Governance:
The Enterprise Risk Manager’s Line Manager
Any
risk that is imaginable in the business world, strategic, financial, cyber
security threats and many more including an ever changing and an equally challenging regulatory
environment; not forgetting the domestic, regional and global competition etc. prowl
(for the lack of a better term) today’s unpredictable and extremely competitive
commerce.
In
times like this, it’s important to take a holistic view of business practices,
processes and workplace ethics amongst everything else to ensure that adequate
control mechanisms are in place to keep the business entity afloat while
focusing not only on the risks that can threaten value, but also the risks that
an enterprise can take to create value.
What
Is Risk Management?
Risk
management ensures that an organization identifies and understands the risks to
which it is exposed. Risk management also assures that the organization has
done enough in creating and implementing an effective risk management plan to
prevent losses or at the least reduce the impact(s) if a loss occurs.
A risk
management plan includes strategies and techniques for recognizing and
confronting these threats. Good risk management doesn’t have to be expensive or
time consuming; it may be as uncomplicated as answering these three questions:
- What can go wrong?
- What will we do to prevent the occurring and in response to the loss?
- If something happens, how do we pay for it?
What
is ERM
Enterprise
risk management (ERM) predominantly is a dynamic proactive approach in business
to manage risks and seize opportunities related to the achievement of their
objectives, this definitely includes constantly monitoring all business
functions, the process and how they are carried out. ERM provides a framework
for risk management, which typically involves identifying particular events or
circumstances relevant to the organization's objectives (risks and
opportunities), assessing them in terms of likelihood and magnitude of impact,
determining a response strategy, and monitoring progress of that one individual
event, circumstance and activity or on an overall operations perspective. By
identifying and proactively addressing risks and opportunities, business
enterprises protect and create value for their stakeholders, including owners,
employees, customers, regulators, and society overall. (ERM)
ERM
can also be described as a risk-based approach to managing an enterprise,
integrating concepts of internal control, the Sarbanes–Oxley Act, and strategic
planning.
Enterprise
risk management calls for organizations to identify all the risks they face, to
decide which risks managing actively or addressing on a priority basis. By
priority it does not just mean giving preference for its ability to reoccur
frequently but also its impact even if it was a onetime thing only, and then to
make that plan of action available to all.
In
putting together ERM initiatives, companies are supposed to focus not only on
the downside of risk but the upside as well. The conventional approach was to
focus on the downside - the losses that might be caused by a disruption in the
normal course of business, e.g. a break in the supply chain or cyber attack
that impairs a company's records. Likewise, working on the upside of this is
when the companies are supposed to consider viable opportunities and future rewards
that might arise out of efficient management of risk. Some of these involve matters
of strategy like where to locate a plant or office abroad based on a risk analysis
that would look at the political environment in a country.
Benefits
of ERM
Enterprise
Risk Management, pretty much like a snake wrapping itself around its prey wraps
itself around the organizations nutty gritty but in a positive way to ensure
all medium to large scale issues are addressed while the smaller ones are
tackled to ensure there are no losses due to negligence of the people made
responsible for the same.
In a
nutshell, they can be bulleted into what appears below:
Increased
consistency and communication of risks within the organization
- Enhanced reporting and analysis of corporate risks (risk data)
- Improved focus, attention and perspective to risk data
- More efficient and effective activities related to regulatory, compliance and audit matters
- More cost-effective management and monitoring of risks
Risk assessment can save plenty of money. Some entrepreneurs think why to invest some amount on risk assessment. But according to recent survey report, companies which had not done risk assessments for the project they undertook end up with heavy loss. The reasons were accidents, sudden project completion deadlines which they could not meet etc.
ReplyDeleteThat is correct. Not investing in risk management by businesses is just as simple as having poor judgement at the top. Inadequate planning. No Strategic Vision.
DeleteAnything anywhere at any time can go wrong. It is wise to be prepared than wait for it to happen. Being Proactive rather than being reactive always has its benefits.
Same is the case here.