In most companies and organizations in our country, risk management is limited mainly to administrative activity without real useful value.

This is not an exaggeration, but a fact that we have come to discover based on dealing with risk management in medium and large companies over the last ten years.

Therefore, the question of whether and how we can improve this is undoubtedly on point.

In every business activity, there are disturbances that employees are solving daily. Recurrent and increasing disorders can escalate into problems and become crises. The consequences of these crises can be small, significant, substantial or, in extreme cases, catastrophic.

The factors that cause them are internal and external. The internal factors are further divided into business ones, related to processes; technological when they include all types of devices and human when human factors influence them.

A practically applicable risk management system is designed to systematically monitor, reduce and prevent all phenomena that can cause any crisis and limit organizations in achieving their goals.

Therefore, risk management should be part of day-to-day operations in all areas.

How does risk management look like in practice?

Even in large companies, risk management is usually an area handled by individuals or a maximum of a few people. The risks are identified and described in risk registers and evaluated by numerical assessments which obscure their actual significance. What is more, most deal with them once a year, only when a need to check grades and produce reports arises.

We have also noticed that companies are primarily aware of financial risks, which of course are an essential factor, but represent only a part of all risks that can cause crises. Therefore, it is perfectly understandable that in such a way, risk management is not perceived as an area with useful value, but merely a formality.

After the last major crisis, which was a recession more than ten years ago, companies have established mechanisms for stable and successful operations. The years of economic growth, however, were interrupted in the worst possible way by the COVID-19, which also revealed several risks that companies could not foresee or prepare for as they occurred for the first time in recent history.

Therefore, the inventions and risk assessments that were in force at the beginning of the year are no longer valid today and need to be thoroughly overhauled.

Although we most often associate risks and crises with negative phenomena, this is not always the case. They can also be caused by positive effects that have negative consequences.

This is why, in times of crises, some companies have recorded unexpected and rapid growth in demand and orders, which creates a feeling of success and security.

However, as said before, it can also lead to problems and risks with possible minor or significant consequences.

For the mentioned and many other reasons, we are increasingly faced with questions about how to achieve that risk management is practically useful and actually helps you to perceive and prevent various threats.

And this is precisely what we at Silver Bullet Risk are good at, and can offer you guidance in the field of risk management in a variety of ways.

The first step, however, is undoubtedly the awareness that practically applicable risk management is instrumental, and also needed.

If you are interested in assesing the quality of risk management in your company or organization and, above all, how we imrpove its practically applicability for your company, write to us at [email protected].

The competition wants to overtake you – the question is, what are you doing to prevent this from happening?

Why are new winners and new losers born in crises? The reasons for this can be attributed to the robustness of organizations, which shows us how prepared are they and how quickly they can adapt to possible new business models, different work-flows or upcoming technology.  That is, how prepared are they for the new tomorrow, which can be much more diverse than today.

The worst thing is when everyone in the organization repeats the mantra of the comfort zone:
“That is how we’ve always worked.” Also, trying to compare yourself with the competition or work as they will not make you a winner. If your goals are to become better than them, you need to work even better, and above all – smarter. Consequently, this is the reason why all the most successful organizations in the world are already working on updating their risk management system today. Why? Because it is primarily up to you and the decisions you make in these changing times that depend on how your company will take it.  In doing so, I appeal mainly on owners, members of the Supervisory Board, directors, risk managers, managers who gradually transfer decisions, actions and mindsets to every employee.

Questions you need to ask yourself right now:

– Has Covid-19 caused any change in the way you work in your organization?
– Will Covid-19 have an impact on your business results?
– Is your organization part of the critical infrastructure of the Republic of Slovenia?

If you answered yes to any of the above questions, you are probably already aware that due to current events, you need at least an update, if not a complete overhaul of the risk management system.

Let me emphasize the following:

1) You need to plan and include risk management in the budget for next year.
2) Your annual plan and budget should also follow the principles of sound risk management.

So, first of all, it is necessary to set up a sound risk management system, with which you will be able to plan your next annual plans, budgets and, last but not least, all business decisions. For this reason, we can also agree that every CEO, CFO as CRO will be happy to receive a well-developed budget plan.

So the question is no longer whether to include the risk management system in next year’s budget, but how much that budget should be.

How can you determine the right amount of money to spend on risk management? The answer is not a simple numerical value or percentage, but a thinking process that allows you to understand better the potential risks of the company as a whole.

Ask yourself the following:

– What is our industry like?
– What personal or sensitive information do we handle?
– What is currently regulated in our industry?
– How complicated are our risks?
– What are the effects of our risks, individual and combined?

– Does management make decisions based on the results of risk management?
     o Why not?
     o How can we improve this?

– What could be better results for our organization?
– How much profit have we lost in recent years due to uncontrolled risk?
– Is there a systematic review of any potential threat that could affect the company?
– Does the company’s management have access to the necessary aggregate information on risk factors that affect earnings before interest, taxes, depreciation and amortization (EBITDA)?


Are the risk managers in our organization involved in the budget planning and review process?

If we plan insufficient resources to the budget, this leads to entrepreneurial deficits and unexpected cuts. The opposite is not right either: an excessive budget means that we have not invested capital. In both cases, therefore, the company missed the opportunity to create a competitive advantage. From this, we can conclude that a company with better budget forecasting will have the advantages of higher market value and the creation of value-added products and services. We can avoid these risks.

Do you know what your risk management budget will be next year? Let’s design it together. Contact me at  
[email protected].