In this riveting episode of “Status Go,” we hit the accelerator on enterprise risk management with industry heavyweights Johan Nystedt and Mike King. Our host, Jeff Ton, steers a high-octane discussion on why being risk savvy is crucial to corporate agility, the transformative role of technology in both leadership and M&A, and why due diligence in IT is make-or-break for your next big deal. Get under the hood as our guests share insider expertise on curating a culture of diverse voices and decisive action, stressing the importance of collaboration, and a call-to-arms for CIOs and CTOs to align risk management with business strategy. Buckle up as “To Drive Fast You Need Good Brakes” takes you on a journey to the fast lane of business success—where good brakes in the form of intelligent risk management let you handle the speed of innovation and change.
About Johan Nystedt
Johan Nystedt founded and led multiple consulting and software companies. His most recent startup is Nystedt Enterprise Solutions LLC, which advises clients on Enterprise Risk Management (ERM) and Investor Relations (IR). Johan draws from his executive expertise at companies such as Conagra Brands, where he was the Chief Risk Officer, IRO and Treasurer, and RR Donnelley (RRD) where he headed up M&A, IR and corporate FP&A.
Today, Johan leverages his extensive advisory and risk management skills in growing his startup consulting firm. He partners with Indiana University, Kelley School of Business, on risk management initiatives and workshops. He is a frequent speaker and moderator at various global conferences, and coaches other business leaders through mentoring, accelerator events and trade group presentations. He has authored articles published by the AFP, RIMS and GARP.
About Mike King
Mike King is the Founder and CEO of DAXEOS, a venture capital-funded startup focused on developing a next-generation Digital Engineering Platform for Automotive Product Development. Before his current role, he co-founded LHP’s Data Analytics & IoT Solutions group, achieving significant growth and implementing Digital Transformation initiatives, Advanced Analytics, and Internet of Things capabilities for major OEMs in the Transportation, Industrial, and Manufacturing sectors. Prior to that, Mike held leadership positions at Cummins, where he directed Financial Systems Transformation and Enterprise Business Analytics, and at Boeing, where he worked in finance, manufacturing, and supply chain, including serving as the Finance Systems Leader for the Boeing 787 Airplane Program.
With a strong background in IT and extensive experience in driving organizational change, Mike has successfully led global initiatives, including finance systems implementations and enterprise business intelligence projects. He has also been involved in various community organizations and has received recognition for his contributions, including being named Volunteer of the Year by the United Way of Bartholomew County. Mike holds bachelor’s degrees in Finance and Marketing from Eastern Washington University and a Master’s in Technology Management from the University of Washington. He resides in Columbus, Indiana with his wife and two sons.
[00:00:00] – Hold on tight as we dive deep into the essentials of enterprise risk management!
[00:00:37] – Status Go: The home for IT movers and shakers ready to accelerate their strategy.
[00:00:54] – Unveiling a fresh, savvy approach to navigate the complexities of enterprise risks.
[00:02:12] – Kickstarting a dynamic conversation about leadership, technology, and success in the modern era.
[00:03:19] – Amplifying the value of technology in mergers, acquisitions, and everyday business decisions.
[00:05:34] – Overpaying in acquisitions? Discover how to sidestep this trap with meticulous IT due diligence!
[00:06:58] – Purchase price pitfalls: A candid talk on examining assumptions and not getting numbers twisted.
[00:09:11] – Charting the vital collaboration between IT and M&A teams for seamless corporate integration.
[00:10:56] – Going beyond risk lists: An inside look into making enterprise risk management more impactful.
[00:12:41] – Exploring how a robust ERM framework unifies a company and fosters risk-aware cultures.
[00:13:34] – The strategic dance of CIOs and CTOs with enterprise risk managers for organizational leaps forward.
[00:15:13] – The spotlight on technology as a mission-critical factor driving corporate value and investor confidence.
[00:16:51] – Fostering a corporate culture where diversity of thought flourishes and risks are openly addressed.
[00:18:24] – Adjusting the sails in risk management: From theoretical lists to actionable, informed data delivery.
[00:20:36] – Detecting cultural red flags in engagement and advocating for open discussions on enterprise risks.
[00:24:14] – Fueling the decision-making engine with speed, data, and robust internal support systems.
[00:26:42] – The sheer power of mock drills and building ‘crisis muscle memory’ for disaster preparedness.
