Back to Strategy

How valid is your strategy?

Strategic risk management.

Jeroen Toetby Jeroen Toet

How valid is your strategy?

Many organisations devote time and attention to risk management. The focus here is on managing operational and financial risks. This concerns in particular risks linked to the functioning of people (fraud, unethical behaviour, etc.) or processes. We call this group of risks risks to performance.

Alongside this group of operational risks, it is of great importance for organisations to recognise a second group of risks: risks to value. Risks to value are not linked to the execution of the strategy, but to the validity of the strategy. They offer insight into events that can influence the strength of the company's strategy.

Risks that threaten your added value

Risks to value threaten the ability of organisations to create value. We distinguish two groups of risks to value:

External risks

External risks are those linked to events outside the sphere of influence of organisations. This includes, for example, macroeconomic changes or changes in stakeholder behaviour.

Strategy risks

Strategy risks are risks linked to the strategic choices of organisations. They are risks that organisations consciously take in the expectation of creating above-average value.

Strategic dialogue

Managing "risks to value" requires a different approach from managing "risks to performance". Instead of internal control, it is about having a strategic dialogue. Here you think through uncontrollable risks and their implications for the company's strategy.

Holding the strategic dialogue is often a challenge. Group think or excessive self-confidence distort a clean view of "risks to value". Tools such as scenario planning or war gaming are powerful for breaking through these pitfalls.

Strategic risk management in 5 steps

Step 1: Determine the business model

We map out the organisation's business model. The business model makes the organisation's strategic choices explicit and offers a good basis for assessing external risks and strategy risks.

Step 2: Determine external risks

Using our trend library, interviews and conversations, we map the most important external risks. These are uncertainties in the external environment of the organisation. Some examples of external risks: new legislation, an economic dip, rapid change of technology, a new strategy from a competitor.

Step 3: Determine strategy risks

To determine strategy risks, we sketch the playing field in which the organisation has to operate over the coming years. We make use of a set of future scenarios for this. Future scenarios are eminently suited to thinking through and making explicit the main external risks. By confronting the organisation's strategic choices with the future scenarios, we determine how much risk the organisation is taking. Does the strategy connect with all future scenarios or only with a single one?

Step 4: Risk mitigation

The external risks and the scenarios are an excellent basis for thinking about risk mitigation. Can we make the strategy more robust with small adjustments? Do we want to be distinctive in one scenario and following in the others?

Step 5: Monitoring

The nature of "risks to value" is that they can develop quickly and unpredictably. It is therefore important to monitor their development. Our online Environment Monitor works with expert panels that help organisations keep an eye on the most important risks.

"A ship is safe in harbour, but that's not what ships are for." — William G.T. Shedd