GRC Software - Managing Workforce Risk with Business Intelligence

21st Century business intelligence technology has the power to identify the differences between short-sighted decisions and effective enterprise management practices. The pressures brought on by uncertain economic times can cause painful budget adjustments. Companies, looking to downsize, must be prepared to document the reasons for intelligent staffing decisions. Good Governance demands that corporations seeking to reduce staff size must apply management due diligence frameworks to reduce the possibilities of successful lawsuits against them and to have the best chance to sustain excellent performance. Assembling the proper risk management documentation and aligning the proper organizational responsibilities are critical to managing a successful path. A well prepared Management Team will have an effective ERM Program that demonstrates effective workforce management practices in five areas: 1. Risk Monitoring of Staffing Impact Metrics 2. Top-Down Assessment of Workflow Risk Exposures 3. Staffing Census Documentation Analysis 4. Management oversight of Risk Identification Accountability 5. On-going employee communication of risk control responsibilities 1. Risk Monitoring of Staffing Impact Metrics Staff reduction decisions in the past often were executed through expedient top-down directives to reduce expense metrics. Three common practices were: 1) Hiring Freezes 2) Across-the board percentage reductions 3) Eliminating management positions. These decisions achieved short-term budget realignment, but they needlessly increased the risk to the business because of inadequate human capital impact analysis. This Business Intelligence report shows an example of staffing impact analysis. The ratio of Income to Staffing levels is one of the metrics that industry analysts monitor to assess competitiveness and evaluate management practices. This metric is a trigger for action to preserve the core value of the business. The new SAS 109 accounting standard expects financial statement auditors to identify whether inadequate or under qualified staffing levels may lead to operational errors, fraud and regulatory fines that can have a long-term impact on business reputation and affect the market value of the business. For Public companies, the financial impact of each of these risks can be quantified in 10k’s by industry analysts and management’s failure to adequately mitigate will likely lead to lower valuations. 2. Top-Down Assessment of Workflow Risk Exposures For Public companies, Workflow Process Risk Assessment documentation is created using the Public Company Accounting Oversight Board (PCAOB) Sarbanes – Oxley AS 5 guidelines to identify factors that affect audit testing decisions. As part of this process, companies are not only finding out what controls are being performed, how they are being performed and who performs them. Furthermore, the SEC through AS-5, has encouraged companies to weight and prioritize their risks. If done properly by capturing information in the proper framework, this work can be used for the additional purpose of staffing analysis... Specifically, two of the risk factors that are universally identified are the degree of change in staff performing internal controls and the degree of competence to perform risk controls. PCOAB – SEC RISK EVALUATION FACTORS This Top-down Risk Assessment analysis chart identifies areas for deeper review of performance responsibilities. In this example, there is a high degree of risk (H) in the intersection of the Client Credit Review and the Degree of Competence required. Business Intelligence process analysis reports on the next page show the Relationship Manager Position is performing these activities with manual controls. After confirming that Medium and High risk activities are identified, it is vital to marry this understanding with controls enhancements to mitigate the impact of any proposed staff reduction plans. Staff reductions in positions that perform manual controls are the activities that are most susceptible to risks. These are the areas in the workflow where functional leaders need to confirm that there are adequate staffing levels and skill competencies to perform forecasted transaction volume levels. The chart below shows the risks that have been identified and risk mitigation plans are in place. High staff turnover positions are focal points for I/T discussions of System investments to improve automation of preventative and detective controls that can reduce operational risks associated with staffing changes. 3. Staffing Census Documentation Analysis Staffing Census information is maintained by all companies who have Workers Compensation insurance to show the employee population in age and length of service brackets that are used to test premium accuracy. When Business Intelligence analysis is applied to this data it can be used as a foundation to present workforce risks and Human Capital management programs to the Human Resources and Compensation Committee of the Board. The chart below is an example of a Staffing Census Analysis for the total of active employees. This information is used as the starting point for “drilling-down” and assessing staffing capacity analysis for different job levels and occupational work functions in the organization, especially where positions are under consideration for downsizing. In addition, if there are significant numbers of employees in key positions who are approaching retirement, plans to mitigate the loss of their knowledge and skills needs to be reported to the Board. In the performance analysis example below, the North Division has filtered its census analysis on the work function for branch employees. Each point in the chart leads to Human Resources management decisions for training and staffing changes that will reduce performance risks. review performance for specific Positions. Drill-to-detail reports The Census review of terminated employees frames Human Capital analysis of staffing losses and replacement costs. The chart below leads to the evaluation of investments in hiring expense, training and benefit costs to maintain desired staffing levels. The Board has a corporate governance responsibility for assessing how staffing changes affect human capital valuation. Human capital asset analysis weights base salary and bonus expense by the hiring costs, training, office space requirements and benefits of employees. This analysis is prepared to assess external competitiveness in securing and retaining qualified employees for each major work function in the business plan. Staffing Census review is the factual foundation for leaders in Finance, Sales, Operations, I/T and other key functions to explain how workflow processes in their respective organizations are affected by retirements, terminations and staffing decisions. Senior Management has an obligation to present a staffing census analysis of terminated employees to the Board. When the Board understands the risks associated with downsizing, it is only then fully in a position to approve staffing plans from a Human Capital impact perspective. 