[00:28:21] – Captivating IT simulations go mainstream: Why tabletop exercises are now a business-wide practice.
[00:30:07] – A clarion call to action: Engage in critical go/no-go discussions and arm leaders with the right data.
[00:32:17] – Wrapping up with actionable insights: Empower your team for future-proof decision making in tech.
[00:33:59] – Don’t miss a beat; subscribe to Status Go for your weekly dose of tech transformation tales!
[00:35:39] – Want more juicy tidbits on risk-taking and tech triumphs? Tap into our community conversations.
[00:38:16] – Closing the loop: An enthusiastic reminder to join us again and stay ahead in the tech game.
Johan Nystedt [00:00:00]:
ERM, really shines when ERM, really focuses on the first letter of ERM, which is enterprise. ERM, kind of binds the company together, provides the glue between the different business functions, and provides a forum where speaking about risks and concerns and opportunities is not only accepted, but a forum where it’s expected and encouraged.
Voice Over – Ben Miller [00:00:36]:
Technology is transforming how we think, how we lead and how we win. From InterVision, this is Status Go, the show, helping IT leaders move beyond the status quo, master their craft and propel their IT vision.
Jeff Ton [00:00:53]:
Welcome to Status Go. I’m your host, Jeff Ton. In this digital age, CIOs and CTOs are being asked to move faster and faster. In fact, businesses overall are moving at an exponential pace compared to just a few years ago. When moving at such a frenetic pace, we don’t always stop to ask the question, “Should we be doing this?” Whether it’s a go/no go decision on a project, a more costly go/no go decision on a merger or acquisition, or even ethical questions of some corporate decisions. As any race car driver will tell you, to drive fast, you need good brakes.
As a CTO or a CIO, have you considered your relationship with the enterprise risk manager at your organization? ERM, goes well beyond cybersecurity. What about M&A activity? Are you brought in during the dating process or are you an afterthought after the marriage? What is your involvement with investor relations? Does it go beyond a cybersecurity report to the board periodically? Today on Status Go, we’re going to be talking with Mike King, the CEO of Daxeos, and Johann Nystedt, president of Nystedt Enterprise Solutions, an expert in enterprise risk, investor relations, and M&A.
Together, we are going to unpack the relationship you need to have with the leaders of those programs in your organization!
Gentlemen, welcome to Status Go.
Mike King [00:02:42]:
Great, Jeff. I’m glad.
Johan Nystedt [00:02:44]:
Thank you very much.
Jeff Ton [00:02:45]:
All right, let’s start with a little bit about your background. Mike, I know you have been a guest here on Status Go, gosh, a couple of times in 2023, I think, and maybe back into 2022, but could you share a little about your background? And then, Johan, I’ll have you share your background as well.
Mike King [00:03:06]:
No, thanks, Jeff. Yeah. Mike King from LHP and Daxeos. We’re an engineering technology company specializing in everything from embedded systems to digital transformation. Started my career at Boeing a long time ago as the performance analyst for wing manufacturing, where data was of high priority. Spent about 18 years in every kind of role, manufacturing, finance, supply chain and then spent about seven or eight years out of here at Cummins, leading their financial systems and their enterprise analytics before moving to the consulting world.
Jeff Ton [00:03:52]:
Awesome. And I know in the past you loved to say that your job at Boeing was to make sure the wings stayed on the airplane. That took on a whole new meaning in the past week or so.
Mike King [00:04:03]:
It does. That’s why some of this kind of hits home. I mean, when your job is to make sure that wing stays on.
Jeff Ton [00:04:08]:
Mike King [00:04:11]:
A lot of tough questions, but also, you better be ready with the data to show. Yeah, it’s a good place.
Jeff Ton [00:04:21]:
We will dive into that for sure. Not that we’re going to unpack any specific businesses today, but we’re going to talk in general about that now.
Johan, I know your background. We went through that when you and I first met the other day. An incredible background. Could you share just a high level, a little bit about your background and how you came to be doing what you’re doing these days?
Johan Nystedt [00:04:49]:
Would be happy to do so. So, my name is Johan Nystedt, and back in 2022, I founded a consulting business called Nystedt Enterprise Solutions that really focuses in on what we call enterprise risk management, which essentially is what it says. It’s really risk management, but for the enterprise as a whole. So, we focus on the very top priorities and top risks facing an organization. Prior to that, I worked in different capacities, such as being the chief risk officer, M&A, investor relations or treasury, at companies such as RR Donnelley in Chicago, Levi Strauss in San Francisco, Conagra brands in Chicago, Kraft, and Altria in New York.
