Posted on November 15, 2008 by

Integrating Performance and Risk Management Processes – What the CPM Professionals Say

To promote discussion and debate around the integration of performance and risk management, we recently posted a very simple question in the Corporate Performance Management group on Linkedin.

Should organisations integrate performance and risk management?

The replies are below and we welcome further comments/feedback on this topic.


The terms Risk and Performance Management are increasingly interrelated. Especially in turbulent global economies. Volatile economies can be periods of tremendous opportunity for leaders equipped with the right knowledge to take advantage of the moment. Understanding and managing risk related performance helps leaders become more efficient and profitable. At their core, performance and risk management are about getting to the truth. By “the truth,” I’m referring to a single set of facts about business that reflects the reality of the enterprise’s performance generated by hard data. This is where Performance and Risk converge. Effective organizations proactively manage risks to close performance gaps. Across the board, they engage in more formal risk management than less effective organizations, including the use of monitoring, reporting, historical comparisons, evaluation tools, predictive analytics, risk-adjusted forecasts and process controls. – Tom

When we in our Group evaluate the Group Profit on products and markets, we at the same time estimate the risk if we loose or have higher competition on each product and markets, to evaluate the worst case for the Group. – Claus

Customers are linking Risk with PM. We see this in the sustainability area where risk dimension are used in establishing carbon modeling and resultant carbon exposure. Also, we see this with “risk” adjusted KPI’s with PM frameworks and linking to strategy to key drivers for those KPI’s. – Warren

Risk and performance are two sides of the same coin. The greatest successes can be gained by balancing the seesaw of:

1) Reducing Risk ALARP (As Low As Reasonably Practicable)
2) Increasing Benefit (sic. Performance) AHARA (As High As Reasonably Achievable).
– Emma

In what we understood for CPM (Corporate Performance Management), this involves all of the levels of the business organization, in the one that the Administration of the Risk belongs one to them. To dissociate the business administration of the risk administration would be a negligence. However, face to the existent tools in the market, a lot works here in the sense of corporate implementation, but in the reality under a departmental optics, each one with his Datamart, in the one that Risk and Administration are separate. However, when we spoke in CPM, in the optics of business solution, example: Execplan, see that the own project of CPM possesses an implementation methodology that approaches all of the areas in an united and corporate way. Then, in this sense, when we spoke about solution and not of tools, we would say that the business administration would be capable to have the two sides in the same coin. – Haroldo

Risk management could be consider something cross around any area and process in Organizations.
When we talk about CPM we are talking about Consolidation, Budgeting, strategic finance etc, and in all these areas you have to make Risk management, from technical and functional perspective. And it affects to Systems, Process, tools and methodology. Examples: Risk on data transformation and integration, risk on integrity, risk on performance issues on calcs or communications, ….Any process is a potential target for risk analysis. –

We would welcome further comments/feedback about if and how organisations integrate performance and risk management processes.