Interaction of ERM and Strategic Planning Articles

  • Using Collaboration Risk Management to Recognize Emerging Risks

    March 01, 2013

    PricewaterhouseCooper recently published a research paper on systemic risk trends. The authors of the paper shed light on the many issues related to the risk mitigation capabilities of businesses for minimizing the effect of systemic, or emerging, risk. As a result, they also found the similarities of strategies that successful companies use to thrive through major adverse events. The authors proffer that companies must integrate emerging risk management strategies into overall business strategies as well as considering collaborating with important partners to share risk information. The more companies anticipate and allocate resources to mitigating emerging risks, the better position they will be to capitalize on emerging upside risk.

  • Strengthening the Role of the Chief Risk Officer in an Organization

    February 13, 2013

    The role of chief risk officer (CRO) has been put under a microscope to understand methods and key success factors that can enhance the role. Organizations now, more than ever before, are appointing CROs to improve their risk function and better manage potential risks that could impede their strategy. To achieve that, the CRO must be placed in a position that is fundamental as well as instrumental in the decision-making and strategy-setting process. A recent Protiviti white paper provides six key critical success factors that organizations should be aware of and promote to ensure that their organization is in a better risk management position than in the past.

  • Making the Connection Between Strategy-setting and Risk

    December 21, 2012

    Organizations invest a great deal of effort in developing and executing their business strategies. Even so, winning business models are all-too-often subject to catastrophic failures in the blink of an eye. Didn’t these companies see trouble coming? The answer: probably not, but only because executive managers did not think hard enough about risk during the strategy-setting process. This white paper from Protiviti Inc. explores the concept of strategic risk and provides an approach for incorporating risk assessment into the process of strategy-setting. By combining these processes, managers will be better equipped to make decisions for their organizations now and in the unknown future.

  • Managing the Risk of Disruptive Innovation

    December 01, 2012

    Organizations often find themselves surprised by a competitor’s announcement of a new innovation. Such announcements can be hugely disruptive, and they hit the competitive environment in many forms, such as a new revolutionary business model, a completely new technology, or a new spin on an existing product or service. A December 2012 article in Harvard Business Review discusses the threat of disruptive innovation. A new product offering or a novel business model from a competitor is enough to upend any existing business and change the face of a particular market indefinitely. However, organizations can manage the risk of disruptive innovations by being proactive in regards to evaluating their own business models and those of competitors. In this HBR article, Wessel and Christensen present their approach for assessing and strategically managing the risk of disruption.

  • S&P’s Management and Governance Rating Criteria - 2012

    November 13, 2012

    NEW YORK (Standard & Poor's) Nov. 13, 2012--Standard & Poor's Ratings Services today published its criteria for evaluating enterprises' management and governance credit factors in an article titled "Methodology: Management And Governance Credit Factors For Corporate Entities And Insurers." (See also "How We Use Management And Governance Credit Factors," published today.)

  • Engaging Business Unit Leaders in Discussing Enterprise Risks

    October 02, 2012

    Paul Zavolta, Director of ERM at Alpha Natural Resources, provides an overview of how ERM is treated at Alpha Natural Resources. He speaks of how he feels the company’s top-down and bottom-up approach has been most effective in assessing all risks to the company, whether they be faced by people at the top or bottom of the organization. He also speaks to the day-long workshops that Alpha does to ensure that risk is talked about among all aspects of the business.

  • Getting Started with ERM

    October 02, 2012

    Often times executives brush off any ERM initiative by stating they have smart people on the board or on management teams. David Hughes, Assistant VP of ERM and Business Continuity Planning at Hospital Corporation of America (HCA) explains how boards and senior executive may miss the identification of certain strategic risks because they are not “on the ground” interacting with customers and business operations. He emphasizes the importance of obtaining input about risk exposures from multiple levels of management to ensure the identification of the entity’s most significant strategic risks. He also speaks about how important it is for CEOs to embrace an ERM process and see the value in taking time to look at risk through a strategic lens.