4. Management Oversight of Risk Identification Accountability Business Intelligence analysis enables senior management and the Board to confirm that staffing plans have been reviewed and tested to reduce risks. The checklist below shows the drill-to-detail questions that should be examined and documented by the appropriate management leader. Each area in the check list leads to identifying how risk issues are being managed to reduce potential losses at specific points in the organization. The net result is that senior management is prepared to move business intelligence-based staffing plans forward with an aligned management team working with a common set of BI facts. Corporate governance check list of organization staffing plans review Activity All organization chart positions are documented Risk events have been identified that apply to position performance risks and results Risk Control activities have been assessed for high turnover positions General Ledger and related financial controls have been confirmed for terminated employees’ positions System Application access changes have been assessed for terminated employees Positions Manual controls gaps have been identified for processes where there are changes in staffing Regulatory Requirements impact has been assessed for terminated employees’ positions Policy Standards impact has been assessed for terminated employees’ positions Complete Management Accountability Human Resources Officer Chief Risk Officer Internal Auditor Chief Financial Officer Chief Information Officer Internal Auditor Chief Compliance Officer General Counsel 5. On-going Communication of Risk Management Responsibilities Risk Controls Position Reports can be generated from internal controls data to assure that risk assessment is imbedded in organization culture and employee communication practices. A BI-based Risk Control Position report supplements job description documentation at the points of greatest workflow processing vulnerability. It serves as an outline for managers’ discussions of Risk Control responsibilities with individual employees. This process closes the risk management loop to confirm there is effective management communication at key points in the organization. Position Documentation Complete Manager Communication with Employees Risk Management Goals Risk Control Activities General Ledger Account Impact System Application Access Controls Documentation Regulatory Standards Policy Standards Risk events and notification alert reporting thresholds are discussed Risk management responsibilities and control methods are discussed and evaluated General Ledger Account access and Segregation of Duties are confirmed I/T Application access rights are confirmed for work responsibilities Information requirements are confirmed for risk control responsibilities Controls activities for regulatory standards are confirmed Controls activities for regulatory standards are confirmed Each approved Position in the annual Staffing Plan should be backed by senior manager sign-off on Table of Organization documentation. This collective business intelligence report of all position responsibilities for risk monitoring and corresponding internal controls provides an integrated guide for enterprise risk management decision making and corporate governance. Conclusion Companies that have been making smart staffing decisions already have been collecting much of the information they need for effective corporate governance. What most have not done is to organize the information into an analytic framework structured for Enterprise Risk Management that aligns policies and programs with readily available business intelligence analysis tools. If done properly, the results highlight the cost-effective management of risk. When each piece of the staffing evaluation information is assigned to its proper place in a consolidated ERM Framework, the visibility that results gives senior management and the Board of Directors the ability to make the proper decisions and the confidence that they have fulfilled their fiduciary responsibilities for due diligence. This effort demonstrates good Corporate Governance. About The Author Dr. Richard Connelly focuses on driving high-value advisory services for the design and development of risk and performance management business intelligence systems, most notably with the Bank of New York. There, he helps guide the strategic application of business intelligence by extracting risk analysis information from daily securities transactions, and channeling key controls information to the desktops of responsible managers around the world. Connelly's career includes over 25 years of experience in planning and organizing business operations. Prior to co-founding BI International, he was a Senior Vice President of the Hay Group, and was responsible for leading the firm's strategy implementation consulting practice in the financial services industry sector. This included merger and acquisition implementation for banks, thrift institutions, and insurance companies. Assignments included work with the Federal Home Loan Bank Board, the (Resolution Trust Corporation), and the Saudi Arabian Monetary Authority (SAMA). Before the Hay Group, Connelly served at CIGNA/INA. There, he was INA Corporate Director for Organization Planning/Management Development and Vice President of Planning for CIGNA's Wholesale Insurance Group. Connelly was responsible for wholesale insurance business strategic planning, which included streamlining special risk, excess and surplus, and group insurance relationships with major global and national corporate relationships. Prior to that, he served as Group Executive for Human Resources in the Operations/Data Processing Division of Chase Manhattan Bank. His responsibilities included planning and implementing organization change to accommodate the introduction of new services and new computer systems that re-defined the conduct of commercial banking. Connelly is also the principal author of “The Multidimensional Manager: 24 Ways to Impact Your Bottom Line in 90 Days” and “The Multidimensional Organization” Connelly received a bachelor’s degree in International Relations from the University of Notre Dame. He holds a doctorate in organizational communications and management information systems from Michigan State University.