Jeff Ton [00:05:45]:
So some big brands, some really big, you know, Levi Strauss. With the football playoffs underway, we’re going to be hearing that name quite a bit since they put their name on that stadium out there.
Well, Mike, you and I were chatting the other day, and you brought this idea for this conversation up with me, and I thought our listeners would really benefit from talking about these concepts, these relationships. But could you talk just a little bit, set the context for us? What’s leading you to be thinking about this?
Mike King [00:06:23]:
Well, it seems like every day, every week we see a company announcement. Something bad happened, right? Whether it’s one of those robotaxis in San Francisco kind of running over somebody, or this last week we had announcements from both Cummins and Boeing on just some really bad news.
Jeff Ton [00:06:46]:
Mike King [00:06:48]:
And this is not to litigate or armchair quarterback kind of the situation, but in these great companies, I start thinking about engineers. Just don’t go rogue. Right. It just doesn’t happen. And so what’s going on inside the company? But more importantly, back to what you and I talk a lot about, is this isn’t just an engineering issue or a technical. It’s also a people. So I’m like, know, where is internal audit? Where is the CTO in this thing? Where is the board? Is it just that they’re trying to push the envelope on technology, or is there something else there? And so that kind of got me thinking. And as I started thinking about who I want to talk to, first thing, I reached out to Johan, because he and I talk a lot about the role of ERM and digital transformation, how it’s kind of two sides of the same coin.
How do we use data to get visibility to the corporate leadership? How does corporate leadership have line of sight? Are they managing the risk? Do they have the right data…that type stuff? And then our conversations, Jeff, about the emerging role of the CIO and CTO, this convergence and expectation and CIOs are no longer to their back office. They are critical path now and part of some big decision making. So that kind of got it going. And as know in all the headlines, this is a great opportunity, kind of a lesson learn, unpack. And with you guys, with your experience, you’ve seen it from different angles. Thought it would make a good topic for the Status Go audience in particular, who’s kind of living this on it every day, is kind of talk about things and really get people thinking about it.
Jeff Ton [00:08:49]:
Well, Johan, I want to bring you in on this because a lot of our listeners are chief information officers. Chief technology officers. They’re running the IT systems in a lot of cases. Where does their role intersect with the Enterprise Risk Manager, or, I know you’ve done investor relations and M&A kind of at the high level. Where does that intersection begin?
Johan Nystedt [00:09:21]:
Yeah, well, it’s very all-encompassing, especially nowadays. Not only is technology and information technology mission critical, I think at most, if not all companies, but also increasingly, when you look at investors and investor relations, the information technology strategy of a company really helps determine the value of a business. So, it’s not only that it is a passive function, it’s also very much a value enhancing function, and that needs to be communicated to the investment community if we are trying to enable full value creation of a business. Right. I mean, take, for example, a public company. If you want the share price to reflect your strategy that nowadays probably always includes a technology strategy behind it, then to kind of unlock and unleash that value, it needs to be clearly communicated. The dirty little secret is, I think that sometimes a lot of leadership within a company are not fully averse and conversant on what that strategy is. So, I think it’s imperative for technology and chief technology officers, CIOs, to be well-connected with investor relations and the overall leadership team in order for us to be able to communicate these important strategies.
And that’s really where enterprise risk management can come in to kind of help bring the right people together to speak about not only risks, but also about opportunities that oftentimes obviously reflect what’s going on in it.
Jeff Ton [00:11:16]:
Well, I loved your line the other day so much, and I stole it for my introduction. To drive fast, you have to have good brakes, and I think we forget that a lot in business. And, Mike, I think you said this perhaps the other day when we were chatting. Sometimes the culture is lean in. And what does exactly does lean in mean? Does it mean go with the majority, or are you free to speak your voice?
You’re a CEO. How do you make sure that everybody has a voice and everybody, even if it’s the dissenting voice, is heard?
