Every child and vulnerable adult should be as well-protected from sexual abuse and misconduct (SAM) as possible, yet SAM is increasing.  The costs of SAM – reputation, disruption, and financial – are also rising.

Current SAM prevention is based on compliance, where most compliance frameworks are based on four core controls: criminal background checks, SAM-related training, limiting one-to-one interactions, and mandatory reporting of suspicions of SAM.  These controls were a reasonable response to the abuse crisis when it first emerged twenty years ago, and they still contribute to child safety today.   

But it is no coincidence that SAM risk – the combination of the frequency and costs of SAM – is rising, that SAM risk is almost exclusively managed with nothing more than compliance tools, and that the compliance approach hasn’t changed in twenty years.  Any management system must adapt and constantly improve to remain effective, and though SAM risk has changed beyond recognition in twenty years, SAM risk management has hardly changed.

One consequence is that children are not as safe as they should or could be.  Another is that SAM risk now far exceeds the risk-bearing capacity of almost all the people and organizations who cannot avoid SAM risk because of what they do.  The significant and growing gap between SAM risk and how it is managed is the main reason SAM insurance capacity has become inadequate, is diminishing, and its cost is rising. 

We can do better.

Though SAM risk management hasn’t changed in twenty years, risk management best practices have become much more effective.  Compared to organizations managing risk with compliance, organizations using risk management best practices have fewer negative events, their negative events are less damaging, they are more trusted, they are more highly valued, and they meet their objectives more often.

Compliance is necessary because it ensures minimum standards, but minimum standards are far from best practices.  To keep children as safe as possible, and for ethical reasons, every organization should supplement compliance with best practices wherever possible.  Compliance also needs supplementing to protect the people and organizations trying to protect children.  Focused on protecting children, compliance offers no protection to people and organizations for any SAM costs.  With rising SAM risk and the inherent limitations of insurance, this is unsustainable even if insurance availability were not falling. 

BOKRIM has developed BOK (for Body of Knowledge) Risk Management^© – or BRM for short.  BRM is based on the principle that knowledge (data, analysis, expertise, experience, and know-how) is the core resource of risk management because the more you know about a risk, the less risk you have, and the more you know about how to manage the risk, the better you can manage and further reduce it.

In practical terms, data and analysis identify and improve risk management best practices; nurturing expertise, experience, and know-how ensures every organization can use them.

BRM has been designed to achieve two objectives.  BRM:

1. enables any organization to manage SAM risk (reduce the likelihood of SAM and mitigate all its costs) like experts, even if they have no previous risk management experience or existing risk management resources; and
2. measures SAM risk and continuously analyses SAM risk management performance, so SAM risk management best practices are constantly improving.

Please get in touch if you would like to talk about BRM or SAM risk management.