At this point in our podcast series we have deconstructed some of the misconceptions in the field; we reiterated the persisting and obvious need for Enterprise Risk Management; and we introduced viable definitions for both ERM and what I take to be its core process, High Quality Risk Assessment. You probably feel how my working methods trace a fairly tight logic.
Let’s continue that train of thought by considering now the step in High Quality Risk Assessment called Establish the Context.
What do the standards mean by “Establish the Context”? For ERM itself? or for a particular risk assessment?
What is the true significance of “Establish the Context” in an effective ERM program?
Hands-down, the best preparation for risk assessment is: write what I call a Context Paper.
If you compare your results to that of firms that simply use an informal approach, you will find that looking after your planning regime and preparing a context paper will move you light years ahead in conducting risk management.
Summary: What did we cover today?
The true meaning and purpose of Establish the Context.
The headings in what I call the Context Paper, used to prep a risk ID session:
1. Title of the plan under scrutiny
2. Goals and objectives of that plan
3. Corporate values
4. Risk categories
5. Stakeholder analysis
6. Procedural and due diligence points
Process in preparing the context paper.
“Do not introduce as risk things into the risk ID session which should, properly speaking, simply be trends and conditions that are already known -- that should have been taken into account in the formulation and design of the plans themselves.”
E. Robertson Solving the Enterprise Risk Management Puzzle: Secrets to Successful Implementation (2016)
The discussion on Establish begins in Chapter 2.2.
Final Episode: The C-Suite Considers ERMWhat are likely the key questions of senior executive in considering the adoptio
Opportunity and InnovationWhat is the “upside” of risk? Does ERM manage opportunity meaningfully? The whol
Due Diligence, Risk ID for Major ProjectsDue diligence is not the same as risk assessment, but they are complementary. Le
Is Financial Risk Management Equivalent to ERM?Enterprise Risk Management, for some, consists solely of Financial Risk Manageme