SAI360’s Christine Adeline talks with Risk & Compliance Magazine about how risk management practices – from EHS&S, to business continuity planning, to digitalization projects, to managing vaccine mandates – have changed for companies through the pandemic.
R&C: The world has been dealing with the coronavirus (COVID-19) pandemic for almost two years. How has risk management changed for companies since March 2020 and what would you say are the biggest lessons learned?
Adeline: One of the biggest lessons is that businesses rely on people, and we have a duty to protect those people. The coronavirus (COVID-19) pandemic is a human health crisis and as such as put a greater focus on managing health and safety risks. We are seeing mental health and wellbeing getting more focus and managing risks like burnout that are associated with the “whole person” has become more important.
The Global Corporate 2021 Survey by independent analyst firm Verdantix tells us that market data from wellbeing solutions providers support the idea that mental health has deteriorated and that 94% of environmental, health and safety (EHS) decision-makers expect to assume greater responsibility for employee mental health and wellbeing. There are more studies and data available to link presenteeism with reduced productivity and a damaged bottom line. We have also seen the need for EHS and operations to collaborate so organizations can manage risks holistically. Overall, COVID-19 has transformed how companies view and manage EHS risks, putting EHS in the spotlight for greater focus and development.
With the crisis management timeline stretched into months, companies have had to lean into collaboration, agility and resilience.
R&C: At the start of the pandemic, many companies were quick to dust off old business continuity plans, while those without one scrambled to implement programs to restore and resume critical and essential functions. How has business continuity management (BCM) evolved? Have companies kept pace with those changes?
Adeline: BCM plans have traditionally been built to withstand since or specific incidents rather than the ongoing and constantly evolving pandemic. Some existing plans are just not built to generate sufficient longer-term resilience. With the crisis management timeline stretched into months, companies have had to lean hard into collaboration, agility and resilience.
Companies have also had to increase their perspective of risks that impact business continuity. EHS has become an integral part of BCM as companies restructure for distributed teams, digitalize for greater flexibility, and share data and insights to create an honest dialogue about the organization’s future.
The pandemic showed the need to also account for the interdependence of environmental, social and governance (ESG) risks and factors like global warming and energy crises. The organizations best positioned to withstand the turmoil of long-term disasters are those that embed ESG practices throughout the business instead of isolating it.
R&C: Digital transformation became the buzzphrase for much of the pandemic and the rapid proliferation of emerging technologies has made the business landscape that much more complex. What has been the fallout for companies as they increasingly rely on technology-centric operations?
Adeline: From our perspective, growing digitalization has had a mostly positive impact on business outcomes and has not come with “fallout,” per se. However, there are challenges that hinder implementation. Slow adoption can become a problem when companies do not have proper change management, and the sheer volume of new technologies can be overwhelming.
Organizations can also fall into “pilot purgatory,” where they may do multiple pilots but never achieve large-scale adoption due to low funds and failure to learn quickly while adopting a fail-safe approach. Solutions are sometimes adopted for specific purposes with limited use and limited long-term ROI, which reinforces silos that need to be broken down if the organization is to become more agile and collaborative.
The greatest risks come from an IT and cybersecurity perspective. If companies are not putting effective processes and systems in place with their digitalization efforts, the opportunity for successful cyberattacks and accidental data breaches does increase.
Reprinted from Risk & Compliance Magazine, January/March 2022 issue.
Christine Adeline is Senior Vice President, EHS&S Product Management & Product Marketing at SAI360.