Example of consequence types linked to success dimensions

Consequence types linked to unique purpose success dimensions Consequence types linked to ‘other’ success dimensions Consequence types not linked to success dimensions

What to read first: Risk consequences and enterprise success

This table shows possible success dimensions and consequence types for a hypothetical government organisation. The unique purpose of that government organisation is to provide specified services to eligible individuals at government expense.

The consequence types would be expanded with consequence levels, but this article is wholly about the types. The levels are not shown.

Unique purpose success dimensions

Jump to ‘other’ success dimensions Consequence types not linked to success dimensions

Success dimensions

Consequence types

Typical negative consequence

Provide specified services to eligible individuals at government expense

1. Extent to which eligible individuals receive their correct entitlement.

Service not provided to eligible individual.

2. Extent to which services are limited to eligible individuals, and are limited to the legislated entitlement.

Service provided to ineligible individual, or provided in excess of legislated entitlement.

Monitor outcomes from providing the service

3. Ability to demonstrate community benefits beyond the service itself.

Failure to demonstrate real community benefits.
OR
The organisation fails to advise the Government in good time that expected community benefits are not being achieved.

4. Level of evidence that potential unwanted effects of the service provision are limited and acceptable (to the elected Government).

Unwanted effects of service provision, with or without detection and reporting.

Limit unwanted effects from providing the service

5. Extent to which service delivery is designed to minimise unwanted effects.

Avoidable unwanted effects from service delivery (such as disruption of existing successful service providers).

Other success dimensions

Success dimensions

Consequence types

Typical negative consequence

Maintain community confidence in the organisation, and in the government as a whole

6. Level of compliance with sensitive legal requirements, such as privacy guarantees and integrity rules.

Breaches of sensitive legal requirements, e.g. privacy guarantees; actual corruption.

7. Extent to which public profile and communications and support community confidence.

Damage to public profile and credibility.

Keep spending in line with government intentions and legislated approvals

8. Alignment of actual spending with government intentions and expectations.

Overspend without adequate justification and warning.
OR
Inappropriate spending.

9. Containment of spending within legislated approvals.

Over-spend against legislated approval.

Operate efficiently and economically over the long run

10. Whether administrative unit costs are competitive and within justifiable levels.

Administrative unit costs unjustifiably high.

11. Capacity to operate efficiently in future, even if services expand.

Loss of capability to meet future service demands efficiently.

Comply with government-wide policies

12. Extent of compliance with all government-wide policies (citizen privacy, procurement, employment practices, etc.).

Breaches of government-wide policies.

Exemplary record in health and safety

13. Prevention of injuries or illnesses resulting from the organisation’s activities.

Injuries or illnesses resulting from the organisation’s activities.

14. Demonstrated better health and safety practices.

Breaches of health and safety standards.

Example of consequence types not linked to success dimensions

For comparison, here’s an example based on Sobel & Reding, Figure 5.5 (for a commercial organisation). As each consequence type (‘Impact category’) is just one word, the impact levels are also shown.

Impact category

Impact level

Insignificant

Minor

Moderate

Major

Catastrophic

Financial

< $1m

$1m-$10m

$10m-$50m

> $50m

> $1b

Reputation

No noticeable impact.

Modest damage that requires some expenditure of resources to remediate.

Damage that makes it challenging to achieve at least one objective in the short term.

Significant damage that makes it difficult to achieve one or more business objectives.

Irreparable damage that threatens the organisation’s viability.

Safety

Minor injuries that result in no lost time.

Physical harm that may cause short-term absence from the workplace.

Physical harm that may cause extended absence from the workplace.

Life threatening injuries to employees, visitors, or innocent people in the community.

Fatality(ies) of employees, visitors, or innocent people in the community.

The words in this example are taken verbatim from Sobel & Reding. Please be kind to Sobel & Reding by understanding that this table is an example, which does not claim to be fit for real-world application. I know you can see problems in the detail, such as vague adjectives without objective measures, but they are not relevant to the core question in this post. It is more relevant that the three impact categories in the example are meant to be extended, but do not include anything that represents directly the unique purpose of the enterprise, nor any vision of enterprise success. Sobel & Reding do a commendably deep dive into objectives in Chapter 2, but I don’t see the link with the impact table.

Reference

Sobel, Paul and Reding, Kurt (2012) Enterprise risk management: achieving and sustaining success. Altamonte Springs, Florida: Institute of Internal Auditors Research Foundation (IIARF). This book is a major source for the CRMA Study Guide, available from the same IIARF bookstore.

Leave a Reply

Your email address will not be published.

Comments are moderated from a sea of spam, so may not be published immediately. Email contact may get a quicker response.