Immediate Vault Immediate Access

2012 RIMS Canada Conference: A Photo Essay

The 2012 RIMS Canada Conference in Saskatoon was a resounding success. But instead of telling you how much fun it was, I’d like to show you.

online pharmacy cytotec with best prices today in the USA

Here it is, the conference highlights in photo (and even a bit of video) form:

RIMS President Deborah Luthi speaks with a 2012 RIMS Canada attendee during the opening ceremony in Saskatoon, Saskatchewan Province.

Guests enjoying the opening reception.

RIMS Executive Director Mary Roth and one of the conference’s “referees.

online pharmacy keflex with best prices today in the USA

 

Games and prizes at the opening reception.

Saskatoon’s very own beer was on hand during the opening reception.

Can you spot Craig Rowe from ClearRisk?

RIMS board member Robert Cartwright with guests at the conference’s opening reception.

Performers at the conference tailgate party.

online pharmacy zofran with best prices today in the USA

Click here to see Nowell Seaman perform with the band.

Canada’s best cover band performing Madonna’s “Holiday.”

Important members of the conference at the grand finale — the 2012 RIMS Canada Conference’s tailgate party.

Until next year in beautiful Victoria, British Columbia.

The Key to an Effective ERM Program

What is the key to an effective ERM program?

Culture.

That’s according to Diana Del Bel Beluz of Risk Wise, Inc. Her session at the 2012 RIMS Canada Conference focused on the culture of an organization and how it can make or break a company’s ERM program.

“What is enterprise risk?” she asked. “Events or circumstances that could influence either the organization’s ability to achieve its mission or strategic objectives or its reputation, strength and viability.”

The purpose of risk management:

  • Establish strategic context
  • Monitor and review risks
  • Respond to risks
  • Identify risks
  • Assess and prioritize risks

“We do these things to communicate and align to risk appetite,” said Del Bel Belluz.

She stressed that corporate culture is the actions of leaders — observable artifacts, shared values and tacit assumptions.

online pharmacy vidalista with best prices today in the USA

It is this culture, she says, that is the number one ingredient for effective risk management

But what is risk management? “The culture, processes and structures that are directed towards realizing potential opportunities whilst managing adverse effects,” said Del Bel Belluz.

To her, the traits of a healthy risk culture are:

  • Accountability — “It’s not about blaming, it’s about understanding why it went right or why it went wrong.”
  • Open and inquiring
  • Performance oriented
  • Prepared and ready
  • Collaborative
  • Vigilant
  • Innovative
  • Adaptable and resilient

“To implement sustainable risk management you need to create a plan, have a strategy, create buy-in and have implementation — leadership, communication, for example, educating, listening, coaching,” she stressed.

There are three sources of resistance, however. They are:

  • Rational 20% — the business case (costs, benefits)
  • Emotional 60% — self-interest, fear, comfort, attachment
  • Political 20% — shift in power structure

Del Bel Belluz then breaks down the categories of resistance:

Rational resistance

  • Establish urgency
  • Form guiding coalition
  • Create vision
  • Communicate vision
  • Empower employees to act
  • Generate short term wins
  • Consolidate gains and produce more change
  • Anchor new approaches

Emotional resistance

“You have to revert down to the bottom of the hierarchy when dealing with emotional resistance,” said Del Bel Belluz.

Political resistance

To best explain political resistance, Del Bel Belluz referred to a famous quote from Niccoló Machiavelli, which states:

There is nothing more difficult to execute, nor more dubious of success, nor more dangerous to administer than to introduce a new system of things: for he who introduces it has all those who profit from the old system as his enemies, and he has only lukewarm allies in all those who might profit from the new system.

Whether you fully agree with Del Bel Belluz or not, one thing is certain — culture most definitely plays a part in establishing an effective enterprise risk management program. How much of part depends on the company. But those who feel culture is insignificant to ERM may find, sooner or later, that their program is deeply flawed.

The Evolving Role of the Risk Professional: A Panel Discussion at the 2012 RIMS Canada Conference

The role of the risk manager is in a state of continuous flux, with responsibilities for risk managers being added as modern risks are revealed. At the 2012 RIMS Canada Conference, a panel of some of the finest minds in the discipline gathered to discuss this issue in a panel discussion titled, “Are We There Yet? The Evolving Role of the Risk Management Professional.”