  • Managing Risks of the Mobile Enterprise

    October 01, 2012

    Mobile devices are becoming more and more integral in the workplace today, as they are used for field work, file-sharing, and business processes. With the widespread use of mobiles, and the delicate intertwined relationship of such devices with both personal and professional lives, substantial number of risks arise that need to be managed properly in order to reap the benefits of these devices. To help organizations think about risks associated with the use of mobile devices, the Security for Business Innovation Council (SBIC) has issued an in-depth analysis of consumer mobile devices in the enterprise along with various risks that arise with the evolving technology. Furthermore, the report also provides various recommendations to manage such risks effectively over time. The following provides a summary of the report.

  • Minimizing Risks through Creative Strategy Setting

    September 01, 2012

    Strategic planners often go through a rigorous process of extensive analysis of past performance and forecasts to come up with a robust strategic plan. They attempt to check their biases, preconceived notions, and judgments during this process. However, the reality of the outcome of its execution of strategy provides little comfort on the efficiency of the strategic planning process and in identifying the risks associated with that strategy. This article from the Harvard Business Review recommends a “truly scientific” approach to strategic planning by providing seven key steps for leaders to consider while designing strategies so that they may be in a better position to address risks proactively as the strategy is built rather than after the strategy’s execution. In this way, organizations are better positioned to identify risks before they emerge, thereby enhancing the likelihood of strategic success through more effective risk oversight.

  • Risk Appetite: A Conversation of Governance

    June 01, 2012

    Managers often view risk appetite as a highly theoretical concept: one that is determined instead of discussed, irrelevant instead of practical, or static instead of adaptive. This paradigm is due to the notion that risk appetite reflects a short term risk philosophy of the company, and the frequency of which risk appetite is viewed as being congruent with risk tolerance. The authors of this Protiviti white paper discuss the importance of developing and maintaining a risk appetite statement as well as using it to spur conversation between management and the board of directors in the governance process.

  • Super Bowl Embraced ERM

    June 01, 2012

    Imagine being responsible for managing risks related to the NFL Super Bowl. With the millions of viewers drawn to this event each year, one shudders to think about an event occurring that shuts down the game or postpones it for a period of time. For the 2012 game, the Host Committee decided to embrace enterprise risk management (ERM) principles to help coordinate all the silos of responsibilities being assumed by the staff and the thousands of volunteers involved. A number of lessons can be drawn from this experience.

  • Preparing for a Corporate Crisis Before Significant Risks Materialize

    June 01, 2012

    A recent article from Practical Law The Journal offers boards guidance on preparing and responding to a corporate crisis. A lack of proper planning can make both managing crisis situations more difficult and possibly lead to more damage. The article discusses five steps the board and management can adopt to better prepare for a crisis once a significant risk materializes. A strong board culture is also highlighted as an important factor in responding to a crisis. Strategies are offered for promoting an effective board culture.

  • Sustainability:  Considerations that Can’t be Ignored from a Strategic Perspective

    May 17, 2012

    The topic of sustainability means a host of things to people. Many view it from a “going green” or “social responsibility” perspective. While there is value in considering sustainability related to those types of initiatives, boards and C-suites are finding greater strategic benefit in positioning their considerations of sustainability from a risk and opportunities perspective. They are trying to view sustainability from a lens that forces them to think how sustainability issues might affect the long-term viability of the entity’s business model. That is, they are seeking to integrate their sustainability thinking with their strategic planning and execution efforts. A recent MIT Sloan Management Review Research Report highlights emerging trends of how sustainability considerations are reaching a tipping point.

