Risk Management

A lot has been written about enterprise risk assessment and management. Much of the focus on these topics has been with public companies, especially as it relates to compliance with legislation in the US like Sarbanes-Oxley (SOX) 404 compliance. It also deals with the risk factors that need to be outlined in a SEC S1 filing for an Initial Public Offering (IPO). However, this topic is getting more important for startups with the advent of new financing models and less sophisticated investors.

As a startup, you want to expose your company to the right amount of “good risk,” while mitigating or eliminating as much “bad risk” as possible.  A good rule­­ of thumb for “bad risk” is to eradicate controllable risk and monitor uncontrollable risk, where possible.

It is also very important to have a crisis management strategy and plan.  It is unlikely that you can anticipate all potential crises.  However, you can have a communication plan that will be used in the event of a crisis.  It is important that you plan how you will communicate with key stakeholders including your board, your management team, employees, customers, suppliers, investors, and key partners.

QuestFusion can help you assess risk and “bucket” that risk into high and low priority, and controllable or uncontrollable risks.

For more mature companies, QuestFusion can assist with the implementation of the RIMS Risk Maturity Model (RMM).  For younger companies, we can guide you through a strategic planning process to help identify key opportunities and threats to the organization.  We will also use scenario planning to help in formulating potential plans of action.  We will help your company to develop checklists for key risk items that need to be mitigated, controlled, or monitored.  Finally, we can help you build a risk scorecard around key risk factors.