How can organizations manage strategic risks in a volatile and fast-paced business environment?
Fe b r u a r y 2 0 1 2 I S T R AT E G IC F I N A N C E 27
COVER STORY
By Mark L. Frigo, CMA, CPA, and Hans Læssøe
How can organizations manage strategic risks in a volatile and fast-paced business environment?
Many have started focusing their enterprise risk management (ERM) programs on the critical strate-
gic risks that can make or break a company. This effort is being driven by requests from boards and
other stakeholders and by the realization that a systematic approach is needed and that it’s highly
valuable to include strategic risk management in ERM and to integrate risk management within the
fabric of an organization. Some companies are at the forefront of this evolving movement.
STRATEGIC RISK MANAGEMENT
AT THE LEGO GROUP
In this article we describe strategic risk management at
the LEGO Group, which is based on an initiative started
in late 2006 and led by Hans Læssøe, senior director of
strategic risk management at LEGO System A/S. It’s also
part of the continuing work of the Strategic Risk Manage-
ment Lab at DePaul University, which is identifying and
developing leading practices in integrating risk manage-
ment with strategy development and strategy execution.
The LEGO Group Strategy To understand strategic risk management at the LEGO
Group, you need to understand the company’s strategy.
This is consistent with the first step in developing strate-
gic risk management in an organization: to understand
the business strategy and the related risks as described in
the Strategic Risk Assessment process (see Mark L. Frigo
and Richard J. Anderson, “Strategic Risk Assessment,”
Strategic Finance, December 2009).
The LEGO Group’s mission is “Inspire and develop the
builders of tomorrow.” Its vision is “Inventing the future
of play.” To help accomplish them, the company uses a
growth strategy and an innovation strategy.
Growth Strategy: The LEGO Group has chosen a
strategy that’s based on a number of growth drivers. One
is to increase the market share in the United States. Many
Americans may think they buy a lot of LEGO products,
but they buy only about a third of what Germans buy, for
example. Thus there are potential growth opportunities
in the U.S. market.
The LEGO Group also wants to increase market share
in Eastern Europe, where the toy market is growing very
rapidly. In addition, it wants to invest in emerging mar-
kets, but cautiously. The toy industry isn’t the first one to
move in new, emerging markets, so the LEGO Group will
invest at appropriate levels and be ready for when those
markets do move. It will also expand direct-to-consumer
activities (sales through LEGO-owned retail stores),
online sales, and online activities (such as online games
for children).
Innovation Strategy: On the product side, the
LEGO Group focuses on creating innovative new products
from concepts developed under the title “Obviously
LEGO, never seen before.” The company plans to come up
with such concepts every two to three years. The latest
example is LEGO Games System, which is family board
games (a new way of playing with LEGO bricks) with a
LEGO attitude of changeability (obviously LEGO). The
company also intends to expand LEGO Education, its
division that works with schools and kindergartens. And it
will develop its digital business as the difference between
the physical world and the digital world becomes more
and more blurred and less and less relevant for children.
Now let’s look at the development of LEGO strategic
risk management.
LEGO Strategic Risk Management The LEGO Group developed risk management in four
steps, as shown in Figure 1:
Step 1. Enterprise Risk Management was tradi-
tional ERM in which financial, operational, hazard, and
other risks were later supplemented by explicit handling
of strategic risks.
Step 2. Monte Carlo Simulations were added to
understand the financial performance volatility (which
proved to be significant) and the drivers behind it to inte-
grate risk management into the budgeting and reporting
processes.
Those two steps were seen mostly as “damage control.”
To get ahead of the decision process and have risk aware-
ness impact future decisions as well, LEGO risk manage-
ment added:
Step 3. Active Risk and Opportunity Planning
(AROP), where business projects go through a systematic
risk and opportunity process as part of preparing the
business case before final decisions about the projects
have been made.
Step 4. Preparing for Uncertainty, where manage-
ment tries to ensure that long-term strategies are relevant
28 S T R AT E G IC F I N A N C E I Fe b r u a r y 2 0 1 2
COVER STORY
2
MONTE CARLO
SIMULATIONS
1
ENTERPRISE RISK
MANAGEMENT
3
ACTIVE RISK &
OPPORTUNITY
PLANNING (AROP)
4
PREPARING FOR
UNCERTAINTY
Figure 1: Four Elements of Risk Management at the LEGO Group
for and resilient to future changes that may very well dif-
fer from those planned for. Scenarios help them envision
a set of different yet plausible futures to test the strategy
for resilience and relevance.
These last two steps were designed to move
“upstream”—or getting involved earlier in strategy devel-
opment and the strategic planning and implementation
process.
