I was reading a recent newsletter published by McKinsey this morning that looks at the constraints affecting the Panama Canal due to drought in the area and the impact this is likely to have on global supply chains. While the Panama Canal accounts for just 2.5 percent of global seaborne trade, it is a crucial link for the Americas, particularly for South American trade, offering a direct route between the Pacific and Atlantic Oceans.
The disruption affecting the Panama Canal coincides with uncertainty surrounding the Suez Canal—another important global trade transit point as a result of the ongoing conflict in the Middle East that is complicated by the Houthi attacks on ships passing through the canal.
These issues highlight what a bad job organizations – both public and private – are doing in terms of getting a better understanding of risk management and more importantly the failure to take appropriate measures to mitigate against such.
This is very worrying considering how dependent we are on global supply chains and despite most organizations doing a good job of ticking the right boxes when it comes to corporate governance compliance, somehow risk management is still not given the priority it deserves.
And this issue extends far beyond global supply chains into areas like cybersecurity for instance.
Yes, this is a minefield consideration the level of sophistication and the relentless drive by threat actors to find loopholes for successful cyberattacks however it is clear when we look at some of the high profile cyber breaches globally that such threats could have been prevented by just doing the basics like changing default passwords, patching software and making sure that the latest software that includes fixes to address know issues is used, etc.
Then there are cases where cyber criminals gain access to millions of records by exploiting vulnerabilities in third party systems. In this case you find that a large institution such a bank for instance would have right controls to protect customer data but then they make the mistake of giving third party access to a mortgage originator for instance by neglect to insist that the third party implements the same stringent governance systems that they employ to protect the data.
And going back to the global supply chains issue, one would have thought that valuable lessons would have been learnt during the COVID-19 pandemic where it was difficult to move goods due to flight restrictions and general shortages affecting the freight industry while priority was given to much needed vaccines and not to forget that vaccines themselves were in short supply due to some countries resorting to hoarding the much needed medicines.
And more recently there has been significant disruptions in the global supply chains affecting the availability of food as well as microchips due to the ongoing conflict between Russia and the Ukraine.
All these issues highlight the serious need for all of us to take risk management very seriously and begin to find ways to mitigate against the many risks affecting our lives.
The bad practice where organizations keep a risk register with issues that never gets addressed despite the serious risks they pose needs to be addressed without any further delays.
Lastly, I’m interested to find out how what your experience when it comes to how risk management is done in your own organizations.
Have you found risk management related issues that you felt didn’t make sense at any point in your career?
Is your organisation working efficiently when capturing, analyzing, and mitigating these risks?
What are you doing in your own organizations to change behavior to ensure that risk management is taken seriously?
- https://www.techtarget.com/searchsecurity/definition/What-is-risk-management-and-why-is-it-important
- https://ascentlogistics.com/blog/the-panama-canal-vs-the-suez-canal/#:~:text=The%20Panama%20Canal%20and%20Suez,by%20shortening%20historical%20trade%20routes.
- https://www.hrdconnect.com/2018/03/19/ten-questions-every-board-ask-risk-management/