Category Archives: Enterprise Risk Management

Immediate Vault Immediate Access

RIMS Risk Forum India 2021: Building Resilience As COVID, Cyberrisk Top Business Risks

Posted on by

An increasingly key theme year over year, resilience is at the root of the latest Excellence in Risk Management India report from Marsh and RIMS—and the RIMS Risk Forum India 2021 virtual event, where the report was officially released today. In the second year of the COVID-19 pandemic, risk professionals in India reported acute short- and long-term concerns about the interconnected risks of COVID-19 cases, global economic recession, and surging cyberrisks amid shifts in work arrangements.

In addition to the death of more than 5 million people in India, the pandemic has taken a considerable economic toll on the region. “According to the Organization for Economic Co-operation and Development (OECD), India’s economy contracted by close to 8% in 2020, while the world’s economy contracted by 3.5%,” the report noted. “Despite the OECD’s projections for economic expansion—both in India and globally—in 2021 and 2022, the potential for a prolonged global recession remains a concern for organizations in India.

buy fildena online orthomich.com/img/blog/jpg/fildena.html no prescription pharmacy

Previously one of the top risks for India-based risk professionals before COVID-19, cyberrisk has also increased significantly with the pandemic and the shift to remote work. “The shift to a remote workforce necessitated by sweeping lockdowns to stem the spread of the pandemic is widely seen as having increased cyberrisk,” Marsh and RIMS noted. “The Indian Computer Emergency Response Team (CERT-In) data indicated that cyberattacks in India rose by 300% in 2020, according to news reports. And cyber risk remained elevated in 2021, with more than 600,000 cybersecurity incidents reported in the first six months of the year alone, according to CERT.”

The continuing pandemic, resulting fallout, and ever-growing cyberrisk have presented the biggest risks for organizations in India in 2021, and the survey indicates that local risk professionals expect these to dominate the agenda for businesses in the year to come.

Despite the considerable concern, few respondents said their company is fully prepared for the continued fallout from COVID-19 or future pandemics. Asked to rate their organization’s preparedness from 1 to 5 (not prepared to fully prepared, respectively), the majority of India-based risk professionals ranked their organization a 3, and only 10% said they are fully prepared. While cyberrisk has been a top threat for longer, preparation is not much better for the threat—only a quarter of Indian companies said they are fully prepared for a cyberattack. This is particularly concerning as “some extent of remote work is expected to remain, leading to concerns of increased cyberattacks due to unsecured home networks,” Marsh said in a press release.

According to the report, this underscores the imperative to develop robust risk management strategies for both current and emerging risks and to focus on building resilience. Marsh identified four “common behaviors among companies that are on the path to becoming more resilient”: anticipating risk, connecting risk management to business strategy, avoiding gaps in the perception of preparedness, and measuring relevant data. Marsh and RIMS explained these further, defining key pillars that have set successful businesses apart, and potentially also offering considerations for other organizations to develop more mature risk management programs:

  • Anticipation: Resilient companies expect the unexpected. They have crisis management plans in place, but they also dig deeper, look farther ahead. Consider that during the pandemic even organizations with thorough business continuity plans struggled. Why? Many of them didn’t fully anticipate the widespread, long-lasting damage a pandemic could create.
  • Integration: Another key behavior among resilient organizations is to fully integrate risk management with operations and strategy. Doing so increases the ability to develop effective responses. Most organizations do not connect resilience planning with their long-term investment strategy. Those that do make the connection are on the path to better mitigating financial exposure, reputational damage, business interruption, and other losses.
    buy solosec online orthomich.com/img/blog/jpg/solosec.html no prescription pharmacy


  • Preparedness: On the journey to resilience, it’s important to develop an accurate perception of an organization’s preparedness. A false sense of security can halt an organization in its tracks. Companies often overestimate how quickly and effectively they will be able to respond to and recover from a given risk.
    buy antabuse online orthomich.com/img/blog/jpg/antabuse.html no prescription pharmacy

  • Measurement: There is no shortage of data and analytics in today’s business environment. But consistently applying metrics can be a stumbling block. Many companies fail to conduct a high rate of modeling and forecasting even on risks they see as important. And among the companies that do so, most only model in select areas.

Marsh and RIMS recommended that organizations in India focus on resilience heading into 2022 and beyond. “Resilience means being able to absorb the impact from a range of emerging risks and depends in large part on having robust risk management strategies in place,” the report explained. “This includes anticipating risk, connecting risk management to business strategy, ensuring your organization’s perception of preparedness doesn’t lead to a false sense of security, and measuring relevant data.”

Respondents largely indicated that their organization planned to increase investment in risk management, with 55% saying they expect increased resources, 27% expecting investment to stay the same, and only 4% expecting a decrease. This could be a critical differentiator in navigating COVID-19 recovery and other emerging risks in 2022. Indeed, 42% cited budget at the most critical barrier to understanding the impact of emerging risks on risk management.

Among the takeaways from the report, Marsh and RIMS urged organizations to invest in preparedness. “Look beyond pandemic as you develop a risk management strategy that is prepared to respond to any number of emerging risks,” the report said. “For example, shifting work patterns have intensified an already escalating cyber risk landscape that calls for a range of responses, from scenario planning to financial quantification.”

In addition to a panel on the Excellence in Risk Management India report, the RIMS Risk Forum India 2021 virtual event includes a number of sessions that address resilience challenges and opportunities for risk professionals in India. The program includes keynote addresses by Ajay Srinivasan, chief executive officer at Aditya Birla Capital Limited (ABCL), and Dr. Soumya Kanti Ghosh, group chief economic advisor at the State Bank of India, as well as education sessions like “Cyber Risk Management: A Priority for a Resilient Economy,” “Climate Risk and Your Path to Resilience,” “What COVID-19 Has Taught Us About ESG Risks and Why Risk Management Needs to Change,” and “Breaking the Chain: How Understanding Business Interruption Exposures Can Mean Supply Chain Resilience.”

The RIMS Risk Forum India 2021 virtual event continues tomorrow, December 4, and sessions will also be available for on-demand viewing for the next 60 days. Registration can be found here: https://www.rims.org/events/rf/india-forum-2021

RIMS ERM Conference 2021: IRS Receives Global Enterprise Risk Management Award of Distinction

Posted on by

On Friday, RIMS President Ellen Dunkin presented the Internal Revenue Service (IRS) with the 2021 Global Enterprise Risk Management Award of Distinction at the Society’s ERM Conference in New York City. The honor recognized the IRS’s outstanding achievements that allow it to anticipate emerging risks and establish the appropriate culture, processes and structures to strengthen strategic decision-making. 

Navigating the impacts of an extended government shutdown, sweeping tax reforms, operational disruption due to the COVID-19 pandemic and providing essential financial relief to thousands of businesses and individuals across the United States, the IRS ERM program helped the agency to remain resilient and effectively manage a multitude of dynamic challenges.

“Through the ERM program’s focus on embedding risk management capabilities into the existing structures and operations, the agency has become more risk aware,” said Jeffrey Tribiano, the IRS’s deputy commissioner for operations support. “There is also greater collaboration across the enterprise to address significant risks that require efforts from multiple business units. By effectively highlighting the enterprise-wide effects of risks, and by capturing risks on the enterprise risk profile, ERM has helped garner agency-wide attention and support for measures to help address the risks. Since IRS established its ERM program in 2014, it has played a critical role in helping the agency to better understand and respond to risk, thus making the organization more resilient and better able to serve the American people.” 

This year, RIMS honored three other organizations for their exceptional accomplishments developing, implementing and maturing ERM within their organizations. Honorees included:

  • 2021 RIMS Global ERM Award of Distinction Honorable Mention: Dallas Fort Worth International Airport
  • 2021 RIMS ERM Award of Distinction–U.S. Honoree: Eversource Energy
  • 2021 RIMS ERM Award of Distinction–International Honoree: EuroChem

“Enterprise risk management continues to deliver exceptional value to organizations, allowing them to successfully address emerging risks while also identifying and leveraging opportunities that might not have otherwise been apparent,” Dunkin said. “Risk professionals get better—and deliver better results—by learning from each other. We are so grateful to the IRS and all of honorees for sharing their ERM journeys with the RIMS community and doing their part to advance this rewarding profession.” 

Judging criteria for the Global ERM Award of Distinction include measurable, tangible and sustainable results; unique program strengths; ERM innovation that links risk with strategy or performance; and the program’s ability to build sustaining risk management capabilities. The panel comprises members of RIMS Strategic and Enterprise Risk Management Council.

RIMS ERM Conference 2021 was held November 11-12 in New York City and virtually. The program themed “ERM in an ESG World” focused on the growing risks stemming from environmental, social and governance challenges.

RIMS ERM Conference 2021: Lloyd’s Chairman on the Vital Role of Risk Management in Fighting Climate Change

Posted on by

With climate change quickly becoming one of the most important issues facing the world, Lloyd’s Chairman Bruce Carnegie-Brown stressed the importance of ESG initiatives to address the threat, as well as the vital role of risk managers, in today’s keynote address at the RIMS ERM Conference 2021 in New York City.

As evidenced by the increasing number of weather and climate-related natural disasters in recent years, the stakes couldn’t be higher for organizations and communities around the world, according to Carnegie-Brown. “Disruption, poorly managed, could destabilize our economy,” he said.

buy vidalista online sinusys.com/email/img/jpg/vidalista.html no prescription pharmacy

“Delay could destroy our ecosystem.”

Failing to take action on the climate change threat is not a sustainable strategy and will only exacerbate the damage in the future, Carnegie-Brown warned. In the face of these threats, risk managers have an important role to play in helping their organizations embrace ESG and become more resilient. “A business’s risk operations are an essential component of building ESG into the organization—often they are the driving force.

buy ciprodex online sinusys.com/email/img/jpg/ciprodex.html no prescription pharmacy

” he said. “Executives rely on their insight to power their decisions and navigate the pitfalls of new challenges. Like insurance, it enables braver decisions and more courageous action. Communicated effectively, that insight can establish a permanent place at the table for risk management.”

To be most effective, Carnegie-Brown suggested that risk managers play close attention to how they are perceived and how they interact with the rest of the organization. “If risk managers are perceived as being reactive, we need to make sure we are on the front-foot in understanding and assessing these emerging issues,” he said. “If we’re perceived as operating in the shadows, we need to be transparent in our methodology and in our motives. And if we’re perceived as obstructive, we should consider a flexible approach that allows our organizations to act innovatively and with an awareness of the potential risk.”

While it represents a daunting challenge, Carnegie-Brown saw an opportunity for risk managers to demonstrate their value by taking on the difficult task of developing organization-wide plans to address climate change. “Those plans must account for the multifaceted nature of environmental risk, they must employ the best of our skills and technologies to communicate the risk to our stakeholders, and they must be built to facilitate and orderly and urgent transition,” he said.

buy spiriva online sinusys.com/email/img/jpg/spiriva.html no prescription pharmacy

“Achieving this will allow us to carve out a pioneering role for risk management in the fight against climate change, while helping our organizations to become more inviting to investors, more attractive to prospective employees, and more likely to last sustainably in the decades to come.”

RIMS ERM Conference 2021: A Case-Study Approach to “Solve Any DEI Issue in One Hour”

Posted on by

At today’s RIMS ERM Conference 2021, a hybrid event with in-person experiences in New York City and virtual content online, many of the presenters focused on the intersection of ERM (enterprise risk management) with other mission-critical three-letter topics, including ESG (environmental, social and governance) and DEI (diversity, equity and inclusion).

