Strategies for Transforming Enterprise Risk Management into a Collaborative Endeavor
In the rapidly changing business landscape, the importance of Enterprise Risk Management (ERM) cannot be overstated. The National Association of Corporate Directors Global Board Leaders' Summit has offered advice for integrating ERM into the corporate DNA, and the Committee of Sponsoring Organizations of the Treadway Commission (COSO) has provided a framework for implementing ERM as a team sport.
Organizations are graded on a level of 1 to 10 for their involvement with ERM, with level 1 indicating complete apathy and a preference to ignore. If an organization finds itself between 1 and 3, the first step is to start the process of integrating ERM. Passionate advocates suggest that finding the million-dollar blind spot may save the company or jobs.
For organizations between a 4 and 6, it is recommended to move toward a common-sense orientation to risk management processes to add value and move further away from the Sarbox Hell of the prior phase. If the organization is between a 7 and 9 (Going for Great), consider how to further improve and receive more value from balancing risk and reward.
Top suggestions for a first place win (if the organization is a 10) include involving an independent third party for objective feedback, determining if moving to a 10 is necessary, and analyzing potential threats from an outsider. To maintain outstanding status, consider completing the move to a dedicated resource group, taking ERM to a higher level by analyzing potential threats, and investing in compliance software and a competent team to manage it.
One of the top suggestions for moving up is aligning compensation with risk strategy and its execution. The company's floundering can occur when the Board is not fully 'on board' with ERM. To ensure everyone is on the same page, it's crucial to coordinate a strategy review, with benchmarks, on how to get to conference-winning team sport status.
Maximizing the collective wisdom of the team through group brainstorming and scenario planning can help uncover overwhelmed issues, unfamiliar risks, and political risks not pointed out by C-Suite sheriffs. The wisdom of organizational peers can be a valuable resource for finding underlying strategic operational issues without spending political capital.
The lack of ERM integration into the corporate DNA can lead to significant problems. If ERM is not properly integrated, an 800-pound gorilla could grow out of a 175-pound gorilla, or 800 dead rats could be the result. Strategic planning, safety, procurement, business continuity, and internal audit are logical starting places for expanding ERM infrastructure.
Once the distinction between 'what exists' and 'what is needed' is made clear, areas requiring some extra bench strength and/or where to outsource to obtain limited access to specific skill sets become clear. The top three suggestions for moving forward are: obtain the CEO's buy-in for ERM, create an agenda to address the organization's top major risks, and hire an IT Director to search for and resolve seemingly invisible system risks.
In conclusion, give careful consideration to these proven 12 suggestions and apply those that make the most sense at this point in your organization's life cycle. After all, taking any of these actions will help make ERM more of a team sport and increase your chances of success.
Read also:
- Experiencing Life's Variety Firsthand: Gaining Insights from Life's Broad Spectrum of Experiences
- Budget Alterations Made to 2023 Toyota GR Corolla After 4,500 Miles, with a Cost of $38 for Smoothing Out the Rough 1-2 Shift
- Steady Expansion Projected for Artificial Intelligence in Escalator Maintenance, with a Forecasted Growth Rate of 40.2%
- Generous Gift of AED 33 Million Saves Lives: A 14-year-old Boy, Along With 59 Others, Receives a Second Chance
