Tuesday, September 3, 2013

Enterprise GRC Concept Clarification: Systemic Risk vs. Strategic Risk?

Systemic risk is more foundational whereas strategic risk is more intentional.


Systemic Risk is a Macro/ helicopter view of the entire system or significant chunks thereof. The strategic risk, however, usually involves distinct entities, organizations, firms, etc... As they continue on their long term but separate paths. More specifically: 
  • Systemic risk is more foundational whereas strategic risk is more intentional. Systemic risk is a flaw in a system. Strategic risk is knowingly assuming a risk because it is believed that the potential reward outweighs the potential downside. Systems can create self-reinforcing modes that become ingrained and therefore almost impossible to change. Worse, those modes gradually become viewed as the norm to such an extent that people don't even notice them. However, these ways of doing things can create stresses so large that the system fails. 
  • Systemic risk is the risk to a system. Systemic Risk = The possibility of risk being cascaded to all entities in a given industry, function or partnership. Strategic risk is the risk of a strategy. Strategic Risk = Risk associated with specific long term goals or objectives.
  • Systemic Risks are risks external to the organization, such as political environment, geographical environment, industry, etc. Strategic Risks are the risks associated with the strategies of the organization/firm, investing heavily in new products/services. Strategic risk is broader involving many unknowns and unknowable because it is about the future. 
  • Systemic risk is not confined to the finance system; indeed a culture or behaviors can contain systemic failings and risks to objectives. Strategic risks are those which exceed a certain pre-defined threshold as having a material consequential impact to an entity and its objectives; regardless of their origin or type. 
  • Systemic Risk can be measured, or the methodology can be used in different contexts, ecosystems, energy complexes, political systems, and the productions thereof, etc....Interdependencies of unknown quantities and therefore effects; on the contrary, the strategic risk ought to be confined to specific moves within the game and the risk of not achieving goals/objectives...to win. There are overlaps between the two. 
  • Systemic risks concern the external factors that can affect the delivery of any set of objectives; strategic, operational, etc. They tend to be removed from the direct control of the affected stakeholders. Strategic risks are the uncertainties, inherent variability and the unknown interdependencies among sources of risks that could have an effect on the delivery of strategic objectives or plans.   
  • Strategic risk is confined to scope while systemic risks are market or regionally defined. An overlap between the two is possible but a good compromise will be to regard systemic risks as affecting the "setting" and strategic risk affecting "scope". Project novelty, low learning curve position, ignorance, absence of a flexible and responsive feedback format, lack of objective data and lax governance contribute to strategic risk given that each may negatively impact the robustness of strategic plans. 
Systemic risk is an intrinsic risk that is always present when using a certain type of system. Systemic risks are those born of a system or even culture - regardless of their type. The risk has become so ingrained as to be 'systemic'. Its origin or type is irrelevant. By contrast, a strategic risk (which may or may not be systemic in nature) is that which poses a threat to subjects, strategic objectives. Nothing more, nothing less.







0 comments:

Post a Comment