  • Lack of Senior Manager Support Impairs Risk Management

    May 01, 2012

    Here’s a new twist to “risk management”: one of the most damaging risks an organization may face is “management” itself. A recent article in Disaster Recovery Journal highlights the realities of how management’s attitude and embrace of risk management approaches can undermine the organization’s effectiveness at managing key risk events. Although many executives understand that risk management benefits everyone, not all share this view. The article outlines three categories of management that have a negative effect on an enterprise’s risk management strategies: management that ignores reasoned words, management that works against others’ efforts and management that is nonexistent in the execution of a plan.

  • How to Manage Risks Associated with Organic Growth Strategies

    May 01, 2012

    A sound approach to organic growth enables an organization to sustain itself through the toughest circumstances in the business environment. The authors of this Harvard Business Review article believe that organic growth strategy is most effectively driven by top-level executives; however, the authors also demonstrate that executive leaders commonly neglect their important role in organic growth, exposing their organizations to several areas of risk. This article discusses four specific risk areas created by a lack of executive leadership over organic growth efforts. The article then provides corresponding rules that executives can follow to overcome these risks and drive organic growth within their organizations.

  • Risks Associated with Product Development

    May 01, 2012

    With over 50 years of experience in advising companies on product development efforts, the authors of this Harvard Business Review article present six flawed assumptions that bring rise to risks associated with product development. Product development managers often follow conventional assumptions to execute their projects effectively and efficiently based on the belief that these lead to the most productive approach. But often, risks associated with product development rise due to fallacies in these assumptions causing major delays, glacial progress, and costly failures.

  • Competitive Intelligence: Managing Industry Dissonance Risk and Enhancing Foresight Capabilities

    March 01, 2012

    As the hyper-competitive nature of the business environment continues to persist, companies find themselves experiencing more and more strategic surprises generated across the competitive landscape. A recent Protiviti thought paper argues for the need to strengthen an organization’s competitive (versus competitor) intelligence to enhance management’s ability to identify and assess risks associated with the competitive landscape. Competitive intelligence, contains multiple elements and considers any factor that may hinder or enhance the progression of a company’s ability to compete. The paper suggests that organizations can no longer monitor, assess, communicate, and act upon competitor intelligence alone. Alternatively, managers should consider all external factors that have the potential to impact their ability to compete.

  • How the NC State ERM Initiative Views ERM vs. Traditional Risk Management

    January 10, 2012

    If a business has its doors open, then it is managing risk in some way. However, that does not mean the organization has an enterprise-wide, holistic, and strategic approach to risk management. Unfortunately, for many organizations, risk management is done through a silo or stove-pipe approach where certain types of risks are managed in silos with little consideration of how risks might interact or impact other areas (silos) of the business. Dr. Mark Beasley, Deloitte Professor of ERM and Director of NC State’s ERM Initiative, describes the vision of the Enterprise Risk Management Initiative at NC State University, explains how enterprise risk management leverages work done in a silo or stove pipe approach to bring together risks from all across an enterprise so that boards and senior management have a better view of potential emerging risks most likely to impact the strategy of the organization.

  • Managing Reputational Risk

    January 01, 2012

    Negative events that damage an entity’s reputation can be extremely difficult and costly to overcome. Generally, once an organization’s reputation is scarred, it remains that way for life.Deloitte issued a thought paper to help organizational leaders think about and manage risks that might impact the entity’s reputation. While challenging to manage, there are steps organizations can take to keep their pulse on events that might trigger a negative reputational image.

  • The ERM Process at Xerium Technologies Part 1

    November 01, 2011

    Bonnie Hancock speaks with Fred Caloggero, VP of Audit Services at Xerium Technology, about the ERM process that he helps lead at the company. Many companies look at risk on a two scale plane, considering likelihood and impact; however, Xerium adds in the aspect of velocity – the speed of which a risk can be onset at a company. By looking at things like Key Performance Indicators and Key Risk Indicators, a company can be more aware of the velocities of various risks.

  • Corporate Crisis:  What are the Similarities and What Can We Learn?