Strategic Risk Management Lab Commentary:
This four-step approach is a good illustration of how
organizations can develop their risk management capa-
bilities and processes in incremental steps. It represents
an example of how to evolve beyond traditional ERM and
integrate risk management into the strategic decision
making of an organization. This approach positions risk
management as a value-creating element of the strategic
decision-making process and the strategy-execution
process.
In our research on high-performance companies, we’ve
found that companies like the LEGO Group achieve sus-
tainable high performance and create stakeholder value
by consistently executing the strategic activities in the
Return Driven Strategy framework (for example, the
focus on innovating its offerings toward changing cus-
tomer needs) while co-creating value through its engage-
ment platforms (the online community, including its My
LEGO Network, which engages more than 400 million
people and helps its product development process). Its
strategic risk management processes incorporate distinct
elements of co-creation by engaging its employees (inter-
nal stakeholders) throughout the strategic decision-
making, planning, and execution processes, as well as
engaging external stakeholders (suppliers, partners, cus-
tomers). The LEGO Group’s approach is a good example
of how an organization can engage stakeholders in co-
creating strategic risk-return management (see Mark L.
Frigo and Venkat Ramaswamy, “Co-Creating Strategic
Risk-Return Management,” Strategic Finance, May 2009,
and Venkat Ramaswamy and Francis Gouillart, The Power
of Co-Creation, 2010).
Step 1: Enterprise Risk Management The evolution of ERM toward strategic risk management
is represented in Figure 2. Strategic risk was missing from
the ERM portfolio until 2006.
To fix this, based on his then 25 years of LEGO experi-
ence and a request from the CFO, Hans Læssøe started
looking at strategic risk management. “I was a corporate
strategic controller who had never heard the term until
then,” he says. The company had embedded risk manage-
ment in its processes. Operational risk—minor
disruptions—was handled by planning and production.
Employee health and safety was ISO 18001 certified.
Hazards were managed through explicit insurance pro-
grams in close collaboration with the company’s partners
(insurance companies and brokers). IT security risk was
a defined functional area. Financial risk covered curren-
cies and energy hedging. And legal was actively pursuing
trademark violations as well as document and contract
management. But strategic risks weren’t handled explicit-
ly or systematically, so the CFO charged Hans with ensur-
ing they would be from then on. This became a full-time
position in 2007, and Hans added one employee in 2009
and another in 2011.
Strategic Risk Management Lab Commentary:
The 2006 situation is common. Even though strategic
risks need to be integrated with risk management, many
organizations don’t explicitly assess and manage strategic
risks within strategic decision-making processes and
strategy execution. But the LEGO Group’s approach
shows how strategic risk management can be a key to
increasing the value of ERM within an organization. It
also shows how executive leadership from the CFO played
an important role in the evolution of ERM as a valuable
management process. Finally, Hans came from the busi-
ness side and had the attributes necessary to lead the ini-
tiative: broad knowledge of the business and its core
Fe b r u a r y 2 0 1 2 I S T R AT E G IC F I N A N C E 29
OPERATIONAL
EMPLOYEE SAFETY
LEGAL
FINANCIAL
IT SECURITY
HAZARD
Figure 2: The LEGO ERM Umbrella: Adding Strategic Risk
STRATEGIC (ADDED 2006)
ERM
strategies, strong relationships with directors and execu-
tive management, strong communication and facilitation
skills, knowledge of the organization’s risks, and broad
acceptance and credibility across the organization. (For
more, see Mark L. Frigo and Richard J. Anderson,
“Embracing ERM: Practical Approaches for Getting Start-
ed,” published by the Committee of Sponsoring Organi-
zations of the Treadway Commission (COSO) at
www.coso.org/guidance.htm, 2011, p. 4.)
Also, the risk-owner concept at LEGO provides a good
example of the importance of understanding who owns
the risks as well as defining the role of risk management
in the organization. The idea of “risk owners” was impor-
tant to ensure action and accountability. Hans’s charge
was to develop strategic risk management and make sure
the LEGO Group had processes and capabilities in place
to do this. But as senior director of strategic risk manage-
ment, Hans doesn’t own the risk. He can’t own the risk
because this essentially would mean he would own the
strategy, and each line of business owns the pertinent
strategic risks. Hans trains, leads, and supports line man-
agement to apply a systematic process to deal with risk.
This is just like budgeting functions: They don’t earn the
money or spend the money, but they support manage-
ment to deliver on the budget or compare performance
against the budget.
The post How can organizations manage strategic risks in a volatile and fast-paced business environment? appeared first on graduatepaperhelp.
"Looking for a Similar Assignment? Get Expert Help at an Amazing Discount!"