The recent Enterprise Risk Management (ERM) Workshop held by North Carolina State University was chock full of valuable information. It was attended by seasoned risk and audit professionals all looking for ways to improve the effectiveness of their own ERM programs.
The common conclusion was that aligning ERM with strategic planning is critical to afford an organization’s senior leadership the opportunity to factor ERM into decision making. It is easy to compartmentalize risks into neat little categories or silos, but our discussions underscored the need for an organization to visualize how a risk can impact multiple silos and how that interdependency will impact the organization. ERM and the strategic planning process in a company must be aligned – and the general consensus was that the ERM champion in an organization should participate in (or at least attend) the strategic planning meetings.
How the ERM function communicates material risks to the board was also a well discussed topic. In the research material provided by NC State, slightly more than 50 percent of the companies surveyed communicated between one and five risks to their board, with the percentage dropping sharply to 20.1 percent for five to nine risks. This puts added pressure on the ERM staff person to have a meaningful framework and vet the results of the ERM efforts carefully so that senior leadership can communicate only the more material issues to the board.
Many companies are responding to the pressure to avoid business surprises by establishing a board-level risk committee, or are expanding the focus of the audit committee. This trend further supports the view by boards that the identification and management of risks that can hinder an organization from reaching its strategic goals is a critical maturity point in the ERM process.
Overall, the conference was very useful and informative. We heard from two speakers about the framework they use and real-life challenges they have had. The speakers also were very candid about the value their program brings to their organization and that it was not an overnight process. Many times during the conference the concept of continuous improvement and learning was emphasized.
As you know, I am very supportive of any organization that decides to embrace ERM. It will add value and a new dimension of information to support thoughtful decision making. If supported by management it will also play a meaningful role in the strategic planning process and help senior leadership communicate the materials risks of the company and how they are being addressed to their board and stakeholders.
About the Author
Albert Sica is the Managing Principal with The ALS Group. You can read more about Al or contact him here.
Click here to request more information about The ALS Group or developing an enterprise risk management program.