    September 01, 2011

    Cass Business School at City University - London researched some of the largest corporate crises of the last decade. While each company faced very different issues, the researchers found common key risks underlying each of the cases reviewed. The study also reached two main conclusions, which highlight the importance of enterprise risk management in the dynamic business environment.

  • Competitive Advantage in a Risk Environment: Four Capabilities to Gain Adaptability

    July 01, 2011

    In a business environment that is always changing and full of uncertainties, conventional methods of strategy may no longer be appropriate. Instead, managers are finding that sustainable competitive advantage occurs by being more agile through rapid adaptation. This article proposes four organizational capabilities that support a competitive advantage from the ability to adapt quickly, as well as the implications of this strategy for large, already established businesses.

  • Increasing Risk Awareness for Mission Critical Objectives of Not-for-Profit Organizations

    April 26, 2011

    Even though risk management is in the spotlight among for-profit organizations, effective risk oversight is needed for not-for-profit organizations, too. A whitepaper published by the AICPA highlights the relevance of risk oversight and importance of developing an enterprise view of risks in not-for-profit organizations.

  • Keeping Track of “Near Misses”

    April 01, 2011

    Organizations often find themselves praising the narrow escape of a potentially massively harmful event. An article in The Harvard Business Review describes how your organization can benefit from not simply marking these narrow escapes up to good luck but instead using the circumstances involved to prevent you from being put in the same situation some point in the future. The article highlights seven key strategies your organization can use to keep track of the near misses and use that information to capitalize on preventing major harm from occurring at your organization.

  • Increasing Complexity Creates Challenges for Risk Management

    January 03, 2011

    Managing complexity is quickly becoming one of the greatest challenges for large organizations today. A whitepaper published by KPMG presents findings related to a study of the causes and impact of complexity affecting large companies. The pace of change and global interconnections in business have resulted in increasing complexity, creating significant risk management challenges for companies. Increased risks to manage emerged as one of the greatest challenges created by complexity, according to the study.

  • Enterprise Risk Management in Higher Education

    January 03, 2011

    A recent Association of Governing Boards of Universities and Colleges and United Educators survey raises concerns that higher education is lagging behind other industries in considering risks as part of the strategic planning process. Since the release of the 2009 survey, the challenges that colleges and universities now face have only increased as financial resources tied to endowments, and federal, state, or local funding have shrunk. Unfortunately, with the challenge of managing these very real financial pressures takes the attention of most university leaders, the reality that new strategies being deployed are leading to new and different types of risks never seen before in the university setting may be going unnoticed. A recent Grant Thornton thought paper notes that now, more than ever, institutions of higher learning need to strengthen their enterprise-wide risk oversight as they enter new and different strategic territories.

  • Climate Change and Sustainability Risks

    December 30, 2010

    Shifting consumer expectations, greater information access, and enhanced media attention are some of the reasons for growing attention on issues related to climate change and sustainability. With this increasing focus, more organizations are realizing the need to better understand both risks and opportunities for their organizations related to climate change and sustainability. Some are identifying unique business opportunities related to products and services from a sustainability perspective. More are realizing the importance of their evaluating the nature of risks that may arise as expectations and regulations related to climate change and sustainability continue to emerge. A recent thought paper from Ernst & Young analyzes how issues related to climate change and sustainability may affect the organization’s overall risk profile including risks related to five core areas: strategic, compliance, financial, reputational, and operational risks.

  • Case Study Illustrations of Launching ERM

    December 21, 2010

    The AICPA’s Business, Industry & Government Team commissioned faculty in the ERM Initiative to develop case study illustrations of how organizations have successfully launched ERM. Case Studies on ERM Implementations: Practical Illustrations for Launching Effective Enterprise Risk Oversight takes readers directly into the experience of a company as it is starting ERM and details each step of initiating and implementing enterprise-wide risk oversight. The central case study highlights several practical illustrations for jump-starting ERM. The guide also includes two shorter case studies to further enhance your understanding of ERM implementation.

