“The greatest trick the devil ever pulled was convincing the world he didn’t exist” – The Usual Suspects
Hijacking and repurposing a concept
The iconic 1995 thriller “The Usual Suspects” is in essence about the imaginary creation of a super villain the police go chasing after, ignoring the real scheming criminal that literally walks away at the end of the movie.
EWRM has in effect become a bit like the ruse played in that movie. The concept got hijacked by a consulting profession in order to develop a direct access to the C-suite of major companies. For those not familiar with the consulting or advisory profession, the highest accolades a manager, director or partner can get is to gain access to key C-suite members of coveted companies. Any access to CIO, COO or best of all CFO or CEO can make a career in consulting. I’ve seen modest partners grow enormously powerful by solidifying this access in major organizations. However, getting there is far from easy. A manager or director will spend some of his time going to courses to teach him or her how to gain this access. Any method or process that helps in achieving that fast lane to the ultimate goal, partnership, is therefore very welcome indeed.
With EWRM, consulting and advisory firms succeeded for the very first time in creating a function, the CRO or Chief Risk Officer, as a key connection for themselves. A fundamentally relevant concept such as risk has been used and in some cases abused to benefit consultants.
Think about the manner in which Sarbanes-Oxley compliance has been assured … with major support from advisory firms. Most of this support was delivered by younger, less experienced consultants. Exactly the profiles on which an advisory organization makes most of its money.
Letting the fox into the hen house
Risk assessment and risk mitigation exercises continue to be conducted with the assistance of advisory firms. Think about this for a minute: we ask external advisors with a portfolio of services to assist us in assessing our own threats and weaknesses and provide us with a comprehensive overview. That amounts to letting the fox into the hen house. Facilitating a risk assessment workshop where management and collaborators bare all in order to identify root causes of current and future problems provides a consultant with so much information he would be completely incompetent not to be able to derive some business out of it. We pay them to write proposals.
Once in execution mode, based on the information gathered in the discovery phase – our risk assessment phase – consultants embed themselves in the organization they are assisting, thus extending the traditional consulting life cycle. I was taught long ago that a realistic time to have a client was about 8 years. This type of information could significantly extend that period.
A real risk of disenfranchising the process owners
But the real problem is the following. Once the consultants are in, there is a significant risk that the consultant managed solutions become further and further removed from the day-to-day operations. This only feeds into the significant risk of disenfranchising and reducing the operational responsibilities of the responsible process owners.
Does this mean I believe EWRM is all bad? Rather to the contrary, I believe EWRM can have a significant added value for an organization, if properly used. I do believe that the current focus on EWRM as a practice separate from day-to-day activities can cause significant misunderstandings about its added value and may well lead to missed opportunities and unnecessary costs.
In a following blog post, I’m aiming to be a bit more positive. I’ll look at possible re-definitions and revalorisations of EWRM and like it to a field that is by its very nature close to the daily operational reality: knowledge management.