Mike King [00:12:00]:
And that’s probably the toughest thing, because we’re all now competing on data, we’re competing on new technology. We’re trying to create what doesn’t exist and go fast and really lead that charge. The challenge, and I think we talked about it, is, again, you look back at some of these pretty spectacular failures we’re reading about, is, where was the dissenting voice? If the math doesn’t get better by sharpening your pencils, is it real data? I know what I do, but also what we help other companies do, and throughout their career, is that airplane has to fly, it has to work. It just can’t throw it out there because the date says, or because we got a schedule on the calendar or whatever. And so what I try to do is make sure that I have the dissenting voice, because I’m very much get to the finish line as fast as I can. I need the pessimists around me. I need the folks that can, again, bring the brakes if I can’t, and then empower them. You put the brakes on when I won’t kind of a thing.
And I think that’s kind of where we was talking about, is these things don’t happen in a vacuum in a company. And so what’s keeping that voice from being heard?
Jeff Ton [00:13:38]:
Mike King [00:13:39]:
And I think, even if you’re the best at it, you succeed every day. You’re always worried about, am I getting the right data? Am I seeing it. Am I rounding everything to the positive versus really slowing down and kind of defending the negative?
Jeff Ton [00:14:02]:
So, Johan, from your perspective, you’ve served in these roles in multiple organizations. How does a CIO or a CTO begin to build a relationship with those in enterprise risk? I know I, for one, have worked in, I don’t know, a half dozen organizations throughout my career, from 60,000 employee global organization to an organization of 50. In that large organization, I couldn’t even have told you who was in charge of ERM. So how do I begin to build that relationship?
Johan Nystedt [00:14:47]:
Yeah, so when, ERM really shines is when, ERM, enterprise risk management really focuses on the first letter of ERM, which is enterprise. It is something that we do not do. A vacuum. Michael mentioned, talked a little bit about earlier about how do you get the voice heard in a vacuum? You don’t get the voice heard in a vacuum. If the approach to business strategy is siloed, that is where ERM comes in. ERM, kind of binds the company together, provides the glue between the different business functions, and provides a forum where speaking about risks and concerns and opportunities is not only accepted, but a forum where it’s expected and encouraged. So when you get the right people together from different disciplines, preferably from different walks of life with different perspectives, and you provide a forum where it’s encouraged to put out the elephant in the room, to speak about risks the way we see them. That’s when you put the type of brakes on that car that makes it no longer reckless to have a strong engine and use it, but actually something that can drive business.
Jeff Ton [00:16:14]:
So, Mike, at your organization, do you have an ERM function, or is it. I’m not exactly sure the size of your company, but I think it’s fairly small. Do you have an ERM function, or do multiple people wear that hat?
Mike King [00:16:34]:
We don’t have a formally, in terms of a role, our chief operating officer plays that.
Jeff Ton [00:16:40]:
Mike King [00:16:40]:
And again, because we’re dealing with other companies’ engineering or their data, we have standards that we must adhere to but we also are open to audits from our customers. And I think that’s part of the gig, is that trust, that risk management. A lot of times we’re being hired by companies to be that voice in the room of not, “What do you want to hear?” Here’s what you need to hear. Here’s what’s going to get you fired that you don’t know as well as Johan and I talk a lot about this need for data. These technology decisions are now being made at the C-suite level. Many of them are not engineers. So a lot of our efforts are around.
How do we get them the data they need, unfiltered but structured so that they are making wise decisions? They do have line of sight. So this is oftentimes what we talk to companies about is embedded software is a risk to your company. If you don’t know what you’re doing right, or if you don’t think about it as one large architecture, how does it all come together? Because it’s those gaps. It’s the speeds and feeds of the organization that oftentimes create these misses. And without that ability to see top down, bottom up, these things are going to just keep happening. You’re going to have a hole in the side of your airplane on the next day at work kind of stuff. And that’s why we kind of reached out to you for this podcast, is this could happen to anybody.
It isn’t just because they’re an airplane company or this or that. Every one of us are going to walk into our job and something like this could happen. Oh, yeah. And so then it’s like, so what do you do? What do you look at? How do you learn from it? What do you need to be putting in place or strengthening to ensure that you are getting as good of a picture as you can?
Jeff Ton [00:18:45]:
Johan, when you engage with a company, what are some of the telltale signs that you look for that tell you we’re not quite there? On building this culture, what things are you looking for?
