Enterprise Risk Management, (or ERM for short), has shot into prominence in recent years and is now considered to be an essential element in the governance framework of organisations, both small and large, across both private and public sectors, including for-profit and not-for-profit organisations.
As such, understanding core ERM principles is also becoming an essential skill set for executive managers and company directors, irrespective of organisational size or industry type.
So What Is Enterprise Risk Management?
In very simple terms ERM is a methodology that assists managers to predict future events, which may impact (positively or negatively) on their business activities across their enterprise, and allows them to take appropriate actions to address the impact of these events.
If you have a moment, re-read the preceding paragraph and think about it for another second or two.
If all managers could in fact effectively predict future events, and prepare their organisations for the impact of these events, the prospects of an organisation actually achieving its desired strategic goals and objectives would increase exponentially.
That is why organisations that are effectively practicing ERM are gaining significant competitive advantages, and the executives behind these ERM programs are finding themselves in increasing demand.
Sounds good! If We Practice ERM What Benefits Can We Expect to Gain?
Organisations that embrace Enterprise Risk Management and effectively implement an integrated ERM Program, can expect to experience some, (if not all), of the following benefits:
- Significant increase in the likelihood of achieving strategic goals and objectives;
- Avoidance of “fire fighting” as reactive management giving way to proactive decision making;
- Enhanced ability to identify and manage future threats and opportunities;
- Enhanced ability to comply with legal and regulatory obligations;
- Avoidance of adverse risk events, or at least minimisation of the impact if these events are to occur;
- Establishment of a reliable basis for decision making and planning as key non-financial information becomes readily accessible by management and directors alike;
- Improvement of operational effectiveness, business processes and controls;
- The ability to allocate internal resources more effectively;
- Minimisation of business complexity and optimisation of transparency;
- Enhanced reputation management;
- Increased profitability; and
- Increased shareholder/stakeholder value.
Is This Another Fad Or is ERM Here to Stay?
For anyone who has been exposed to concepts such as Total Quality Management, Process Re-Engineering, etc this question is more than reasonable. Surely this is just another fad that will go the way of the yo-yo?
Well….uh … no. That is not going to happen. The reason is, that unlike other management methodologies, ERM (or at least risk management) has been picked up by law makers and, for most organisations, managing risks is now a key legal and regulatory compliance obligation.
The interesting thing is that whilst this risk management trend started with Australian Financial Services Licensees (AFSL) and Australian Securities Exchange (ASX) listed entities, shortly followed by reporting entities under the AML/CTF (Anti-Money Laundering and Counter Terrorism Financing) legislation and the National Credit Laws, it has now spread rapidly through the public sector and the not-for-profit sector. And don’t forget that risk management is at the very heart of Australia’s new Work Health & Safety laws, which means that in practical terms there are very few organisations in Australia that are not currently being touched by the risk management bug in some way.
Unlike traditional risk management approaches, which tend to have been managed through silos (e.g. safety, finance, insurable risk) ERM draws together risks across the whole of an enterprise, allowing directors and officers to make decisions based on the highest quality financial and non-financial information.
What Can CompliSpace Do To Help?
CompliSpace is one of Australia’s thought leaders in Enterprise Risk Management with our senior management team having a combined 25 years experience working with a diverse range of organisations to design and implement enterprise risk management programs. We worked out long ago that when it comes to risk management, “excel spreadsheets” don’t work. To get the true benefits from an ERM system, organisations have to adopt a methodical approach to design and implementation and adopt appropriate technologies where appropriate.
Over the past few years we have published numerous blogs addressing risk management issues and have set up a section on our blog dedicated to this topic. For those of you just starting out in the ERM space, we would love to hear from you. Drop us a comment about issues you are experiencing and we will prioritise these in our future blogs. Remember in ERM there is no such thing as a stupid question.