The panel included:

  • Robert Cartwright, loss prevention manager for Bridgestone Retail Operations, LLC
  • Nancy Chambers, director of risk management and insurance for NRES, Bentall Kennedy LP
  • Dan Kugler, assistant treasurer risk management for Snap-On Inc.
  • Deborah Luthi, RIMS president and enterprise risk manager for the San Francisco Public Utilities Commission

The following are each speakers thoughts on the matter:

Robert Cartwright: “Risk management has changed from the traditional buying of insurance,” said Cartwright. “We have a multi-generational focus today.”

The different approaches to risk management, as stated in the Marsh Excellence in Risk Management study:

  • Traditional — you have your job and I have my job, focused on transferring, not linked to corporate strategy
  • Integrated/advanced — focuses on mission statements and you’ll get the attention of the c-suite
  • ERM — enterprise means everybody, no longer a silted approach. everyone in the org has a risk. develop 3-5 ear plan and now we have a rm program.

The current, inter-generational workforce

  • For the first time, we have five generations in the workforce
  • There is a shift in management philosophies
  • Lack of historical/knowledge transfer, “That’s the biggest problem that we have,” said Cartwright. “There is historical knowledge that needs to be passed on to the next group. Without historical knowledge, your company is doomed to fail and repeat mistakes.”
  • Communication gaps — the issue of how we say things
  • Technical abilities drive work ethic
  • Motivation through generations

Social media guidelines:

  • Major news source — “You don’t have to wait for the newspaper to come out anymore,” said Cartwright. “You can go to Twitter.”
  • Generational usage differs — “How many people use Facebook for investigating their employees on workers comp,” Cartwright asked. “We do. Facebook is a public entity. There is no governance. We have to find a way to govern it but most companies don’t even have a social media policy.”
  • Lack of workplace guidelines creates confusion
  • Insurances to protect employers
  • Use in hiring practices

Nancy Chambers: What is your place within the organization?

  • Clearly defining and establishing your role, “You really have to look at the expectations of your senior management, then look at what value you are providing to the organization.”
  • Identifying and responding to expectations
  • Demonstrating value to the bottom line of the organization

What’s on the Horizon?

“There is an increased focus on data,” said Chambers. But there are things to consider regarding data, including:

  • Must be comprehensive and credible
  • Senior management must make informed decisions
  • Insurers desire a well-risk-managed account (ERM)

The changing risk landscape:

  • Reputational — “We have a reputational risk because our major resource is our people,” said Chambers. “For us reputational risk is huge.”
  • Cat loss categorization — “Used to be only earthquakes. Now they’re looking at windstorms, flood plains and hail storms.”
  • Regulatory change — “Especially in the areas of environmental.”

“Make the most of your opportunities,” said Chambers. “Be aware and make the most of your message. Be visible, be valuable, be strategic.”

Dan Kugler voiced his support for an idea that may be new to many: entreprenuerial risk management, or ERMe.

“There is an evolving risk professional,” Kugler said. “I  wasn’t going to talk about this but I think RIMS is looking at how we are going to put everybody into the risk professional tent. One article that I keep in my mind is the 2012 RIMS Benchmark Survey. It asked risk managers where they go to get risk management expertise. It said we go to our brokers, to our insurance carriers, it said we go to outside vendors.

“So start thinking about not only the evolving job you have, but who is a risk professional.”

ERMe is a balance between the traditional concepts of preserve, protect and comply (the downside of risk) with build, expand and exploit (managing the upside of risk).

  • when you’re sitting, looking at whoat you do in your job, become an entrepreneur.
  • preserve, protect and comply + build, expand and exploit = entrepreneurial risk management
  • contented evolution of rm

Kugler then shared an interesting fact about the number of Google searches for “risk management.”

  • 2006 and 2007: 3.2 million
  • 2008 and 2009: 27.3 million
  • 2010: more than 63 million

According to Accenture, 85% of companies said that risk managment has become a driver of competitive advantage for their company. Kugler wrapped up by sharing his favorite quote:

“Failure to exploit an opportunity or competitive advantage can be considered a significant risk.”