  • Avoid Being Blindsided by Risks: Focus on Key Assumptions

    December 01, 2010

    Strategic risks and opportunities are constantly changing in the business environment, especially in the current volatile economic climate. The roller coaster of uncertainty often results in organizational leaders being blindsided by unexpected emerging risks that they did not consider in strategic planning. Sometimes that surprise is a result of management’s incomplete understanding of key assumptions underlying their strategic risks and opportunities. This Deloitte thought paper discusses some common reasons for this blind spot and presents a risk intelligent strategy to address this issue.

  • A Four-Step Risk Approach to Strategy Execution

    December 01, 2010

    Organizations are seeing the value of adopting a risk-based approach to execute strategies in order to survive in a post-recession world. This approach enables managers to focus on opportunities in strategic plans, as well as minimizing the potential impact of threats. A recent article in the Journal of Business Strategy outlines four steps to execute a strategy using a risk-based approach.

  • Protecting Your Reputation in Today’s Social Media World

    December 01, 2010

    A recent article in The Harvard Business Review addresses the importance of protecting corporate reputation in the new age of social media outlets. The article highlights key areas that organizations should focus on when they may come under the attack of a potentially damaging event in the light of the media. Strategies to help an organization avoid any form of harmful media are also covered in the article.

  • Intensifying Dialogue on Risk and Strategy: A Banking Perspective

    November 15, 2010

    Technologies, products, and institutions are constantly becoming more complex, which ultimately increases the risks that organizations face. During recent economic crisis, the banking industry has experienced this first-hand. This white paper provides an analysis of how banks are improving their risk governance through enhanced dialogue of risk and strategy between the Board of Directors and management. Though this white paper contains a research study conducted on the banking industry, it is still applicable to other types of organizations.

  • ERM Roundtable Summit Panel Discussion – The Value Proposition of ERM: Strategic or Compliance

    October 01, 2010

    The ERM Initiative at NC State University hosted a half-day ERM Roundtable Summit on October 1, 2010 in Raleigh, NC. Following the keynote speaker who provided an overview of ERM at Target Corporation (see separate summary), a panel of chief risk officers and ERM related experts discussed the topic: “The Value Proposition of ERM: Strategic or Compliance.” The panel featured four individuals with real-world experience and leadership involving ERM efforts at their organizations. Several themes emerged from the panel’s discussion that are summarized in the following abstract.

  • ERM Roundtable Summit- Enterprise Risk Management at Target

    October 01, 2010

    At the October 1st, 2010 ERM Roundtable Summit hosted by the ERM Initiative at NC State, Tony Heredia, Vice President of Corporate Risk and Responsibility for Target, Inc., provided an overview of ERM at Target, Inc. leading up to the fall of 2010. As a leading U.S. based retailer and ownership of the largest retailer credit card portfolio, Target, like its competitors, faces a variety of diverse risks on a daily basis.

  • Incorporating Risk Management into Corporate Governance

    September 23, 2010

    In response to significant changes in corporate governance due to the events in the financial markets in the first decade of the 21st century, the New York Stock Exchange (NYSE) created the Commission on Corporate Governance to conduct a comprehensive review of corporate governance principles. The NYSE developed a white-paper that explores the commission’s research findings and recommendations for organizations. Several aspects relate to effective risk management.

  • Global Emerging Risks Survey

    August 02, 2010

    The Oliver Wyman Corporate Risk consulting practice conducted a global survey to assess the importance of emerging risks and how risk management teams are handling these potential risk events at major organizations worldwide. The report summarizing the survey results includes insights into where companies are moving with their risk management teams and how they are evolving during the financial crisis. Potential areas of concern are also covered in the survey.

