News

Governance and Risk Management – In the Eyes of a Coffee-House Barista

[Jan 21, 2010]

Often when speaking with other consultants and even clients I find that they do not grasp the concepts of Governance and Risk Management and how they relate to their business. I believe part of this may be due to the heavy use and mis-use of both of these words. In reality, these two words exist and are managed within all businesses, even by the barista at the local coffee-house. 

How does governance relate to a barista? Well let’s imagine that this barista is the owner of the coffee-house. Assuming he has hired other baristas’ and employees, he has effectively undertaken governance at some level. The level of governance is related to the amount in which the other employees assist him in the operating of his coffee-house. As the barista no longer has complete control over all the affairs of the coffee-house, she/he will look to establishing governance.

How does risk management relate to a barista? I find this topic is more commonly grasp, however sometimes the focus is only on compliance-specific requirements and not also on business activities in general. Continuing with our example… the barista has many decisions she/he makes on a daily basis in relation to risk. Which coffee bean should she/he serve his customers? How many varieties of tea should the coffee-house stock? Having too little or too much of both present risks to return or profitability of the coffee-house.

This was a simple example scenario, but one that should serve as a reminder that governance and risk management is relevant to YOUR organizations and for that matter, all organizations. It is more than likely just much more complicated. The barista has the benefit of knowing their business end-to-end; from suppliers, customers, and business processes.  The good news is that Redpoint Risk can help. I am focused on risk management and governance, with experience working with over 45+ organizations.

If you would like to talk more about IT governance or risk management within your organization, or the challenges you may be having; please let me know (we could do it over a cup of coffee). By managing both governance and risk management effectively, your organization will be more resilient and responsive to risks while maximizing growth from opportunities that arise. 

- Chad Weinman

Sources:  Barnier, Brian (2009). Driving Value From Nonrevenue-generating Activities: Myths and Misunderstandings of Governance and Risk Management. ISACA Journal, Vol. 2, 2009.