Johan Nystedt [00:19:02]:
Yeah, two things that come to mind. So, enterprise risk management, unfortunately, oftentimes is an exercise in enterprise list management. Instead of risk management, somebody walks into the boardroom and speaks to the board about, here are the 200 risks that we are facing, and yet there has no depth surrounding those risks because how can you possibly have any depth if it’s 200 of them? Right? So that would be a telltale sign. When you don’t prioritize, when you don’t boil down the risks enough ton be very cleared eyed about what are the risks that are big enough and important enough that can happen with some type of level of likelihood that is probable enough to really put this on our radar screen, and then not only just to identify these risks, these top risks, but to really do something about them, to create clear risk management action plans with clear deliverables and holding people accountable for those deliverables, to make sure that we action into the direction that we are trying to take as a business. In my world, risk is not really a four-letter word in that it’s not necessarily a bad thing. No risk, no return. Right. But let’s be risk smart and risk-aware instead of risk ignorant or risk averse.
I think that’s really what kind of the new level of enterprise risk management, the new discipline tries to put in place is to go from a enterprise list management to real risk management, and b) to make risk be something that is not necessarily inherently bad. We need some risk because otherwise, last time I checked, we won’t have any return. But let’s make sure that we embrace the types of risks that provide high-risk adjusted returns and try to stay away or mitigate risks that are just not compensated.
Jeff Ton [00:21:33]:
So it’s taking educated risks where you’ve really unpacked them and you understand the risk, not blindly going full speed ahead. It’s like, yes, we see that risk, we understand it, we’ve dissected it. Now we’re going to move forward. Am I getting that right?
Johan Nystedt [00:21:52]:
Yeah. For forward companies nowadays, risk management is really about risk portfolio management, where we say these are the risks that are really, or initiatives. Right. The risk and initiative, same thing. Every initiative, like an M&A initiative, a restructuring initiative, whatever decisions we make are always going to involve some risks. And recognizing that, let’s try to make the risks that really matter, the risks that are core to our business, and also clearly identify what is not core to our business, maybe core to somebody else. Like for example, just take a financial risk like currency risk. Well, for most industrial companies, currency risk-taking may not be core to their business.
It’s just an annoyance or a nuisance. It’s a noise that needs to be explained to investors when it goes against our interest. So oftentimes these type of risks that are not court to us but core to somebody else can be mitigated or hedged or sold off. So let’s make sure that we mitigate risks we don’t need or we don’t want to free up spare capacity for risk for us to take the type of strategic initiatives that we are seeking.
Jeff Ton [00:23:19]:
One of the things that we talked on the other day, and we’ve touched on it here a little bit, is one area where risk really comes to the forefront is in M&A, merger and acquisition activity within a company, because you’re really bringing two cultures together. Right. And a lot of times, I know from my experience being a part of several mergers and acquisitions over the years, as the head of IT, I was usually brought in, at the very least, the LOI has been signed. Right. And it might have even gone further than that. There may have actually been an announcement, and now it’s like, okay, can you figure out what we just bought? Let’s go look at their IT systems, and how are we going to bring them together? It’s after the fact.
How do you bring this culture, this knowledge of risk, to the M&A world, the M&A space, and make sure that all of the disciplines. Yes, it it also HR and all the rest of them are brought in at the beginning. How do you counsel your clients to do that? Johan?
Johan Nystedt [00:24:44]:
Yeah, I mean, the cost of managing M&A in the old-fashioned siloed type of approach is just too high nowadays. I mean, technology can no longer be an afterthought. Technology and other disciplines as well, supply chain, for example, are so key to most businesses that they cannot be ignored. And in fact, in M&A, especially when you are pursuing some type of auction process, right, where you compete with other companies in trying to win, have the winning bid for an acquisition, which kind of means you’re going to push the envelope a lot. A bit, especially in these type of situations where everybody is trying to push the envelope to win, you really have to be careful about the potential for the winner’s curse, which is that you either overpaid and or are not able to kind of deliver upon the synergies that you essentially assumed as part and parcel of the acquisition itself. So when it comes to technology, for example, CIOs and CTOs are very much impacted by M&A. Right, because now you go from an environment that you probably know something about your own business to now have to fold in over time, at least this new business. And unless you know what you’re faced with and what that business looks like, and you have some type of understanding from the due diligence process, or you were involved early enough, you could kind of try to figure out what this is all about.
Unless you have that, how would you possibly know the cost it’s going to take to integrate this business you just acquired?
