Defence Digital Enterprise Risk Management Improvement

Context:

What we did:

• Diagnosed problems with Risk Management practice and developed a comprehensive improvement plan, then went to work on delivering significant elements of the plan

• Used POPPIE methodology to plan and influence changes across the spectrum of risk activity, as follows-

• Pitch: Articulated a vision for the organisation to be “Risk-led” in the voice of the 3* CEO

• Orientation: Authored a Risk Management Strategy and received buy-in for the Strategy from the 3* Board

• Orientation: Captured the organisational and Portfolio Management context to recommend changes to Business Plan objectives and bring Portfolio level risks under management

• Process: Re-wrote the Defence Digital Procedure for Risk Management (DDP181). Produced guidance for specific elements of application of the process eg. Roles and Responsibilities

• People and Skills: Produced Risk Principles training that was rolled out to risk role players

• People and Skills: Carried out 1:1 coaching and mentoring for a number of people in risk roles, enabling them to apply the theory in context

• People and Skills: Made prominent contributions to a newly formed Community of Practice

• Information: Established a data standard to specify the expectations for inputs to Active Risk Manager.

• Information: Carried out Early Market Engagement and requirements capture for possible procurement of a future risk tooling capability

• Exploitation: Demonstrated a novel bow-tie MI format that was well received by the Board

• Exploitation: Developed guidance for Cost Risk Analysis and recommendations for improving Contingency Management and linking risk information into the Finance processes

Results / Benefits