  • Aligning Risk Appetite and Risk Exposure

    June 28, 2010

    The devastating effects of the global credit crisis can be linked to the failure of organizations to embed risk management within the foundation of strategic and operational processes. Now, increased pressures from all around call for an integrated and aligned approach to risk management. This white-paper explores how organizations can effectively align performance and risk management processes to not only reduce risk but also embrace opportunities.

  • Organizations are Currently Focusing on Strategy and Growth, While Audit Committees Focus on Risks

    May 03, 2010

    As the road to economic recovery lies ahead for organizations, boards and audit committees are focusing on their organizations’ strategies to achieve growth. However, audit committees are also evaluating the risks created by these new strategies to ensure these risks are managed in order for their strategies to be successful. This KPMG white-paper highlights key issues for boards and audit committees to consider as they strategically lead their organizations through the uncertain future.

  • Managing Risks with Sustainable Practices

    March 01, 2010

    On March 11, 2010, the Coalition for Environmentally Responsible Economics (Ceres) issued its report The 21st Century Corporation: The Ceres Roadmap for Sustainability. Ceres hopes to target boards of directors of corporations with this report, encouraging them to take advantage of sustainability opportunities with relation to managing risks. The report contains twenty key expectations related to governance, stakeholder engagement, disclosure and performance. Through focusing on setting new standards and expectations for business leadership, Ceres hopes to guide companies on their journey to comprehensive sustainability.

  • Finding Your Strategy in the New Landscape

    March 01, 2010

    The economic crash of 2008 had profound international effects and prompted a dramatic reduction in foreign investments in 2009. However, China and India still hold large portions of global GDP growth and have the potential to provide opportunities in big, emerging markets in the future. In this article, the author focuses on the belief that the economic crisis should not inhibit global strategies and gives suggestions on how to navigate this new international area.

  • Global Risks

    February 01, 2010

    After the shock to the global financial system in 2008, global risks were brought to the forefront of risk discussions. Surprisingly, the risk landscape has not changed much. What has changed is the level of realization that global risks are tightly linked and that vulnerability is truly global. This report outlines some of the top issues that are most likely to come to the forefront of the global risk landscape and is intended to improve global understanding and cooperation in meeting these future risk challenges.

  • Integrating Risks and Strategies to Foster Stakeholder Value Growth

    October 01, 2009

    Every strategy that an organization undertakes in order to grow stakeholder value has risks and opportunities associated with it. There can be opportunity encompassed in a strategic plan that will increase stakeholder value, but the pursuit for this opportunity also brings risks that may decrease stakeholder value. Unfortunately, most organizations today do not integrate these two aspects into their strategic planning process. This white paper outlines tools that will help boards maximize stakeholder value by incorporating opportunities and risks into the strategic planning process.

  • Risk Preparedness

    June 01, 2009

    Risk intelligence is a risk management philosophy focusing on the use of both risk avoidance and risk-taking to create value. While this article deals with risk intelligence, it focuses on the risk avoidance aspects as it discusses prudently preparing for the occurrence of negative events. By adequately planning for business disruption events, companies can become more resilient and recover from events more quickly, therefore gaining a competitive advantage in the marketplace.

  • Balancing Enterprise Risk Management and Enterprise Performance Management

    June 01, 2009

    Poorly planned and executed risk management capabilities contributed to the collapse, and they are likewise impeding the recovery as companies have shifted from taking too many risks to taking too few. Companies that are able to effectively balance enterprise risk management and enterprise performance management will have more robust risk management capabilities and be poised to make better decisions and drive improved company performance.

  • Reputation Management

    May 31, 2009

    Reputation management is critical to organizations and it continues to grow more complicated. Companies in the past could earn reputations as good corporate citizens by making philanthropic contributions without significant alignment with a business strategy. However, nonstop access to information, a lack of trust in business, and an increasingly broad base of stakeholders have increased the importance of reputation management to companies as well as changed the ways in which companies need to act to successfully manage their reputations.

