Chain of Command, Business Continuity Planning, and Crisis Leadership in Corporates
What is the Chain of Command and how it worked in the Satyam and Infosys Crises’ We often hear the term Chain of Command mentioned in terms of how corporates need to have well defined rules for who becomes the decision maker when the CEO or the Chief Executive Officer is unable to or barred […]
Role of Public Administration in the Modern State
The critical role of public administration as defined by John Rohr (a leading scholar of the US Constitution and its relation to public administration and civil servants) is governing the society. The authors have also argued that a government can exist without a legislature, even without a judiciary but never without administration. The government will […]
The Tough Get Going When the Going Gets Tough: Leadership in the Face of Adversity
Leadership in the Face of Adversity The best leaders are those who can face adversity and turnaround their companies from times of trouble to positions of strength. Throughout history, the leaders who were feted and achieved fame are those who took charge during times of crisis and managed to actualize victory. Similarly, in recent decades, […]
Why Organizations need to Communicate Effectively During Crises
Many people think that corporate communication is all about glitzy press conferences in plush hotels and the hosting as well as the wining and dining of media personnel and associated stakeholders. However, there is more to corporate communications than coming up with glossy annual reports or pithy press releases. For instance, the real mettle of […]
Understanding Team – What is a Team?
Let us first go through a simple real life situation. John was working as a key accounts head with a leading advertising firm. He had four members reporting to him. Unfortunately he always under estimated his team members and fought with them constantly. He could never trust them and always thought they were incapable of […]
Enterprise risk management (ERM) is a buzzword that has been doing rounds in the risk management field for the past few years. It is often used by managers in a context that implies that it is wider in scope than the traditional risk management function.
However, the number of risk management professionals who do not clearly know and understand the differences between traditional risk management and enterprise risk management is astounding. It is for this reason that this article will enumerate the major differences between the two approaches.
Traditional risk management mostly deals with risks where the exposure can be transferred to other parties in the form of an insurance contract. In some cases, where insurance contracts are not available, derivatives and structured finance products are used in order to meet this objective. However, enterprise risk management (ERM) is wider in scope. Here, the organization tries to deal with risks that are not insurable.
For instance, if there is an accident in the workplace and some employees suffer physical harm, then the financial loss arising from the harm can be covered by insurance. However, the accident also causes a loss to the reputation of the organization. This harm is not easy to quantify and hence cannot be insured.
The enterprise risk management (ERM) considers risks that would not be admissible in a traditional environment viz. damage to the company’s social media presence, damage caused by vendor disruptions, damage caused by incorrect mergers and acquisitions, etc.
Traditional risk management is only focused on one aspect of risks. This aspect is known as the probable impact. The probable impact is a product of the probability of a risk occurring along with the financial impact of the risk.
The enterprise risk management (ERM) framework is more holistic in nature. Instead of just trying to minimize the probable impact, it looks deeper to see how the risk affects the strategic goals of the organization. Some of the common questions asked by practitioners of enterprise risk management (ERM) are as follows:
Basically, enterprise risk management (ERM) helps look at risks from a broader perspective. Loss prevention is not the only key metric and other dimensions such as timing, information, and preparedness are also evaluated.
In a traditional risk management environment, the risk is managed in a decentralized fashion. This generally means that every department discovers its own risks and makes a plan to mitigate them. These approaches may be right at the department level. However, when aggregated at the company level, these risks can often be inconsistent, contradictory, conflicting, and outright inefficient.
Risk management literature is full of cases wherein managers have inadvertently created risks in other parts of the organization while trying to minimize their own risk. Also, in many cases, resources are wasted when departments act in a silo.
A centralized risk management department is known to be more efficient and consumes much fewer resources. Another issue is that sometimes risks span different departments. In such cases, there is conflict regarding the ownership of these risks.
It is for this reason that enterprise risk management (ERM) takes a more centralized approach towards risk management. Here, decisions related to risk management are taken at the enterprise level. The purpose is not to work in the best interests of any department but of the organization as a whole.
Traditional risk management is often reactive in nature. This means that it is either reacting to an event that has taken place in the present or preventing an event that has taken place in the past. Traditional risk management relies on empirical data. However, a lot of risks are the result of newer technologies. Hence, they cannot be understood while looking in a rearview mirror.
New-age technologies create newer unseen risks and market shifts. This is whether the concept of enterprise risk management (ERM) comes into place. The emphasis is on trying to find out how the future will play out while keeping the current context in mind.
The traditional risk management process is more or less standardized. Over the years, several frameworks and models have been developed. Implementing these frameworks is a fairly standard and common process and can be easily implemented. These processes cover most of the standard risks which an organization faces.
However, there are some non-standard risks being faced by organizations as well. This is why a more customized approach is necessary for enterprise risk management (ERM). The customized approach is not focused on compliances like the traditional approach. Instead, it is a more creative function that uses creativity as well as statistical skills in order to predict the possible risks.
The bottom line is that enterprise risk management (ERM) is a wider and more advanced version as compared to traditional risk management. The differences between them are significant. With the passage of time, more and more organizations are migrating towards the use of enterprise risk management (ERM).
Your email address will not be published. Required fields are marked *
