TRADITIONAL APPROACHES

Traditionally, the ERM process involves qualitative risk assessment and documentation. The following lists the standard approach and traditional ERM process, which of course, can be modified and adapted to fit the organization under analysis. Throughout the rest of the chapter, we will revisit some of these steps to incorporate Integrated Risk Management (IRM)® methods and overlay quantitative risk management techniques onto the process.

  • Establish senior management buy-in and risk-management culture.
  • Seek the board of directors’ and senior management’s involvement and oversight to discuss a risk-management framework and its benefits and to obtain agreement on high-level objectives and expectations with resources and target dates regarding risk management in line with the organization’s strategic plan.
  • Review existing ERM practices in the organization and identify the areas for improvement.
  • Facilitate initial training and working sessions to ensure buy-in and establish a risk-management culture with key personnel involved with ERM implementation.
  • Conduct working group discussions with stakeholders and key personnel to identify sources of risks.
  • Provide input for implementation in the strategic business planning process.
  • Coordinate the development, implementation, and monitoring of identified risk metrics.
  • Document risk inventories and mitigations within Risk Registers in the organization.
  • Develop risk dashboards for presentation to senior decisionmakers and the board of directors.
  • Assess exposure to the risk, assess the adequacy of existing risk mitigation or monitoring, and identify opportunities to enhance mitigation or monitoring activities, then suggest and build best practices for enhanced risk-adjusted returns.
  • Create reports that effectively and concisely supply the business intelligence based on risk measures that management needs to make cost-effective financial decisions.
  • Put in place a reporting process for management and the board.
  • Establish a management working group to support the resources identified and drive the risk-management effort across the organization.

 

error: Content is protected !!