In one of the afternoon’s sessions, “Identify and Solve Any Organizational DEI Issue In One Hour,” presenter Layne Kertamus, professional in residence of risk management and insurance at Utah Valley University, explored “new ways to talk about what needs to be said, and what needs to be listened to.”

“Most organizations that I’m aware of have moved past the idea that they have to do something on [DEI] issues for our stakeholders—it has moved on to ‘We cannot afford to not have some real results in these arenas’ and that should be motivation enough, if we needed any motivation,” Kertamus said. “The issue will not go away and it will evolve. Hopefully we can find a way to make this not just a prompt for change, but a real asset.”

Kertamus noted the particular challenges of the “frozen middle” in implementing meaningful DEI initiatives. Middle management feels pressure from both above and below to take DEI action, and “may react to hearing these goals with concern or dread—for example, thinking ‘My status and opportunities may now be more limited than they were before.’”

With the “why” and other background largely established, Kertamus focused the session on one approach to the “how” of DEI-related change. While many DEI discussions start with general open forums and reminders about being respectful and open, he noted that some of these approaches may lead to inauthentic or surface-level outcomes. To really get into an authentic plan that gains acceptance, Kertamus said, “sometimes we need to create environments where we can talk the way we need to talk.”

He proposed that organizations adopt a case study method to facilitate some of these discussions, outlining the “one hour” from his session’s title:

  • With this method, a “case presenter” brings their concern, challenge or passion to present a large-scale DEI-related issue in the workplace that impacts other stakeholders. A facilitator should be selected and need not be an expert, but must bring an open mind and a willingness to enforce time limits. A group of “peer consultants” is then gathered from across the company, perhaps at different levels or in different departments.
    online pharmacy lexapro with best prices today in the USA

  • First, the group listens to a five minute presentation from the case presenter, and then spends 10 minutes asking fact-based questions directed through the facilitator.
    online pharmacy flomax with best prices today in the USA

    It is critical that the questions are directed and perhaps even pointed, but be focused on facts and not opinions or defenses.
    online pharmacy cozaar with best prices today in the USA

  • The largest segment of the process is a group diagnostic session, spending 20 minutes examining what, if anything, the presenter may have left out, may have ignored as a result of their own lived experience, or other gaps in the issue. It is critical not to jump to solutions in this phase—you may get “answers,” but the purpose here is true diagnosis.
  • The next 10 minutes should be spent on group action brainstorming, brainstorming solutions for the presenter, embracing all perspectives and bringing personal experience, values, and insight to the table. “Be willing to give the presenter bad news, if necessary,” Kertamus urged. For example, you may need to acknowledge that there is no solution, or that they missed a strategic opportunity along the way. The presenter should remain quiet and listen during this step.
  • Next, the presenter gets 10 minutes to respond to the discussion, speaking candidly and asking questions after listening to the group’s brainstorming session. “This can be a defensive time, they may feel beat up, but it can also be an opportunity for real connection, understanding, and for making agreements and commitments moving forward,” he said.
  • If agreements are made, one question is critical before adjourning: “When will you move forward using action steps recommended today?” This can be a critical moment in advancing concrete plans and changes in attitude or approach to DEI in the workplace.

While this approach can be used with a wide range of issues as the focus “case,” Kertamus noted it is particularly useful with “problems where someone cannot just use their authority to impose a change or solution,” for example, a leader who has tried to implement changes and build equity and inclusion as values in a department but keeps meeting resistance. “This is really for instances where you accept the mission of the organization and want to make it real or palpable, but cannot just impose it, you need to open other dialogues,” he said.

If you are not attending the RIMS ERM Conference 2021 live this week, “Identify and Solve Any Organizational DEI Issue In One Hour” and other sessions from the event will be available to stream online during the event or later on-demand.