Feeds

Reputational risk

Without reputation, you have no business

  • alert
  • submit to reddit

Security for virtualized datacentres

Business reputation is established by gaining and retaining the confidence and trust of the stakeholders in the business: customers, suppliers and employees, as well as shareholders.

Reputation is gained over time. Sometimes business reputations may be gained over a short period of time but, more frequently, over the longer term by maintaining the trust and confidence of its stakeholders through benign and adverse economic cycles.

Business reputations are hard to win but quickly lost. Loss of confidence by any group of stakeholders can quickly lead to the decline of any enterprise, most strikingly in service businesses such as finance or professional services.

What is reputational risk?

It is a self-evident that reputation is important to any enterprise. Reputation may be an intangible but highly prized asset, often equated with the goodwill of the business. It is seen as a key source of competitive advantage. While the processes and procedures for managing reputational risk may differ, there is general agreement that reputational risk management is supported by "the plans, processes and practices, which engender and sustain the trust of all and each category of corporate stakeholder".

There are, however, contrasting, if not contradictory, views of where reputational risk should be positioned as a role in the business enterprise. For example, compare the following statements:

"Reputational risk is about getting everything else right", which roughly translates as "good reputational risk management is achieved by managing all other risks satisfactorily".

"Reputational risk is the starting point for all risks...if you have no reputation, you have no business," which roughly translates as "the management of all other risks is predicated on good reputational risk management".

How important is reputational risk?

Reputational risk is very important. For the majority of enterprises it is seen as the most critical risk, as reputation is becoming a key source of competitive advantage as products and services become less differentiated.

It is the one risk for which CEOs have direct and individual responsibility, though many other risks have reputational elements embedded in them. In a recent respondent programme on risk management by the Economist Intelligence Unit (EIU), it emerged as the highest ranking priority (52 per cent) above regulatory (41 per cent) and human capital (41 per cent) risks.

Changes in business practices arising from increasing governance, legal and regulatory influences have made companies more vulnerable to reputational damage. Equally, the power and intrusiveness of media and communications industries has intensified the focus on corporate reputations.

How should reputational risk be managed?

While the CEO may be directly responsible for the management of reputational risk, this is normally shared with the Board of Directors, while deploying a number of functions such as corporate communications in its day-to-day operational mode. Again, the recent EIU survey found that 62 per cent of companies interviewed stated that reputational risk was the most difficult risk to manage. Among the major challenges are categorisation and quantification of reputational risk.

There is, however, some consensus on the key elements of managing reputational risk:

  • Prompt and effective communication with all categories of stakeholder - shareholders, employees, customers and suppliers.
  • Strong and consistent enforcement of controls on governance, business and legal compliance.
  • Continuous monitoring of threats to reputation.
  • Ensuring ethical practice throughout the supply chains.
  • Establishment and continual updating of a crisis management plan and establishment of a crisis management team, empowered with specific power and authority.

Loss of reputation is systemic in nature. Once germinated, it is difficult to manage and eradicate and other elements of business begin to suffer. Re-establishing reputation takes a long time. Loss of reputation arises as a reaction to the failure of detailed processes and procedures in risk management, business continuity, consolidation and compliance.

Copyright © 2006, IT-Analysis.com

Security and trust: The backbone of doing business over the internet

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Why Oracle CEO Larry Ellison had to go ... Except he hasn't
Silicon Valley's veteran seadog in piratical Putin impression
Big Content Australia just blew a big hole in its credibility
AHEDA's research on average content prices did not expose methodology, so appears less than rigourous
Bono: Apple will sort out monetising music where the labels failed
Remastered so hard it would be difficult or impossible to master it again
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.