The global financial crisis got Honeywell thinking about its approach to identifying, assessing and managing risk. While it had a structure in place, finance began to wonder if it was too strict--inhibiting the company's growth and shareholder value.
"We've got a complex organization, with about 120,000 employees and lots of different business models in the different industries we play in across more than 100 countries," says Kathleen Winters, corporate controller and vice president at Morristown, N.J.-based Honeywell. "Our complex global business activities continuously exposed us to risk. We needed a more comprehensive and integrated framework to pinpoint and analyze these risks to manage them more effectively."
Finance took on the job, developing and implementing a database that is fed answers to questions designed to unearth and analyze data about risks, data that's used to manage aggregate risk across the global organization.
The risk assessment process involves each business unit's operating and finance leadership teams, as well as the heads of functional departments like HR and legal. The teams examine the business impact of political, legal, operational, financial and many other risks, and prioritize each risk.
Although finance (more specifically, Winters) oversees this process, "we believe every employee here owns his or her own areas of risk," she says. "It is part of their job responsibilities to manage risk and identify any gaps in control, and part of our job to give them a structure and tools to do it."
Her group works with business units and functional areas to establish checks and balances to prevent excessive risk-taking. She also works with treasury to evaluate the cash impacts of risk, and with risk management to determine which exposures to transfer to third parties like insurers. "We've been able to demonstrate during the recession that we are a different company," Winters says, "one that is capable of improved business performance by effectively managing risk."