Feet on the Ground

Phil Corbeil and Janet Stein may both work in Calgary – one of the southern Alberta communities hit hard by severe flooding three summers ago – but each saw the devastation from decidedly different points of view.

From his downtown office, Corbeil, manager of risk management and claims for the City of Calgary, would have been able to see the damage out his window; Stein, director of risk management and insurance for the University of Calgary, mere kilometres away, could not see the accumulating loss, but certainly felt its impact.

Janet Stein and Phil Corbeil, RIMS Conference Canada co-chairs

“Phil is down there having to be as resilient as possible… trying to figure out a million things at once about people and buildings; I’m at the other end of this thing, saying, ‘Well, what are we going to do with a thousand people displaced,'” who need to be housed? Stein relays.

For the city, “not only did we have to worry about the damage to civic infrastructure, but it was our own personal offices. We were out of our municipal building for a couple of months. I couldn’t even access my insurance policy because our broker was also evacuated,” Corbeil says. The first office meeting, in fact, took place at “somebody’s kitchen table,” he says.

“You have to be able to move to the issue quickly,” Stein says of unfolding risks. Corbeil wholeheartedly concurs. “You have to be able to think on your feet, there’s no question.”

Despite the long hours, the stress and the need to readjust on the fly, Corbeil and Stein shared another common experience during the flooding. Both went home to areas untouched by loss, populated by those simply carrying on with daily life.

Though odd, there may be a lesson in responding by getting back to normal.

Synonymous with loss, the story of the southern Alberta floods is now being retold to include not just what was lost, but what was found: understanding of the importance of resilience.

It is a message that risk professionals – regardless of location, industry or loss history – are increasingly taking to heart and one that serves as the theme of the RIMS Canada Conference this September in Calgary.

The idea is for the conference to appeal to everyone from newer to very senior risk professionals, offering a wide spectrum of risk topics, Corbeil says. As well, Stein adds, resilience will likely be worked in from a number of perspectives, perhaps including topics like cyber, economic conditions, severe weather and personal issues.

“That whole resilience theme is about more than just a flood or more than just a fire. There are so many pieces to it,” including what can be done within both personal and business lives, says Corbeil, who is serving as conference chair (he was also involved in Calgary’s 1998 and 2006 conferences), along with Stein, who is working as special advisor.

Their involvement in RIMS has been long and fruitful, allowing each to meet many people and to make great contacts. Both Corbeil and Stein have served on the RIMS Canada Council and held positions within SARIMS (southern Alberta) chapter. Corbeil has served as SARIMS president; Stein has been a member of SARIMS and RIMS since 1996 and is currently on the RIMS board.

“I think resiliency is so much a part of risk management because we constantly have to change priorities, perspectives, how we think about things,” Stein says.

STAYING FOCUSED

The focus on resilience is partly by necessity, but there is also a somewhat hopeful element. Perhaps, this is because of increasing buy-in from stakeholders of all stripes and the enhanced role of risk professionals.

Historically, the risk manager’s role was to identify risks, mitigate risks and then “once we got it down to that residual piece, do we insure that risk?” says Corbeil, whose 27 years with the City of Calgary includes working as an adjuster, risk analyst and risk manager before his current post.

“I see changes now where the risk people are being asked more to raise risk,” he says. “You can’t just be the ‘no’ person in your corporation; they’ll stop coming to you for questions. So you really have to understand the risk a little bit better and know that there’s times when you actually have to assume some risk,” Corbeil reports.

Cyber risk is one topic now in the news. With some very high-profile and expensive losses on the books globally, Corbeil notes, the issue has been pushed to the forefront.

“It’s not just an IT guy saying, ‘You know, we don’t have the right firewalls.’ Now, you have chief security officers for companies, as you do chief risk officers, who are reporting directly to the upper echelon of the C-suite,” he relays. “Insurance products are just one way to transfer some of that risk, but far more people are looking at it and understand that it’s a big, big risk for them.”

It is key to consider not just the organization itself, but also suppliers and partners, Stein suggests. “The strings between us, everyone that uses our services and everybody’s services that we use, are many and complicated, and cyber is in all of them, because we all use it to communicate and pass information,” she says of the university.

She also sees as a risk on the radar screen changing technology, including self-driving cars and drones.

“There’s always something new out there being invented and we’re all trying to catch up with what that technology looks like,” says Stein, with the university since 1988 and with its Division of Risk Management, Safety & Security since its inception.

For “somebody who wants to stay at the forefront of identifying risk that affects their businesses,” she says, “you’ve got to be able to think outside that box and see the new stuff coming.”

CHANGING TIMES

Thinking outside the box is something that is becoming expected of risk professionals, who today have an opportunity to become more involved in the decision-making process of companies, organizations and institutions. With regard to cyber risk, for example, Corbeil emphasizes that risk professionals are not security experts; they need to work with the experts.

“We help with the identifying of that risk, we can help with the benchmarking, we can help with looking at worst-case scenarios, and working with the insurance industry for lessons learned that they’ve had from some previous events,” he says.

That approach can be applied whatever the risk may be, with risk professionals supporting, rather than driving, actions, says Stein.

With the higher profile for risk management, there is no shortage of phone calls for risk professionals being asked advice and opinions.

Fine with Stein.”I love being involved in the whole discussion of risk before something happens. It’s so much better to be at the leading end,” she says.

Stein reports that one of the university’s departments has started working on trying to identify and map out its own risk, something she sees as the pinnacle of success.

“If there are departments that have the ability to do it themselves, the better off we all are,” she emphasizes. “It is more work, but we’re hitting it at the front end, rather than at the back end.”

Overall, says Stein, things have changed a lot since she became involved in risk management more than 20 years ago. “I see the words, risk management, in all kinds of things that have nothing to do with the risk professional. I see that conversation going on at the board constantly. What are the risks? What are the top risks? What do we need to manage? How do we make sure that information floods through to us?”

Corbeil agrees. Before, risk professionals numbered one, two or three. “Now every

report that’s written has a risk component, identifying what those risks are and steps to mitigate it.”