Customer-Driven Risk Management
Preston Finley, Director of Foresight, Strategic Planning & Risk Management at the U.S. Department of Veterans Affairs joined me on The Business of Government Hour to discuss the mission of his team and the importance of customer-driven risk management. Here’s a synopsis of our conversation.
I have worked in other organizations and have seen various ways to approach and manage risk. From my experience, risk should be assessed and placed in context across the enterprise – enterprise risk management (ERM). I find using strategic foresight within ERM a powerful tool in anticipating risk and its implication. When done right this tool can help agency leaders get out in front of potential threats before they hit their front door. It also can take risk management beyond a compliance exercise it often can become. To manage risk effectively focus on threats but also opportunities. In doing so, it is also critically important to consider the impact of risk on those you serve, which gives the enterprise risk management approach a customer-driven focus.
I’ll share an example of customer driven ERM in action. It took place when I worked at the U.S. Postal Service. You may recall the various instances when the Postal Service would issue a postage rate change taking the cost of a stamp from thirty-nine cents to forty-two cents. Each time a rate change happen the Postal Service would take a hit in the news and with its customers. The organization faced reputational and operational risks, but there was an opportunity here. It prompted the creation of the forever stamps. No more need for customers to buy new stamps when the rate increases. It was a huge benefit for customers as it gave them an opportunity to stock up on stamps that they can use forever regardless of future rate increase. It also turned out to be a huge benefit to the U.S. Postal Service because with the advent of forever stamps the Postal Service no longer needed to rotate out old stamps and destroy them, which was a very costly process. This approach to manage risk was a gamer-changer for both our customers as well as our organization at the time.
I have VA example as well. A large VA medical center (VAMC) almost routinely had high scores on a five-star scale, but then that high score began to drop precipitously. The VAMC wanted to know why. The Veteran Experience Office provided knowledge from various systems it had tracking customer experience. They found out it was not something they even thought about. It was the pharmacy. The pharmacy operation presented an enterprise risk. Apparently, the service was slow and some staff not particularly pleasant. Once this risk was identified the VAMC was able to pivot within a few weeks – the pharmacy issues were addressed and processes improved. Soon customer experience score began to increase. If you can get insights like that in fairly near real-time, that is a game changer because then you can focus again on the customers and root out potential risks and address them before they become major disruptions to the enterprise.
The VA risk management approach must place its customers front and center. From output to the outcome, our veterans and their families are our key concern. VA has seen encouraging progress in customer experience. VA scores a 90% on trust amongst veterans for medical care. That is almost unheard of. That is outstanding. At a federal agency, we think about customers but unfortunately, sometimes people think too much about compliance. Compliance is an activity that must happen. I understand that, but the managing of risk effectively has to generate better and more positive outcomes for VA customers, our veterans.
I am focused on maturing our processes and the tools we use to anticipate and manage risk across the VA enterprise. We have created guidance documents that are user friendly. To do this right, we have engaged and worked with our clients to develop handbooks, directives, and establish an effective governance structure. We are also developing the right tools to make it easy to identify risks that can flow naturally into the risk register where risks are triaged and determined the risk level be it enterprise or functional in nature.
We conduct the risk workgroup meetings and the enterprise risk council meetings. We vote on risks and decide the risk profile. Our job is to mature the organization to where risk management brings high value to senior leadership providing the best information to make better decisions. Putting foresight, strategic planning, and risk management within the same office creates value and develops synergies amongst the various disciplines.
As we mature our processes and organization, we continue to focus on veteran driven initiatives to bring better outcomes. VA was doing this before I got here, but it’s only getting better. The department is maturing very quickly. Our team partners and collaborates very closely with various components within the department. We share insights as well as track and monitor trends. Customer driven risk management is the name of the game. It also needs to take seriously strategic foresight. If you’re not doing some kind of foresight activity, you’re never going to anticipate the needs of your customers in advance and the risk, threats, and opportunities they face.
Anytime, Anywhere on...