Enterprise Risk Management
We believe that enterprise risk management (ERM) is an ongoing process, to actively ensure an organisation is continually
focused on optimising its strategic objectives. Or simply, the equivalent of a GPS system which provides real time feedback
or assurance the organisation is where it is supposed to be.
Does
your Board and CEO know:
- All of the risks which could impact on the achievement
of strategy?
- How much risk is being taken by each division or business segment?
- Who is managing these risks and how well they are being managed?
- The inherent risk
involved in joint venture proposals or major change initiatives?
- How well your competitors are
managing these risks, and whether there would be a competitive advantage in managing them better?
More often than not, answers to the above questions are based on subjective assessments or even random conversations.
It is rare to find metrics such as key risk indicators being produced, audited, and used as the evidence to support assertions
regarding the effectiveness of an organisation's risk management capability.
We have a range of
services to help you develop your risk management capability. Our services include:
Strategic
Risk Assessments
Completing strategic risk assessments with your Board to build consensus
on the strategic objectives of your organisation and assess the key risks which would prevent their achievement. This
sounds like a very simple process however it is not uncommon for us to unearth very serious disconnects between key stakeholders
either in terms of the strategic objectives or the risks themselves.
Our team is uniquely
positioned to ensure strategic risk assessments run smoothly. Our facilitators have facilitated over 1,000 risk assessment
workshops. We use our experience and knowledge of group dynamics to build high levels of consensus regarding the risks
and to build enthusiasm for the risk management process to prevent the exercise being no more than tick the box.
Divisional Risk Assessments
Completing divisional risk assessments
across all of your group. This normally involves:
- developing an industry specific risk
universe;
- engaging with all of the divisional management teams to build awareness on our approach
and their responsibilities;
- facilitating workshops across all of the divisions - usually within
a 3 month period;
- allocating risk ownership and developing key risk indicators and reporting
protocols;
- sourcing all of the risks to their risk drivers and developing mitigations;
- completing risk interdependency analysis to assess identify potential problems regarding negative feedback loops;
- creating risk profiles for each division;
- moderating on the divisional risks and designing
a risk escalation protocol which may include the creation of your risk policy or risk appetite;
- presenting
the results of the risk assessments to your Board.
No organisation is too big. We have
helped major European Groups based in the EU and the US. We are able to locally resource teams throughout
Europe and the US.
Integrated Assurance Models
For ERM to really work it needs to be championed by the CEO and independently challenged. We have worked with
many organisations to dovetail the work of Internal Audit and Compliance functions to work more closely together in order
to provide integrated assurance. Please see the link below.
We do not however, believe there
is a one size fits all solution and because of this we need to gain a detailed understanding of your culture, structure and
processes to develop an ERM approach and solution which will work for you.
If you like
what you read here we would very much like to talk with you.