CHAPTER 6
Strategic Risk Management at the
LEGO Group
Integrating Strategy and Risk Management
MARK L. FRIGO
Director, Strategic Risk Management Lab, and Ledger & Quill Distinguished Professor of
Strategy and Leadership, DePaul University
HANS LÆSSØE
Senior Director of Strategic Risk Management, LEGO Group
H
ow can organizations manage strategic risks in a volatile and fast-paced business
environment? Many have started focusing their enterprise risk management (ERM)
programs on the critical strategic risks that can make or break a company. This effort is
being driven by requests from boards and other stakeholders and by the realization that a
systematic approach is needed and that it’s highly valuable to include strategic risk
management in ERM and to integrate risk management within the fabric of an
organization.
In this case1 we describe strategic risk management at the LEGO Group, which is based
on an initiative started in late 2006 and led by Hans Læssøe, senior direc- tor of strategic
risk management at LEGO System A/S. It’s also part of the con- tinuing work of the
Strategic Risk Management Lab at DePaul University, which is identifying and
developing leading practices in integrating risk management with strategy development
and strategy execution. This descriptive case provides a great example of integrating risk
management into the strategy development and strategy execution.
ABOUT THE LEGO GROUP
Headquartered in Billund, Denmark, the family owned LEGO Group has 12,500
employees worldwide and is the second-largest toy manufacturer in the world in terms of
sales. Its portfolio, which focuses on LEGO bricks, includes 25 product lines sold in
more than 130 countries. The name of the company is an abbreviation of the two Danish
words leg godt that mean “play well.” The LEGO Group began in 1932 in Denmark,
when Ole Kirk Kristiansen founded a small factory for making
www.it-ebooks.info
93
94 Implementing Enterprise Risk Management
wooden toys. Fifteen years later, he discovered that plastic was the ideal material for toy
production and bought the first injection molding machine in Denmark.
In 1949, the brick adventure started. Over the years, the LEGO Group per- fected the
brick, which is still the basis of the entire game and building system. Though there have
been small adjustments in shape, color, and design from time to time, today’s LEGO
bricks still fit bricks from 1958. The 2,400 different LEGO brick shapes are produced in
plants in Denmark, the Czech Republic, Hungary, and Mexico with the greatest of
precision and subjected to constant controls. There are more than 900 million different
ways of combining six eight-stud bricks of the same color.
THE LEGO GROUP STRATEGY
To understand strategic risk management at the LEGO Group, you need to under- stand
the company’s strategy. This is consistent with the first step in developing strategic risk
management in an organization: to understand the business strategy and the related risks
as described in the strategic risk assessment process.2
The LEGO Group’s mission is “Inspire and develop the builders of tomorrow.” Its vision
is “Inventing the future of play.” To help accomplish them, the company uses a growth
strategy and an innovation strategy.
r Growth strategy. The LEGO Group has chosen a strategy that’s based on a number of
growth drivers. One is to increase its market share in the United States. Many Americans
may think they buy a lot of LEGO products, but they buy only about a third of what
Germans buy, for example. Thus there are potential growth opportunities in the U.S.
market.
The LEGO Group also wants to increase market share in Eastern Europe, where the toy
market is growing very rapidly. In addition, it wants to invest in emerging markets, but
cautiously. The toy industry isn’t the first one to move into new, emerging markets, so
the LEGO Group will invest at appropriate levels and be ready for when those markets do
move. It will also expand direct-to-consumer activities (sales through LEGO-owned retail
stores), online sales, and online activities (such as online games for
r
children). Innovation strategy. On the product side, the LEGO Group focuses on creat-
ing innovative new products from concepts developed under the title “Obvi- ously
LEGO, never seen before.” The company plans to come up with such concepts every two
to three years. One of the latest examples is LEGO Games System, which consists of
family board games (a new way of playing with LEGO bricks) with a LEGO attitude of
changeability (obviously LEGO). The company also intends to expand LEGO Education,
its division that works with schools and kindergartens. And it will develop its digital
business as the difference between the physical world and the digital world becomes
more and more blurred and less and less relevant for children.
Now let’s look at the development of LEGO strategic risk management.
www.it-ebooks.info
STRATEGIC RISK MANAGEMENT AT THE LEGO GROUP 95
3
4 12 Active Risk &
Preparing for
Opportunity
Management Simulations
Enterprise Risk Monte Carlo Uncertainty
Planning (AROP)
Exhibit 6.1 Four Elements of Risk Management at the LEGO Group LEGO
STRATEGIC RISK MANAGEMENT
The LEGO Group developed risk management in four steps (numbered in the order in
which the steps were initiated) as shown in Exhibit 6.1:
r Step 1. Enterprise risk management was traditional ERM in which financial,
operational, hazard, and other risks were later supplemented by explicit
r
handling of strategic risks. Step 2. Monte Carlo simulations were added in 2008 to
understand the finan- cial performance volatility (which proved to be significant) and the
drivers behind it to integrate risk management into the budgeting and reporting processes.
During the past two years the use of Monte Carlo simulations was refined, as described
later in this chapter.
Those two steps were seen mostly as damage control. To get ahead of the deci- sion
process and have risk awareness impact future decisions as well, LEGO risk management
added:
r Step 3. Active risk and opportunity planning (AROP), where business projects go
through a systematic risk and opportunity process as part of preparing
r
the business case before final decisions about the projects are made. Step 4. Preparing
for uncertainty, where management tries to ensure that long- term strategies are relevant
for and resilient to future changes that may very well differ from those planned for.
Scenarios help them envision a set of different yet plausible futures to test the strategy for
resilience and relevance.
These last two steps were designed to move upstream—or get involved earlier in strategy
development and the strategic planning and implementation process.
Strategic Risk Management Lab Commentary
This four-step approach is a good illustration of how organizations can develop their risk
management capabilities and processes in incremental steps. It represents an example of
how to evolve beyond traditional ERM and integrate risk manage- ment into the strategic
decision making of an organization. This approach positions risk management as a valuecreating element of the strategic decision-making pro- cess and the strategy-execution
process.
In our research on high-performing companies, we’ve found that the LEGO Group, like
those companies, achieves sustainable high performance and creates
www.it-ebooks.info
96 Implementing Enterprise Risk Management
stakeholder value by consistently executing the strategic activities in the Return- Driven
Strategy framework (for example, the focus on innovating its offerings toward changing
customer needs) while co-creating value through its engagement platforms—that is, the
online community, including its My LEGO Network, which engages more than 400
million people and helps its product development process; see Venkat Ramaswamy and
Francis Gouillart, The Power of Co-Creation (Free Press 2010). Its strategic risk
management processes incorporate distinct elements of co- creation by engaging its
employees (internal stakeholders) throughout the strate- gic decision-making, planning,
and execution processes, as well as engaging exter- nal stakeholders (suppliers, partners,
customers). The LEGO Group’s approach is a good example of how an organization can
engage stakeholders in co-creating strategic risk/return management (see Mark L. Frigo
and Venkat Ramaswamy, “Co-Creating Strategic Risk-Return Management,” Strategic
Finance, May 2009).3
ENTERPRISE RISK MANAGEMENT (STEP 1)
The evolution of ERM toward strategic risk management is represented in Exhibit 6.2.
Strategic risk was missing from the ERM portfolio until 2006.
To fix this, based on his then 25 years of LEGO experience and a request from the CFO,
Hans Læssøe started looking at strategic risk management. “I was a cor- porate strategic
controller who had never heard the term until then,” he says. The company had embedded
risk management in its processes. Operational risk—minor disruptions—was handled by
planning and production. Employee health and safety was OHSAS 18001 certified.
Hazards were managed through explicit insurance pro- grams in close collaboration with
the company’s partners (insurance companies and brokers). Information technology (IT)
security risk was a defined functional area. Financial risk covered currencies and energy
hedging as well as credit risks. And legal was actively pursuing trademark violations as
well as document and contract management. But strategic risks weren’t handled
explicitly or systematically, so the CFO charged Hans with ensuring they would be from
then on. This became a full- time position in 2007, and Hans added one employee in 2009
and another in 2011.
Exhibit 6.2
The LEGO ERM Umbrella: Adding Strategic Risk
Legal
Financial
ERM
IT Security
Employee Safety
Hazard
Strategic
(added 2006)
Operational
www.it-ebooks.info
STRATEGIC RISK MANAGEMENT AT THE LEGO GROUP 97 Strategic
Management Lab Commentary
Risk
The 2006 situation is common. Even though strategic risks need to be integrated with risk
management, many organizations don’t explicitly assess and manage strategic risks
within strategic decision-making processes and strategy execution. A recent study by the
Corporate Executive Board found that strategic risks have the greatest negative impact on
enterprise value: “strategic risk caused 68 per- cent of severe market capitalization
declines.”4 But the LEGO Group’s approach shows how strategic risk management can
be a key to increasing the value of ERM within an organization. It also shows how
executive leadership from the CFO played an important role in the evolution of ERM as a
valuable management process. Finally, Hans came from the business side and had the
attributes neces- sary to lead the initiative: broad knowledge of the business and its core
strategies, strong relationships with directors and executive management, strong communication and facilitation skills, knowledge of the organization’s risks, and broad
acceptance and credibility across the organization. (For more, see Mark L. Frigo and
Richard J. Anderson, Embracing ERM: Practical Approaches for Getting Started, at
www.coso.org/guidance.htm, p. 4.)
Also, the risk owner concept at LEGO provides a good example of the impor- tance of
understanding who owns the risks as well as defining the role of risk man- agement in the
organization. The idea of “risk owners” was important to ensure action and
accountability. Hans’s charge was to develop strategic risk management and make sure
the LEGO Group had processes and capabilities in place to do this. But as senior director
of strategic risk management, Hans doesn’t own the risk. He can’t own the risk, because
this essentially would mean he would own the strategy, and each line of business owns
the pertinent strategic risks. Hans trains, leads, and drives line management to apply a
systematic process to deal with risk. The mis- sion of Hans’s strategic risk management
team is to “drive conscious choices.” This is just like budgeting functions: They don’t
earn the money or spend the money, but they support management to deliver on the
budget or compare performance against the budget.
MONTE CARLO SIMULATION (STEP 2)
In 2008, Hans introduced Monte Carlo simulation into the process. A mathemati- cian by
education (MSc in engineering), he started defining how Monte Carlo simulation could
be used in risk management. Now it’s being used for three areas:
1. Budget simulation. The business controllers were asked for their input about volatility,
which is combined with analyses based on past performance of budget accuracy.
Managers said this helped them understand the financial volatility, so it was part of the
financial and budget reporting in 2012. In fact, the first analyses directed top
management’s attention to a sales volatility that was known but that proved to be much
more significant than every- one intuitively believed. During the past two years, this
approach has been refined as described by Hans: “We actually stopped this. It was found
that
www.it-ebooks.info
98
Implementing Enterprise Risk Management
the volatility of the business is so significant that we have stopped budget- ing altogether,
as the process took a lot of effort—too little value as con- ditions changed. Today (2014)
we use an estimate process where a small team of lead controllers defines a preliminary
estimate for board of direc- tors discussions. In March (each year) we do a detailed
estimate on which we base KPIs, targets, bonus criteria, et cetera. Monthly, we then
update the estimate, and hence our financial planning process is more dynamic . . . and
we do not need the budget simulation anymore.”
2. Credit risk portfolio. The LEGO Group uses a similar approach to look at its credit risk
portfolio so it can have a more professional conversation with a credit risk insurance
partner.
3. Consolidation of risk exposure. You could multiply the probability and impact of each
risk and add the whole thing up. Risk management isn’t about aver- ages (if it were, no
one would take out an insurance policy on anything). With a Monte Carlo simulation, the
LEGO Group can calculate the 3 percent worst-case loss compared to budget and use that
to define risk appetite and risk report exposure vis-a`-vis this risk appetite, as shown in
Exhibit 6.3.
Risk Tolerance
As a privately held company, the LEGO Group can’t look at stock values, so it looks at
the amount of earnings the company is likely to lose compared to budget if the worst-case
combined scenarios happen. Not all risks will materialize in any one year, because some
of them are mutually exclusive; but a huge number may happen in any one year, as we
have seen during the global financial crisis. Hans
Net EaR
Company Risk Exposure (Gross and Net) Gross
Effect of mitigation
Exhibit 6.3 Monte Carlo Simulations and Risk Appetite at the LEGO Group
EaR
www.it-ebooks.info
3% of simulations
STRATEGIC RISK MANAGEMENT AT THE LEGO GROUP 99
computes a net earnings at risk (EaR), and corporate management and later the board of
directors use that net earnings at risk to define their risk tolerance. They have said that the
3 percent worst-case loss may not exceed a certain percentage of the planned earnings
(the percentage is not 100). That guides management toward understanding and sizing the
risk exposure. This process has helped the LEGO Group take more risks and be more
aggressive than it otherwise would have dared to be, and to grow faster than it otherwise
could have done.
Strategic Risk Management Lab Commentary
Risk tolerance is a difficult area for organizations to address. The approach used at the
LEGO Group provides a good example of deriving risk tolerance (the term LEGO uses
rather than risk appetite) in an actionable and systematic way. It also shows an approach
that fosters intelligent risk taking and that avoids being too risk averse while maintaining
discipline on the amount of risk undertaken. Hans has actually had cases where he
recommended taking on more risks to meet elusive targets. He uses an analogy to
communicate the idea of taking risks and not being too risk averse: “I used the (very
normal) traffic picture . . . ‘Guys, you are getting late for the party, yet you are still
cruising at 40 mph on the highway. Why not speed up to the 70 mph you are allowed to
drive—if that will more likely take you to the party in time?’”
What we’ve discussed so far is more or less damage control because it’s about managing
risks already taken by approving strategies and initiating busi- ness projects. Hans
decided he wanted to move beyond damage control and be more proactive so he could
create real value as a risk manager. He came up with a process he calls active risk and
opportunity planning (AROP) for business projects.
AROP: ACTIVE RISK ASSESSMENT OF BUSINESS
PROJECTS (STEP 3)
When the LEGO organization implements business projects of a defined minimum size
or level of complexity, it’s mandatory that the business case includes an explicit
definition and method of handling both risks and opportunities. Hans says that the LEGO
Group has created a supporting tool (a spreadsheet) with which to do this, and it differs
from the former approach to project risk management in several areas. Hans has the
following to say on each:
r Identification, “where we call upon more stakeholders, look at opportunities as well as
risks, and look at risks both to the project and from the project (i.e.,
r
potential project impact on the entire business system).” Assessment, “where we define
explicit scales and agree what ‘high’ means to avoid different people agreeing on an
impact being high without having a
r
shared understanding of the exposure.” Handling, “where we systematically assign risk
owners to ensure action and accountability and include the use of early warning
indicators, where these are relevant.”
www.it-ebooks.info
100
Implementing Enterprise Risk Management
r
rr
Reassessment, “where we explicitly define the net risk exposure to ensure that we have
an exposure we know we can accept, the reason being that we have seen people ignore
this step, and hence do too much or too little to a particular risk; here, we ask them to
deliberately address whether or not they can and will accept the residual risk—and know
what it is they accept. From time to time we see the individual risks being accepted, but
then, when we do the Monte Carlo simulation on the project (yes, we use it here as well),
we see that the likelihood of meeting the target is still too low—and more risk mitigation
or opportunity pursuit is called for and included in the project.” Follow-up, “where we
keep the risk portfolio of the project updated for gate and milestone sessions.”
Reporting, “which is done automatically and fully standardized based on the data.”
Common Language and Common Framework
The most important point is that the people who address and work with risks get a
systematic approach so they can use the same approach from Project A for Project B. The
one element that project managers really like is having the data in a database. They don’t
receive just a spreadsheet model. Data are entered into the spreadsheet as a database, and
all the required reporting on risk management is collected from that data, so project
managers don’t have to develop a report—they can just cut and paste from one of the
three reporting sheets that are embedded in the tool. All the reports are standardized.
That’s good for the project managers, but it’s also good for the people on the steering
committees because they now receive a standardized report on risks. They don’t have a
change between layouts of probability/impact risk maps or somebody comes up with
severity or whatever from project to project. Everyone has the same kind of formula, the
same way of doing it.
Strategic Risk Management Lab Commentary
The AROP process is a great example of integrating risk assessment in terms of upside
and downside risks in the strategic decision-making process. This balanced approach to
strategic risk management allows organizations to create more stake- holder value while
intelligently managing risk.
PREPARING FOR UNCERTAINTY: DEFINING AND
TESTING STRATEGIES (STEP 4)
To get further ahead in the decision process, the LEGO Group has added a system- atic
approach to defining and testing strategies. As Hans notes, “We are going one step
further upstream in the decision process with what we call ‘Prepare for Uncer- tainty.’
This is a strategy process, and we’re looking at the trends of the world. The industry is
moving; the world is moving quite rapidly. I just saw a presentation that indicated that the
changes the world will see between 2010 and 2020 will be somewhere between 10 and 80
times the changes the world saw in the twentieth century, compressed into a decade.”
www.it-ebooks.info
STRATEGIC RISK MANAGEMENT AT THE LEGO GROUP 101
He offers the following story to illustrate the forces of change the company is facing:
“My seven-year-old granddaughter came to me and asked, ‘Granddad, why do you have a
wire on your phone?’ She didn’t understand that. She’d never seen a wire on a phone
before. We need to address that level of change and do it proactively.”