  • Getting Risk Appetite Right

    May 01, 2009

    While the concept of a risk appetite framework is sound and can provide many benefits to organizations, many of these frameworks failed during the current crisis due to design and application problems. Organizations can learn from several key failings in risk appetite frameworks that were highlighted by the crisis. Though this article looks at risk appetite from the perspective of banks, the suggestions are applicable to many types of organizations seeking to improve their risk appetite framework.

  • Reputation Risk Management

    March 01, 2009

    A 2008 survey investigated the status of reputation risk management at different companies and found that companies are aware of reputation risks but may not be sufficiently managing these risks. There are several methods for managing reputation risks, including engaging with stakeholders, monitoring the content and volume of media coverage of the company, monitoring performance against external ratings or benchmarks, and crisis management. Ultimately, for reputation risk management to be successful, it should be integrated into broader risk management frameworks and reputation risk factors should become a key aspect of business decision making.

  • Internal Auditors Partnership with Management

    February 01, 2009

    Internal auditors in the past have been used to examine how well management is performing and how well the company is operating. Now there is a need for internal auditors to work in conjunction with management to oversee risks. CHAN Healthcare Auditors realized this change in internal audit and has developed an audit process and tool that allows for a more effective approach to risk management. Even though the approach is mainly geared towards the healthcare industry, it can be used in numerous industries to determine companywide and departmental vulnerabilities.

  • Companies Succeed During Downturn with ERM

    January 01, 2009

    In the four-part series “Managing in a Downturn” produced by The Financial Times, Russell Walker comments on the place for enterprise risk management in the current economic environment. Walker uses JPMorgan, Berkshire Hathaway, Honda and Toyota to show how enterprise risk management (ERM) as part of an overall business strategy can help prepare a firm for unexpected events like the credit crisis.

  • The Convergence of Enterprise Performance Management and Risk Management

    December 31, 2008

    Organizations can increase their probability of achieving strategic objectives by taking an integrated approach to deploying strategy and managing associated risks. The Performance/Risk Integration Management Model (PRIM2) provides a framework for organizations to consistently communicate and deploy strategies, proactively identify and manage inherent risks in the strategy, and ensure integration of strategic plans, risk management, and performance management in strategy execution. PRIM2 also provides real-time transparency into an organization’s operations, facilitating continuous alignment of strategy, risk management capabilities, and performance management. While the details of a PRIM2 infrastructure will vary across organizations, there are several core elements that should be incorporated in any PRIM2 framework. Implementation of a PRIM2 framework is intended to establish and maintain a balance between the enhancement and protection of an organization’s shareholder value.

  • Strategic Business Risk – Top 10 Risks in Business for 2008

    December 31, 2008

    Ernst & Young conducted a survey of industry analysts in order to identify the top 10 strategic business risks for 2008. It became clear that there is significant variation in risks between sectors of the economy. Nevertheless, the risks that were rated as having the greatest impact across the largest number of sectors were identified and ranked.

  • Board Oversight of Risk Management and Executive Compensation

    December 01, 2008

    Boards of directors have fiduciary responsibilities to shareholders and there are several “pressure points” they can address to ensure fulfillment of these duties. One pressure point for boards is risk oversight and boards should consider reassessing their existing risk management programs to ensure a top-down, enterprise-wide approach is being taken that helps achieve the long-term goals of the company. Another pressure point is executive compensation and boards can take several steps to strengthen the link among pay, performance, and accountability to better reflect the risk culture of the organization.

  • Understanding and Articulating Risk Appetite

    December 01, 2008

    Risk appetite, when properly understood and articulated, can be a powerful tool for managing risk and enhancing overall business performance by better aligning decision-making and risk. Many organizations have a need for increased clarity regarding their risk appetite and this article provides insights on formulating and defining risk appetites.