Deborah Luthi delved into the top three risks as identified by those at the 2012 RIMS conference in Philadelphia. They are:

  1. Another economic decline or stagnation
  2. Cyber risks
  3. Bridging the talent gap

“A couple of years ago, these wouldn’t be on the list,” Luthi said. “Is there an insurance product out there for numbers one and three? No, there isn’t. We’re all beginning to think about un-insurable risks that our organizations have and we can’t purchase insurance for them.”

She then referenced the “Excellence in Risk Management” survey, listing senior management’s desired changes:

  • Integrating risk management deeper within operations
  • Executing daily risk management activities more efficiently, “This is directly related to data, being able to quantify those risks,” Luthi said.
  • Providing improved analysis and quantification
  • Leading ERM activities — “Oftentimes we are here talking about how many of you are doing risk management, but I think sometimes we wait to be invited to do that. Dan talked about how you need to be looking for those opportunities. We can all be entrepreneurial risk managers by helping our organization understand what risk management is.”

“Are we there yet? I certainly hope not. I hope this is the beginning. I think a name change is in order. ‘Risk manager’ comes with a lot of baggage.”

Are we there yet? According to the panel, if you believe so, you may be in for a rude awakening. Just as business risks continue to evolve, so too must the role of the risk manager.

Hans Lessoe Shares LEGO’s Risk Management Strategy at the 2012 RIMS Canada Conference

The 2012 RIMS Canada Conference in Saskatoon welcomed another exciting keynote speaker to its Monday lineup: respected strategist and risk manager Hans Lessoe from LEGO Systems in Denmark.

Lessoe has accumulated 31 years at LEGO, in positions ranging from supply chain to marketing to, now, risk manager.

“You can become a strategic risk manager from any point in the company,” Lessoe said. “The important thing is that you understand what drives the company, and what dynamics are within the company.”

So how did LEGO become one of the greatest champions or the risk management discipline? Here’s a timeline of the process according to Lessoe himself:

  • 2006 — we didn’t know what RM was
  • 2007 — came up with 200 risks, pared that down to 90, presented report to the board of directos, came up with systematic approach to cover strategic risks, made a risk map, made risk management at LEGO a full-time job
  • 2008 — added Monte Carlo simulations and learned that risk management is not about averages. Monte Carlo gave LEGO the risk tolerance we use today
  • 2009 — added a validation of risk controls, we believe we’re in control of our business, we begin doing larger product launches and developing new products
  • 2010 — start to manage risks using AROP software, which automatically provides the required reporting, AROP has improved the way LEGO manages project risk, now we believe we implement strategies well, strategic scenarios were developed based on best practices
  • 2011 — for individual strategies, we use relevant scenarios, identify and prioritize the strategic issues. “We don’t prioritize based on impact,” Lesso said. “We prioritized based on likelihood.”
  • 2012 — we now have a tool for this (complex spreadsheets), we optimize our risk management by using all three processes (Monte Carlo, AROP and Excel).

Now what? Lessoe shared LEGO’s thoughts on risk management going forward:

  • the ERM process is cumbersome and focused on top management
  • go further out/down in the organization
  • each leadership team should own a risk/opportunity portfolio
  • work to solve that issue by combining the strength and simplicity of the AROP tool with the best of ERM
  • the active use of scenarios is still in its infancy
  • we wish to ensure strategic impact
  • we wish to be naturally integrated
  • we wish to be requested sparring partners as we support conscious choices
  • we wish to make risk management a part of what we do

“Strategic risk management is not that complicated,” said Lessoe. “The difficulty is understanding the business and industry. It’s about identifying and assessing and handling and reporting. And then it’s about common sense. The only problem I have with common sense is that it’s by far the least common of the senses. There is a benefit to knowing whether you are taking the right amount of risk. When you’re ready, move upstream in the decision process.

“Do remember that risk management is not about risk aversion. If everything is under control, you’re moving too slow. You need to be able to take chances, but you need to know how many chances you can take. Risk management is a very, very small part of the success we’ve had.”

And success they’ve had. The company continues to grow while the toy industry, globally, is down 5%. LEGO, and Lessoe, are doing something right.