Four Strategic Scenarios
A group of insightful staff people (Hans and a few from the Consumer Insight function)
defined a set of four strategic scenarios based on the well-documented megatrends
defined by the World Economic Forum in 2008 for the Davos meetings. Hans
commented:
“We presented and discussed these with senior management in 2009, prior to their
definition of 2015 strategies, to support that they would look at the poten- tial world of
2015 when defining strategies and not just extrapolate present-day conditions.
“Having done that, we then prepared to revisit each key strategy vis-a`-vis all four
scenarios to identify issues (i.e., risks and opportunities) for that particular strategy if the
world looks like this particular scenario.
“This list of issues is then addressed via a PAPA model whereby a strategic response is
defined and embedded in the strategy.
“This way, we believe that we have reasonably ensured our strategies will be relevant
if/when the world changes in other ways than we originally planned for.” During the past
two years, LEGO refined the process and used it actively, the reason being that the
original scenarios did in fact not lead to much explicit action. Today a scenario session is
a five-hour workshop where participants focus on one particular strategy (e.g., market
entry in China). The workshop is with the management team that owns the strategy and its implementation.
r The first hour they discuss and agree on two key drivers of uncertainty to their strategy
(the axes of the 2 × 2 scenarios). Hans’s team comes with a battery of potential drivers—
and they (after some discussion) end up with
r
two—leading to four quadrants of a 2 × 2 matrix. The next two hours the team
describes the four quadrants one at a time. First, they individually use Post-it notes to
write down descriptive elements or key success factors for the scenario (the Post-it
session is to avoid groupthink). Then they share their descriptions and discuss their way
into a reasonably
r
consistent image of that scenario, before they move on to the next. The fourth hour is
used to define strategic issues—again Post-it notes and sharing. Here they are diligently
coached to be aware that any issue may be an opportunity (if they choose to pursue this in
time). If they do not pursue this, it may become a risk, and if they still don’t do anything
and the risk materializes, it becomes a problem. The sharing process includes a prioriti-
r
zation discussion in LEGO’s PAPA model (see later in this chapter). The last hour
focuses first and foremost on actions to be taken. The team discusses and agrees on
explicitly “who is doing what by when” to ensure action on the issues that the team
members have themselves decided are important, likely, and fast moving.
www.it-ebooks.info
102 Implementing Enterprise Risk Management
The role of Hans’s team is to coach the process, including asking provocative questions
and ensuring that team members get out of their comfort zone (where the real world is).
The process is mandatory for business planning and strategy definition, and in 2013
Hans’s team was involved with doing 25 of these workshop sessions as the company
business plans were to be updated. Subsequently it was documented that 75 percent of
these business plans had taken on explicit actions on issues they had not seen prior to the
session—hence the value.
Hans explains, “Once we have decided on the strategy and defined what we’re going to
do, we test the strategy for resilience. We very simply take that particular strategy and,
together with the strategy owner, discuss: If this scenario happens, what will happen to
the strategy? Some of these issues will be highly probable, and some of them will be less
probable. Some of them will happen very fast; some others will happen very slowly. This
is where the PAPA model comes in.”
THE PAPA MODEL
When looking at the issues inspired by the scenarios, the LEGO Group uses what it calls
a Park, Adapt, Prepare, Act (PAPA) model, as shown in Exhibit 6.4. Hans explains:
r Park: “The slow things that have a low probability of happening, we park. We do not
r
forget about them.”
Adapt: “The slow things that we know will happen or are highly likely to happen, we
adapt to those trends. In our case, this is a lot around demo- graphics. We know
children’s play is changing, we know demographics are changing, and we know the
buying power between the different realms or the different parts of the world is changing.
Although we know chil- dren’s play is changing, we also know it does not happen fast.
So we adjust, systematically monitoring what direction it’s moving in and following that
r
trend.” Prepare: “The things that have a low probability of happening, but, if they do,
they materialize fast, we need to be prepared for this. In fact, this is where
Exhibit 6.4
LEGO’s PAPA Model
Overall Strategic Response
Prepare Act
Park
Low
Adapt
High
Likelihood
www.it-ebooks.info
Speed of Change Slow Fast
STRATEGIC RISK MANAGEMENT AT THE LEGO GROUP 103
we identify most of the risks that we need to put into our ERM risk database, make sure
that we have contingency plans for them, and apply early warn- ings and whatever
mitigation we can put in place to make sure that we can
r
cover these should they materialize, but they are not expected to.” Act: “Finally, we
have the high-probability and fast-moving things that we need to act on now in order to
make sure the strategy will be relevant. In our case, anything that has to do with the
concept of connectivity (i.e., mobile phones, Internet, that world)—if we can see it, we
move on it. We know that it is changing so fast, and it’s changing the way kids play. It’s
changing their concepts and their view of the world.”
