Transitioning to the “new reality”: From crisis reaction to active success

During this time of crisis, leaders from SMEs to large corporates are having to navigate unchartered waters and an unprecedented business landscape. Decisions ranging from the wellbeing of people to business continuity, long-term sustainability, and strategic adjustment of the business model are having to be made quickly for a future fraught with uncertainty. According to Business for South Africa (B4SA), SA’s GDP is expected to decline by between 10% and 17% in 2020 with between a million and four million formal and informal sector jobs at risk.  Entire supply chains are being disrupted and consumer spending will reduce at a rate not seen in a century.

Procursus and Turricula have developed a Covid-19 Business Response Framework that will help your company transition to the new reality in a structured and focused manner, moving from crisis reaction to actively achieving success. The framework provides a roadmap that enables stakeholders in key leadership roles to Act swiftly and pragmatically in response to the crisis, stabilise and Restore business operations, and position your business to Flourish in the post-pandemic new reality.

Act with Urgency

It is necessary to act urgently, with your optimised ‘Crisis Command Centre’ addressing the landscape changing every day with different Government directives, supply chain crises, and evolving clients. You need to continue to activate and adapt your business continuity and crisis management plans and perform robust business impact assessments to determine the critical areas in your business that are being triggered by the crisis. At the same time, stringent health and safety protocols must be implemented to ensure people wellbeing, financial metrics like cash flow and liquidity constantly recalibrated, business operations stabilised, new regulatory compliance requirements identified, and assurance activities repurposed to ensure governance, risk management, and controls are not overlooked or compromised during this time of crisis.

Restore Business Operations

Having stabilised your business, established protocols to manage the organisation through the pandemic, and enhanced your governance and internal controls, your business will be in a position to rapidly transition to the next stage of restoring and optimising operations. Operational capability and supply chains will be rebuilt and reconfigured, pre-existing revenue streams may be recovered or replaced by new revenue streams, and the organisation’s new ways of working reviewed in light of the changes to workspaces and virtualisation. Business solutions and information technology infrastructure, such as cloud computing, will require updating and modernisation, and enhancement of customer-facing digital solutions will need to be accelerated.

Position to Flourish

With the business restored and positioned to exceed pre-pandemic levels and having adapted to a new way of working, your company will be ready to seek out value opportunities and flourish in the new reality. The business model will be refreshed in the context of the strategy and environment, and a more agile operating model adopted. Opportunities arising from the crisis and business disruptions will present themselves and should be seized upon. The supply chain infrastructure must be optimized and opportunities to take costs and friction out of the supply chain and improve its resilience should be identified and acted on. A sustainable growth strategy should evolve, raising opportunities to unlock a competitive advantage in the emerging new reality. The information technology strategy is core to each business and has to be refreshed with data interpretation, machine learning, AI and digital solutions leveraged to improve productivity and to distinguish the company as being agile, able to respond quickly, and at the cutting edge of technology. Assurance must adopt a more agile, risk-based, as well as technology and data driven approach, serving as trusted partners to the business, enabling the organisation to quickly anticipate and respond to existing and emerging risks.

Execution of the Covid-19 Business Response Framework is only as good as the weakest link in the chain, whether it is adapting the business model, digitalising the offering or optimising the supply chain.  Most organisations have been able to weather the first weeks of the crisis by throwing their key resources at the challenges with abandon. Going forward, the organisation’s response framework must be sustainable, pragmatic and mapped holistically, resulting in a winning programme for the business to flourish.


Third-Party Risk Management

Third-Party Risk Management in the Age of Big Data and Advanced Analytics


As organizations continue to grow their business operations with the introduction of new products, additional services, and expansion into new jurisdictions, compliance and legal officers are facing increasing pressures to manage risks from new and existing third-party relationships, some of which can be dangerously complex. This white paper discusses the risk presented by third parties, the components of an effective third-party risk management system, limitations of current third party systems, and finally, how platforms powered by advanced technology solutions such as big data analytics, artificial intelligence, natural language processing, and social network analyses can assist organizations by minimizing expensive outsourced due diligence, streamline data management and decision making and, in turn, achieve effective regulatory compliance.

Strategic Risk Partners

The expectations of governance, risk, and compliance (GRC) activities such as internal audit, risk management, and compliance, from both internal and external stakeholders, have never been greater. ‘Backward-looking’ audit reports, and ‘paper-driven’ risk-assessments and compliance programmes are not always helpful and effective in identifying what is on the horizon.

As the risk profile of businesses evolve to keep pace with various forms of disruption and radical technological change (artificial intelligence is already here), so too would the assurance need and GRC expectations of both the Board and management change. Although much of the work of internal GRC activities would continue to center on assessing and providing assurance on financial, operational, IT, and compliance risks and the internal controls, processes, and programmes in place to mitigate these risks, these activities would also be expected to help the business to anticipate and react quickly to emerging issues.

Big data, technology, and digital innovation will have a fundamental impact on shaping, enabling, and disrupting an organisation’s operations and strategy. Businesses should therefore take a close look at how they can position and leverage their GRC activities to help them identify, anticipate, and react quickly and effectively to the risks arising from these developments. This will require their GRC activities to become more agile, learn new skills, and adopt innovative tools to enhance their capabilities.

The business environment is increasingly fast-paced. Static, backward-looking, and paper-driven risk assessments, audits, and compliance programmes that fail to consider the future (as well as the present) quickly date, and therefore offer less value.

GRC activities should therefore be accepted by management and the Board as ‘strategic risk partners’ to the business, operating alongside and at the speed of the business, and not just as standalone oversight and assurance functions.