Jeff Ton [00:26:46]:
Well, when you think about that, a lot of times, maybe not all the time, but at least the ones I’ve been involved in, the financial motivation for the acquisition is the combination of those back-end systems, the integration of them, and the replacement of them. It’s a key part of making the numbers work.
Johan Nystedt [00:27:10]:
Yeah, unfortunately, sometimes we make the numbers work, but putting the assumptions in that make the numbers work. So that is one of the things I’m counseling my clients, try not to build the assumptions into. What do we have to believe to make this work? Let’s look at what do we really think, and is the purchase price worth it after we reflect upon those risks?
Mike King [00:27:34]:
Jeff Ton [00:27:36]:
Mike, I know you hang out with a bunch of us IT geeks a lot, the CIOs and the CTOs. I can kind of picture a couple of the folks that you and I both mutually know. Mike, this is all great, but if I went to my, ERM, guy, or if I went to my M&A woman that was in charge of M&A or I did this, they’d look at me like I have three heads. Right. Because all of a sudden, what’s the IT guy doing in my office?
Mike King [00:28:10]:
Wandering in the wrong hall. Yeah.
Jeff Ton [00:28:12]:
What message do you have for them in this conversation?
Mike King [00:28:16]:
Well, I think part of it is there’s a discipline here, whether especially for doing mergers and acquisitions or whatever, that the IT team, CIO’s organization, are experts at. Right. Just unpacking it. Here’s what we’ve got to do. And again, the CIO deals with a mess internally already, and so working together is how do we turn this into much more routine activity so we can go in, do the assessments, build the plan, turn it into just your normal kind of it. Onboarding, I think, is one. The second, I think, is probably the bigger is, do they have enough data? Does the M&A team, the, ERM, team, the corporate team, do they have the data they really need to make these decisions? And again, you think about what’s happening in Boeing and Cummins and other companies today, after they’re dealing with this mess, they’re going to get some data and the lawyers are going to get. So it’s like, how do we help them get the data before? How do we make it easier? What do they really need? How do we help them see what’s going on during the transition? So, again, they can be our advocates or the relationship to the board, really making sure that’s squared away before we go in, just like you would any other business partner of the CIO, because end of the day, this is about visibility.
You’re going to have bad news. Great. Can you see it? Are you all looking at the same data? So then, who’s got the dot? What do we do, right? Turn it into just a normal day at the office versus getting blindsided. Where did that thing come from? I think is the biggest thing. And then the third one is the CIO organization is probably one of those teams that has probably more boots on the ground, covers more of the company than an ERM ever would. And so do they have the organization internally that helps them see what’s going on, or that’s open for the contrarian to come in and say, this doesn’t look so good, and that at the end of the day, the CIO is a risk manager. Right? You’re making sure your compute, your network, your operations aren’t vulnerable. And so the CIO has to champion that risk voice, champion those folks that are kind of coming up saying, this doesn’t feel right.
What do I do? Where do I go and make sure that they are bringing that upstairs and just making sure, hey, we got to make the call, but make sure. Here are the risks, here’s the issues, right. Here’s what our plan is to get there and making sure, that’s all. Bringing forward, and again, what they’ll find. What I’ve found, just like reaching out to yourself and Johan, is those, ERM, folks, they’re looking for advocates, they’re looking for, know, half a dozen folks at most on a good day, they need the help of the CIO. And so oftentimes they are two folks that are joined at the hip already and need to be even closer. Yeah.
Jeff Ton [00:31:49]:
Johan, do you see that as well, that in most organizations, the person responsible for, ERM, feels kind of lonely because they don’t have the other members of the C-suite coming to them or building those relationships, or you feel like that lone wolf?
Johan Nystedt [00:32:14]:
A lot of times, yeah. I think it’s a very lonely place to be the enterprise risk management head that is engaged in all this confidential innovation. Best of thoughts may be great, but it doesn’t really matter much unless the E in ERM is widely understood. Right. This is an enterprise approach to risks and opportunities that is the opposite of a siloed approach to risk and opportunities. As far as I can tell, it’s impossible to measure enterprise-wide risks if risks are entirely managed in silos. So if, ERM, by itself is yet another silo, then I’m not sure that the e is very satisfied in ERM. Right. Because for it to really work at its best, for it to flourish, for it to be effective, it really needs to be an enterprise wide type of discipline.
What I’ve seen work pretty well is that when you try to build crisis muscle memory by maybe having kind of mock sessions, mock drills, before the disaster even happens, reality is, disasters are going to hit us from time to time. Some surprises are truly unpredictable, some are predictable, some are truly unpredictable. So what do you do? Well, if it’s a predictable surprise, you can start to prepare and you can try to have certain buffers in place, et cetera. But when you have something really unpredictable happen, it’s always kind of nice to fall back on training.
One of the things I’ve seen work out really well is mock drills. You kind of assume something happens and see how the management acts so that the management can fall back on that drill later on. Not to have to reinvent crisis initiative, taking in a vacuum, and all of a sudden, all the pressure is on. Another thing I’ve seen in M&A, we spoke about M&A a little bit, is when you have, like, A and B teams, you have one team that’s supposed to be favoring an acquisition or divestiture, and then you have the other team actively kind of being the devil’s advocate.
That tends to unveil some important insights sometimes.
Jeff Ton [00:34:45]:
I like the idea of the simulations because the IT leaders that are out there listening to us are used to those. We do those with disaster recovery tests, maybe even some information security cybersecurity tests. So we’re used to doing those tabletop exercises. I love expanding that into more common business issues, business questions. And the A and B team is a great way to do that.
Well, we’ve come to my favorite time in the program, guys, which is when I ask you for some actions that our listeners can do. So, Johan, I’m going to start with you. What are one or two things our listeners should do tomorrow? Because they listened to our conversation today.
Johan Nystedt [00:35:35]:
Yeah, I think the realization, if we can just take that additional step of migrating from enterprise list management to enterprise risk management, where we don’t only identify and prioritize the risks, but actually put in place plans to do something about it and then to communicate it out to both internal and external stakeholders, I think we are creating both brakes and a better engine in the vehicle we’re trying to drive.
Jeff Ton [00:36:10]:
I love that. And I love “go from enterprise list management to enterprise risk management,” because so many times, you’re right. It’s just a list.
Mike, how about you? What are one or two things our listeners should go do tomorrow because they listen to us today?
Mike King [00:36:27]:
Well, I think, first off, with their own teams, I think is a good time to have this kind of a conversation, particularly around things like go/no go decisions. Do we really allow no goes, or is it go or go again? Right. And making sure that as a leadership team, a technical team, we’re giving our teams the space and respect and expectation that there are no goes and there are goes, and making sure even a high-performing organization can always get better. And so having this kind of a conversation, I think, is probably the easiest and most effective thing.
The second is back upstairs. On our leadership team, we have these critical initiatives we’re leading. Do they really have the line of sight, the data they need at the speed that they need to ensure that they can make good decisions? And again, are they just leaning to the high side or are they looking at alternatives? So really looking at that data aspect and what can we do to make it better? You don’t want to show up with, go to work today and have an air hole on the side of your airplane or whatever your airplane needs ton be before you start saying, hey, we could probably use some more data to help us understand. Or we just crashed and burned on another merger because we just went for it.
Because no one really, and I think by doing those, and again, we use what we would call that enterprise list management was the list of future excuses, all the reasons why we could and couldn’t make plan. But those are going to mean anything. The organization needs to be behind it, the leadership team needs to own it. And you got to have the data top, ton, bottom to be able to deliver it. And that’s the job.
Jeff Ton [00:38:27]:
I love all those actions because I think those are all things that we can start taking those steps tomorrow on. I think it’s very actionable. Johan, Mike, thank you so much for spending time with us today and having this conversation here on status go. I really appreciate you carving out the time.
Mike King [00:38:47]:
Great. Thanks, Jeff.
Johan Nystedt [00:38:48]:
Thanks, Johan. Thank you, Michael.
Jeff Ton [00:38:51]:
To our listeners. If you have a question or want to learn more, visit intervision.com. The show notes will provide links and contact information. This is Jeff Tun for Mike King and Johann Nystedt. Thank you very much for listening.
Voice Over – Ben Miller [00:39:09]:
You’ve been listening to the Status Go podcast. You can subscribe on iTunes or get more information at intervision.com. If you’d like to contribute to the conversation, find InterVision on Facebook, LinkedIn or Twitter. Thank you for listening. Until next time.
Knowledge is power
Our experts have compiled research and recommendations to help you better understand threats, protection, and solutions.