Hans concludes, “This way, we have a kind of model of what we do, because we
shouldn’t, of course, be betting on every horse in the race. That’s not profitable, and it
isn’t even doable.”
Strategic Risk Management Lab Commentary
One of the challenges of risk management is to find ways to prioritize risks that make
business sense. The PAPA model provides a good example of a framework that can
prioritize risks and set the stage for the appropriate actions. Our research on highperformance companies (see Mark L. Frigo, “Return Driven: Lessons from High
Performance Companies,” and the book Driven: Business Strategy, Human Actions, and
the Creation of Wealth by Mark L. Frigo and Joel Litman) found that companies that
demonstrate sustainable high performance exhibit a “vigilance to forces of change” that
allows them to manage the threats and opportunities in the uncertainties and changes
better than other companies do.5 The approach used at LEGO is a great example of
embedding this vigilance to forces of change in its strat- egy development and strategy
execution processes. The scenario analysis approach used at LEGO provides an
engagement platform for engaging stakeholders in the risk management process.6
STATEGIC RISK MANAGEMENT RETURN ON
INVESTMENT
A great deal has happened in the LEGO Group’s approach to risk management based on
strong support from top management (always needed to develop pro- cesses and
methodologies) and a strong focus. They have demonstrated value from the efforts
they’ve made. They also have explicitly embedded risk management in most of the key
planning processes used to run the company:
r The Strategic Scenarios used in business planning r The LEGO Development
Process—includes Monte Carlo simulation of over- all project risk/opportunity
r
exposure
r
The Customer Business Planning Process—AROP in collaboration
Sales and Operations Planning Process—tactical scenarios
r
The
The Performance Management Process—bonuses based on results, not efforts
www.it-ebooks.info
104 Implementing Enterprise Risk Management
“All of this has worked,” Hans says. “Based on actual data, we have had a 20 percent
average growth from the period between 2006 and 2010 in a market that barely grows 2
percent and 3 percent a year. It has continued so 2006 to 2012 has a cumulative annual
growth rate of 20 percent, leading to a tripling of the size of the company based on
official public data. Beyond that, our profitability has developed quite significantly as
well. We’ve grown from a 17 percent return on sales in 2006 to 34 percent return on sales
in 2012. And it goes beyond that. If you go back a couple more years, in 2004 we were in
dire straits and had a negative return on sales of 15 percent. We changed a number of
strategies.
“Risk management is not the driver of these changes,” Hans continues. “I’m not even
sure it’s a big part. But it’s one part. It’s a part that has allowed us to take bigger risks and
make bigger investments than we otherwise would have seen. The Monte Carlo
simulation has shown us what the uncertainty is and was a key element of changing the
financial planning process to a more dynamic estimation approach. The risk tolerance has
shown us how much risk we are prepared to take, between the board of directors and the
corporate management team. This has meant that we have been prepared to make bigger
supply chain investments than we otherwise would have done and have been able to
achieve bigger growth than we ever imagined we could have.”
Strategic Risk Management Lab Commentary
The development of strategic risk management at the LEGO Group provides a great
example of how organizations can develop their ERM programs to incorpo- rate strategic
risk and make strategic risk management a discipline and core com- petency within. One
of the key elements was integration. During discussions with LEGO management, when
Hans was asked about the ongoing development of risk management at the LEGO Group,
he replied that it was “naturally integrated.” It is this integration of risk management in
strategy and strategy execution, and the integration of strategy in risk management, that
can elevate the value of ERM in an organization.
CONCLUSION
We want to emphasize that risk management is not about risk aversion. If, or rather when,
you want or need to take bigger chances than your competitors— and get away with it
(succeed)—you need to be better prepared. The fastest race cars in the world have the
best brakes and the best steering to enable them to be driven faster, not slower. Risk
management should enable organizations to take the risks necessary to grow and create
value. To quote racing legend Mario Andretti: “If everything’s under control, you’re
going too slow.” The approach and philoso- phy described in this case are reflected in the
mission of the strategic risk manage- ment team at the LEGO Group to “drive conscious
choices.”
Purchase answer to see full
attachment