  • Enterprise Innovation and Integration

    November 01, 2008

    Innovation and integration are important contributors to growth in an organization. In order to foster these activities within the organization, the article recommends developing two agencies: a distributed innovation group (DIG) and an enterprise integration group (EIG). The DIG promotes innovation by looking for promising ideas within and outside of the organization and funding and incubating those ideas. The EIG helps institute horizontal processes across silos to improve an organization’s performance. The IT function within an organization is often central to both groups, providing many of the requisite skills that enable these groups to succeed. While this article is not explicitly addressing enterprise risk management, the focus on integration of silos is relevant to ERM implementations.

  • Diversity of Risk Management in Europe

    October 30, 2008

    This report details the key findings in the fourth biennial benchmarking survey conducted by the Federation of European Risk Management Association (FERMA) in collaboration with AXA Corporate Solutions and Ernst & Young. The report reveals how risk management has become more important in European companies and the wide diversity of how companies approach risk management.

  • C-suite Influence on Excellence in Risk Management

    October 01, 2008

    This abstract summarizes the 2008 Excellence in Risk Management Survey conducted by the Risk and Insurance Management Society (RIMS) and Marsh. This is the fifth year that they have conducted an Excellence in Risk Management Survey. They find that senior management’s attention has shifted to the value of a strategic, broad approach to risk management in the wake of the current financial crisis. The survey cites disconnect within a company between risk managers and C-suite executives. It also explores organizations’ objectives in implementing and maintaining an ERM system. These objectives include internal and external expectations for the ERM system, which risks to consider, who is responsible, and the impact on the company. While the desire for a strategic risk management process seems to have leveled-off, businesses who have undertaken ERM implementation continue strong development and have continued support from the senior level.

  • The Changing Role of the Finance Organization

    September 30, 2008

    Today’s focus on the rapid embrace of globalization initiatives has substantially increased the complexity and pace of change that risk executives face. Dealing with the volume and complexities of these uncertainties is becoming one of the most pressing strategic concerns. Responsibilities for addressing these challenges often reside with the finance organization within an enterprise, often led by the chief risk officer (CFOs). This study not only summarizes insights about the challenges CFOs face, but it also highlights best practices of finance organizations in high-performance organizations. It notes that the finance organization in most global companies is not sufficiently integrated into the businesses to promote strategy development or value creation and very few are very satisfied with the performance of the finance organization in the management of financial and non-financial risks. Masterful finance organizations identified by the study excelled in creating a shared services structure, a strategic approach to outsourcing and talent management, and the implementation of enterprise resource planning systems

  • Managing Risks for Comparative Advantage: Five Steps to Better Risk Management

    September 01, 2008

    This articles highlights a five-step process to help companies make changes to better their approach to risk management in response to the developments occurring in the corporate approach to risk management: 1. Identify and understand your major risks; 2. Decide which risks are natural; 3. Determine your capacity and appetite for risk; 4. Embed risk in all decisions and processes; and 5. Align governance and organization around risk.

  • Does ERM Matter?: Enterprise Risk Management in the Insurance Industry

    June 01, 2008

    The recent upheaval in the banking industry, which is heavily regulated and an early adopter of enterprise risk management (ERM) strategies, has caused other businesses to question the efficacy of an ERM program. A recent study by PricewaterhouseCoopers, LLP makes it apparent that ERM is not fully embedded in many businesses. Failing to consider risk in business decisions makes it unlikely that businesses will achieve their ERM objectives, and increases the difficulty of realizing strategic objectives.

  • When Strategy and ERM Meet

    January 01, 2008

    This article describes the intersection of strategic business plans and enterprise risk management (ERM). Recent events concerning collateralized debt obligations (CDOs) and subprime mortgages revealed that some institutions were tempted by the higher yields without managing the higher risks. This article contains three approaches to connect a company’s strategy to its risk management efforts. The three approaches for effective strategic risk management are: (1) a strategic risk management process, (2) a process to identify and protect assets at risk, and (3) strategic risk monitoring and performance measurement.