Risk Commentary

Enterprise Risk Management and Board of Directors

2018-11-24 / ERM Governance, Public Sector ERM, Risk Tolerance, Uncategorized / No Comment

What is the role of the Board of Directors with regard to Enterprise Risk Management? I recently addressed the Board members of Island Health, our local health authority, to answer this question.

The Board has already been given advice by the Healthcare Insurance Reciprocal of Canada. HIROC characterizes health authorities as “high reliability” organizations, meaning that any particular failure can have much larger catastrophic effects.

I suggested the following Board duties:

to review the rigour, quality and efficacy of the enterprise risk management regime itself;
to review the content, i.e., results of the risk assessment process, as applied to strategic plans – the risks that were identified; the mitigation plans created;
to ask critical questions regarding any element of the risk management practice, make suggestions, advise and guide the executive.

Similar to audit, the Board must maintain its independence. Unlike audit, which uses specific criteria and checks for compliance, each Board member formulates questions and criticism by drawing upon his or her unique individual background and expertise.

Eventually, the risk culture should mature so that a common understanding is developed among management, staff, and the board itself of how corporate values and risk ownership are understood and applied.

ERM: Solve Business Problems

2017-08-12 / How to do Risk Assessment, How to Implement ERM / No Comment

Enterprise risk management — correctly implemented — has an immediate practical benefit: to solve chronic and intractable business problems.

That might sound surprising, as many conceive of ERM as a compliance exercise, with purported eventual benefits, such as reduced volatility, managing strategic risk and lowering the cost of capital. But the value should be evident right away. How does ERM solve chronic and intractable business problems? Only if there is a very sharp, comprehensive and rigorous risk identification and assessment process. The trouble is that most embarking on risk ID use either a conventional approach (limited to, say, hazard risk, or “exposure to assets”) or use an ad hoc, informal approach, with no guidelines.

The challenge of developing high quality risk information (see my intro video) is the first concern when desigining an ERM program. If one pays attention to that, then magically the body of risk information is transformed from a lifeless, inert heap of re-hashed management complaints into an incisive and insightful analysis of the most critical business problems.

I have experienced this time and again with clients. Once the rigour and structure is properly introduced into the exercise, the chronic difficulties which had always escaped definition and proper analysis suddenly come to light. The result is people have much more confidence. They now see and understand previously undetected and unsuspected underlying risk, and are prepared to fix these conditions and move the organization forward.

Performance Management and ERM

2017-07-15 / Uncategorized / No Comment

Performance managmement plan as context for risk ID
“A performance management plan is a set of target measures against which actual results achieved by employees are compared. If the system is well designed, it forms a good framework for risk assessment. We can ask, “What is the risk that performance measure X will not be attained?” But this assumes that the target is meaningful.”
Read the rest of this entry »

ERM books selected as Laval University course texts

2016-12-14 / Uncategorized / No Comment

“Solving the Enterprise Risk Management Puzzle: Secrets to Successful Implementation” and companion volume “Enterprise Risk Management Tools and Templates” have been selected as course texts for Laval University’s ERM course ASR-4004 Gestion intégrée des risques en entreprise.

Relationship between Audit and Risk Management

2014-05-27 / Uncategorized / No Comment

based upon notes taken from Ch. 7 of the RIMS text Enterprise Risk Management, edited by Michael W. Elliott, published 2013 by The Institutes.

The Nature of Controls

According to the text, controls are used to assess whether the organization’s actions are the ones expected; to check that the organization’s processes are functioning as intended. Originally connected with detecting errors and fraud, they are now related to organization’s goals, financial reporting and compliance.
Read the rest of this entry »

Consulting For Lean Manufacturing

2014-01-15 / Uncategorized / Comments Off

In my last post on Lean Manufacturing, I said that there was a broader agenda at stake — namely, the survival of firms in the era of the decline of western manufacturing. Consultant Bill Chambless expresses a similar thought in his book Quantum Profits. He posits that the mastering of short-run customized production is the key to economic recovery.

Read the rest of this entry »

Lean Manufacturing – New Journey for Risk Managers

2014-01-15 / Uncategorized / No Comment

Diagram Should risk managers delve into Lean Manufacturing, or similar methods, at all? One of the key themes in this blog is the necessity for risk managers to expand their view and gain a seat at the planning table. It is only natural, after implementing risk assessment methods, to feel that one might add value by seeking better productivity.

There is a broader agenda here. The very survival of manufacturing and service industries is continually challenged, and the opportunities for gains are immense, both in administrative and industrial processes.

Planning and Innovation – Small-Medium Sized Enterprise

I am Planning and Innovation Lead for a small-medium sized enterprise in specialty metals manufacturing. Read the rest of this entry »

The Changing Role of the Risk Manager

2013-07-26 / Uncategorized / No Comment

In the RIMS 2012 report “The Evolving Role of the Risk Professional”, recommendations included that risk managers view risk in a new way that “builds internal alliances, and enhances the strategic decision-making capability”; this in turn would require “specialized communication and technical skills”. According to a Deloitte study, however, risk professionals are still perceived as working in silos, using limited skill sets. This post examines the risk manager’s required competencies.

The Definition of Risk
The definitions of risk given in the standards (e.g., ISO, COSO, AS/NZ) give the basis of my argument. They connect risk with organizational goals and objectives. These definitions imply the expansion of risk management beyond the conventional scope of corporate finance/audit and commercial insurance. New aspects of the risk management function — 6 specific roles — are discussed next. Read the rest of this entry »

« Older Entries

Recent Posts
ebook | print

FORTHCOMING

Solving the
Enterprise Risk
Management Puzzle:
Secrets to
Successful
Implementation

Enterprise Risk
Management
Tools and Templates

Available via Amazon:
PRINT or eBOOK
Kindle - configured for
reader, iPhone; iPad.
Risk Management – On Site Workshops

Canadian Enterprise Risk Management certification CRM-E and supporting workshop: "Enterprise Risk Management - Developing and Implementing"
Risk Management Online Training

Full courses: RIMS Fellow accreditation
High Quality Risk Assessment
Managing IT Risk/Cyber Threats
Risk Manager as Innovator
Categories
Categories
Archives
Archives
About

Edward Robertson - mechanical designer; planning and innovation lead; risk management consultant; instructor for Risk & Insurance Management Society (RIMS). Former Senior Manager, ERM, British Columbia Provincial Government (2002-08)
Bio and Contact info: ERTechnical.com

Recent Posts

ebook | print

Risk Management – On Site Workshops

Risk Management Online Training

Categories

Archives

About