Ventiv Resource Library
Issue link: https://ventiv.uberflip.com/i/1021139
9 Driving the data dividend Insufficient support Risk mangers find their stakeholders do not sufficiently value analytics to provide the necessary resource to increase analytical maturity. This may be a consequence of data governance and processing often being owned by the IT function. Risk managers can provide the link between the IT function and the business so data is collected for tightly defined business needs and overlaid onto existing business processes that deliver practical insight. Individuals are increasingly used to digital experiences on elegant systems and have the same expectations of workplace information. Data insights should be presented through clear visual methods that can be investigated intuitively rather than through spreadsheets and tables. Maximising the value A financial services firm addressed its high volume and cost of motor fleet claims, compared to the industry standard. Telematics were installed into all vehicles to provide a data feed of vehicle and driver performance to the business. The data was analysed and shared across the business at three points, to gain organisation-wide support; 1. Operations. Data was used to improve driver awareness and update Health & Safety policies and guidelines 2. Senior management. Data used to assess the cost benefit and associated risks of outsourcing the motor fleet 3. Board. Key risk indicators used to drive and monitor risk culture Poor quality data A quarter of risk managers think the data they hold is of limited quality. Data needs to be of high quality in terms of the data producer, the person or system that inputs/ generates the data and the data user, who will view or manipulate the data. High quality data will be accurate, timely and appropriate in nature and volume to its use. Appropriate data verification and access checks will be key. Risk managers must establish who collected the data, and why. Data is often collected with a specific theory in mind and there can be a tendency to make assumptions based on limited information. Risk managers should assess the data collected in terms of its relevance to the question being asked, and reflect on any confirmation bias that may have crept in. Avoiding errors A global FTSE 100 organisation collates security information from multiple sources to monitor its geopolitical risk. Information is gathered from external sources, e.g. security firms and linked to internal data from HR, finance, facilities etc. Ensuring this information remains accurate and timely is a major challenge. The risk management team demonstrate the value of security risk data to the business through online visualisation tools and one-page summaries that support decision making. This has ensured the necessary budget for data analysts who verify and test the reliability of information and ensure no data is being prioritised inappropriately. A key task includes corroborating the qualitative information that may easily be dismissed, but can be invaluable when adding reasoning to statistical data. Difficulty accessing data The top reported reason for risk managers not using analytics is inability to access the required data. Firstly, they may struggle against business units limiting the information they share with the risk function or sanitising it beyond use. Even where data is accessible many businesses fall foul of collecting data for single-purpose or single-function use. Data becomes locked within silos where each set has its own classification and taxology rules. A risk manager's first task will be bringing together the different pools and linking them by common themes and field names. This facilitates analysis and ensures that when the business is discussing its information, everyone is talking the same language. Achieving consistency A transport provider is developing consistency in risk reporting across the business by taking a top-down and bottom-up approach. The risk manager gained senior management support by collaborating to theme or 'bucket' the key risks of the business against publicised strategic priorities. This is creating risk data categories that should resonate at all levels and across all functions. The risk manager is subsequently producing key risk indicators and scorecards linking the main activities of each unit to the established themes. By linking risk data to the overall priorities and operational activities, consistent data collection will be built into all day-to-day processes.