In the previous article, we have discussed the concept of enterprise risk management (ERM) and how it is different from traditional risk management. We also discussed how enterprise risk management (ERM) is now being adopted by an increasingly large number of companies across the world. This large-scale adoption is because of the various benefits which are provided by this model.
In this article, we will have a closer look at some of the significant contributions of enterprise risk management (ERM) to the field of risk management in general.
- The Upside of Risk: Enterprise risk management (ERM) is the first discipline of study within the risk management domain which has recognized the potential upside of risks. Up until that point, the definition of risk generally had a negative connotation. This meant that risk was only defined in terms of losses. However, enterprise risk management (ERM) became the first framework to identify risks as a possible opportunity.
It also needs to be understood that the enterprise risk management (ERM) framework pays a lot of attention to the relationship amongst various risks. Practitioners of ERM are always looking out for how changes in the risk management plan for one risk have led to a change in the overall risk portfolio. The enterprise risk management (ERM) framework also adds business and strategic risks to the list. This approach considers the failure to innovate to be an important risk.
- Identification of Risk Owners: The enterprise risk management (ERM) approach differs from other approaches in the sense that it makes it mandatory for the risk governance committee to appoint one single person to be in charge of every risk. The framework mandates increasing the knowledge of the risk owners. The organization should ensure that they have the requisite skills and tools required to perform the role.
- Risk Management across All Levels: The enterprise risk management (ERM) framework states that the organization is made up of several levels. For instance, there are activities that need to be performed which create value for customers. Then there are various relationships within the organizations. These relationships could be external in the form of relationships with customers or suppliers.
Alternatively, they could be internal in the form of reporting relationships amongst various colleagues. Also, there are physical assets such as land, machinery, and other capital equipment.
The enterprise risk management (ERM) framework ensures that the risk management activities are done at all these levels. The crux of the framework is that the enterprise risk management (ERM) model must ensure that risk management is completely aligned with the overall business model.
- Centralized Risk Management: Prior to the advent of enterprise risk management (ERM), the risk management function was scattered at various places in the organization. Every department would create its own risk management plan. These plans would often be contradictory and counterproductive. This is where enterprise risk management (ERM) came into the picture. One of the biggest contributions of the enterprise risk management (ERM) framework is that it encourages the organization to have a look at the risks from the top.
The enterprise risk management (ERM) framework recommends that there should be one person in charge of all the risk management activities within the organization. This person should be from the higher management. This is because they need to have access to the top-level executives as well as to the board of directors. Having a centralized risk function also means that the organization benefits from economies of scale while buying insurance, derivatives, or other such products which are used to transfer risks.
- Extensive Documentation: The enterprise risk management (ERM) framework forces the business to do extensive documentation. This is done to ensure that a knowledge warehouse is created. The purpose of creating this repository is to ensure that the knowledge resides within the organization and not within a specific person. The concerned risk manager has to ensure that a visual representation of the relationships between various risks is made.
These visual relationships can provide a more intuitive interface for the organization to learn about the risks. Also, the details of various mitigation plans, the various options which were considered, and the decision criteria which was used need to be documented. This will help future managers when they make their decisions. Prior to enterprise risk management (ERM), there was not much emphasis on the documentation aspect.
- Standardize the Process: The enterprise risk management (ERM) framework provides users with a framework to standardize the decision-making related to risk management. It must be understood that the tools being used for risk management will not be standardized and neither will the options to mitigate the risks.
The framework provides high-level guidelines to standardize the steps. That is done to ensure that the risk management decisions taken across different time periods as well as by different risk managers continue to stay consistent. The model provides enough wiggle room which can be used by risk managers if they want to customize a decision.
The bottom line is that enterprise risk management (ERM) has been a very valuable part of the overall risk management subject. It has led to radical decisions being taken in the right direction as far as identification and management of risk is concerned. It is these benefits that are leading companies of all sizes, across the world, to readily adopt the steps suggested by this framework.
View All Articles