. In this article, we look at the role of the Risk Management and Risk Mitigation Team in aiding the organization towards formulating contingency planning. The risk management team is responsible for identifying risks, coming up with a strategy to mitigate them and to ensure that the organization has a fail proof contingency plan. The risk management team is also responsible for coordinating with the various project managers in the company to prepare and roll out the contingency plan to tackle the emergencies as and when they arise. Further, the risk management team should assist the project managers in preparing risk matrices and contingency plans to take care of anticipated and unanticipated emergencies.

Companies like Unilever, Infosys and Citigroup have dedicated risk management teams in place to work closely with the project managers in identifying and mitigating risks.

The risk manager has the responsibility to coordinate with the project manager in proactively identifying risks and planning for contingencies. There is a concept called call tree which indicates the people needed to be called in case of an emergency and this call tree has to be tested periodically to find out the response time that is needed to activate it. The point here is that the risk management team needs to ensure that the contingency plans are well oiled and the organization switches over to the backup site or the systems quickly and smoothly in case of an emergency.

Companies like Fidelity have risk management teams that publish risk matrices for individual teams based on their assessment of how the team would adapt to the emergency and hence the risk management team is responsible for ratifying the risk matrix for each team. The risk matrix consists of identified risks and the mitigation plan for each. Unless and until the risk manager signs off on the risk matrix for each team, the overall contingency plan for the organization cannot be put in place. The key point to note is that the risk management teams ought to identify risks and prepare a plan for mitigating them. Of course, not all risks can be anticipated but the overall thrust is to ensure that as many risks are covered as possible to ensure that emergencies are handled adroitly.

The risk management team has the added responsibility of publishing a risk management plan for the entire organization which identifies macro risks and the plan to mitigate them. For instance, Citigroup has country wide risk management plans for each country in which it operates so that the mix of global and local risks that are unique to each location can be identified and mitigated. In this way, the risk management team is a crucial component of the organizations’ business continuity planning process. It is for this reason that many companies have started to have dedicated risk management teams in place to identity and suggest risk mitigation plans.

In conclusion, business continuity planning is planning for the unplanned emergencies and hence must be as thorough and detailed as possible. Only by having dedicated resources that would be on the job all the time in planning for contingencies can the organization hope to achieve full compliance with the business continuity plans. Hence, risk management teams are vital to the success of the organizations’ push towards having a robust and fool proof business continuity plan.


❮   Previous  Article Next  Article   ❯


Authorship/Referencing - About the Author(s)

MSG team comprises experienced faculty and professionals who develop the content for the portal. We collectively refer to our team as - “MSG Experts”. To Know more, click on About Us. The use of this material is free for learning and education purpose. Please reference authorship of content used, including link(s) to ManagementStudyGuide.com and the content page url.