enterprise risk management
103
financial benefits associated with the implementation of an enterprise risk management 
initiative. The embedding of ERM in the organization is achieved by leadership,
involvement, learning, accountability and communication (LILAC). Developments 
in the practice of operational risk management are probably leading the way in the 
measurement of the total risk exposure of an organization.
Whilst considering the continued development of enterprise risk management, it 
is also worth commenting on the strong emergence of resilience as an organizational 
requirement for the 2010s. The ISO 22300 series of standards will cover business 
continuity, crisis management and broader requirements concerned with the resilience 
of society, in general, and organizations, in particular. ISO 22301 on business con-
tinuity is discussed in Chapter 18 and the importance of the other standards in the 
ISO 22300 series is considered in Chapter 9.
In summary, the discipline of enterprise risk management has become established 
and is here to stay, but it has to be able to demonstrate significant and measurable 
financial benefits. These financial benefits need to be demonstrated in the form
of increased profit in private-sector organizations and in the form of the enhanced 
efficiency and/or value-for-money delivery of services in the public sector. The box 
below suggests the keys to success in ERM.
Risk managers have the responsibility of selling the value added by risk management to the 
organization and its stakeholders, but this is not an easy task. How do risk managers sell
the value they are generating when that value may only be realized when unforeseen events 
occur, or if the new control systems are successful, when the risk never occurs?
Risk managers need to remember that the actual implementation of an ERM programme 
generates value in itself. Often risk managers are so focused on successfully managing the 
programme that they do not have the time to clearly communicate this value to the organization. 
The greatest value coming from the development of a corporate risk management programme 
into an ERM system is the development of physical, financial and cultural resilience in the overall 
business, while still focusing on achieving overall business objectives.
Risk managers can be their own worst enemies as one of the key elements of a successful 
practitioner is a passion to successfully tailor, implement and maintain an ERM programme. 
Correspondingly, this passion is a weakness as the practitioner needs to remember that others do 
not always share that passion.
One of the major challenges ERM programmes face is the development of an ‘ivory tower’ 
mentality. In this scenario, all risk knowledge and activities are based in one department.
Risk managers need to devise a system that encourages the migration of risk management 
methodologies and tools out into the organization. There is also a balancing act required. 
Practitioners must not force the use of risk management processes on operational areas where 
there is little value. It is critical to the success of an ERM programme that it has a system that is 
flexible enough to work with the organization to capture and manage the critical risks 
successfully without adding unnecessary work on managing lower level risks.
successful implementation of erM

09

Download 3.45 Mb.

Do'stlaringiz bilan baham: