Author: Lizanne Vroom
In the first chapter, the author, Lizanne Vroom, focuses on the Dynamic Business Model. There is an extensive discussion on concepts such as risk appetite, damage, static and dynamic risks, strategic and operational risks, inherent and residual risks. From the very definition of risk management, it is central that it should aim at achieving business objectives. Then, a detailed summary is provided of what this book will cover: each of the steps to be taken in risk management according to this model is a chapter in the book.
The second chapter deals with determining the internal and external context. It discusses the structure of the dynamic business model: who, what, how, why, processes, partners, expenditures and costs, resources, customers, and the environment. But also, objectives and their interrelation with mission, vision, and strategy are not omitted.
From chapter three on, the cycle around the dynamic business model begins: it starts from RM objectives and principles, identifies risks, evaluates and prioritizes them, determines the strategy to counter them, creates action plans, implements them, and then adjusts and measures RM performance. Throughout this process, the RM process will be continuously evaluated and monitored, in detail and overarching, and stakeholders will be communicated with, informed, and consulted.
Concrete items that are remembered include the SWOT analysis and the accompanying confrontation matrix used in the risk inventory, at the micro-level. However, the meso level (Porter’s five forces model) and macro level (DESTEP analysis) are also discussed but will require further reading by the reader.
It is nice to see that in the risk evaluation matrix, a link is already made to Business Continuity Management. Apparently, in this RM model, risks with a high impact but a low probability are not forgotten. In the same chapter, an exposition is given about statistical magnitudes, and when which parameter is best usable. The author also gives a detailed explanation of which risk parameters help to interpret a balance.
Chapter 6 discusses the risk profile, warning about interpretation: people do not always see what is there, and can ‘see’ wrongly. This is illustrated using, among others, Fraser’s spiral.
Chapter 7 discusses what demands the most from the Originality Quotient (OQ) of business people in RM. It’s about devising measures and strategies. This involves both a physical and psychological side of risk management, as well as a financial one.
Afterward, it goes back to professionalism: action plans and advice need to be drafted. The author places some emphasis on reporting.
Then, the process is concluded with the implementation of action plans and adjusting RM performances. And the evaluation and monitoring of the RM process.
But the author does not stop there.
In her final chapter, the author fully plays the communication card and the associated psychological processes. She emphasizes the importance of the organization’s stakeholders, and how to communicate with them, and with employees. She highlights the importance of NLP (Neuro-Linguistic Programming) and explains how it relates to (desired) behavior. She also explains how trust is a Key Success Factor (KSF) for RM and thus for the business.