Tag Archives: ERM

Immediate Vault Immediate Access

RIMS ERM Conference 2021: A Case-Study Approach to “Solve Any DEI Issue in One Hour”

Posted on by

At today’s RIMS ERM Conference 2021, a hybrid event with in-person experiences in New York City and virtual content online, many of the presenters focused on the intersection of ERM (enterprise risk management) with other mission-critical three-letter topics, including ESG (environmental, social and governance) and DEI (diversity, equity and inclusion).

In one of the afternoon’s sessions, “Identify and Solve Any Organizational DEI Issue In One Hour,” presenter Layne Kertamus, professional in residence of risk management and insurance at Utah Valley University, explored “new ways to talk about what needs to be said, and what needs to be listened to.”

“Most organizations that I’m aware of have moved past the idea that they have to do something on [DEI] issues for our stakeholders—it has moved on to ‘We cannot afford to not have some real results in these arenas’ and that should be motivation enough, if we needed any motivation,” Kertamus said. “The issue will not go away and it will evolve. Hopefully we can find a way to make this not just a prompt for change, but a real asset.”

Kertamus noted the particular challenges of the “frozen middle” in implementing meaningful DEI initiatives. Middle management feels pressure from both above and below to take DEI action, and “may react to hearing these goals with concern or dread—for example, thinking ‘My status and opportunities may now be more limited than they were before.’”

With the “why” and other background largely established, Kertamus focused the session on one approach to the “how” of DEI-related change. While many DEI discussions start with general open forums and reminders about being respectful and open, he noted that some of these approaches may lead to inauthentic or surface-level outcomes. To really get into an authentic plan that gains acceptance, Kertamus said, “sometimes we need to create environments where we can talk the way we need to talk.”

He proposed that organizations adopt a case study method to facilitate some of these discussions, outlining the “one hour” from his session’s title:

  • With this method, a “case presenter” brings their concern, challenge or passion to present a large-scale DEI-related issue in the workplace that impacts other stakeholders. A facilitator should be selected and need not be an expert, but must bring an open mind and a willingness to enforce time limits. A group of “peer consultants” is then gathered from across the company, perhaps at different levels or in different departments.
    online pharmacy lexapro with best prices today in the USA

  • First, the group listens to a five minute presentation from the case presenter, and then spends 10 minutes asking fact-based questions directed through the facilitator.
    online pharmacy flomax with best prices today in the USA

    It is critical that the questions are directed and perhaps even pointed, but be focused on facts and not opinions or defenses.
    online pharmacy cozaar with best prices today in the USA

  • The largest segment of the process is a group diagnostic session, spending 20 minutes examining what, if anything, the presenter may have left out, may have ignored as a result of their own lived experience, or other gaps in the issue. It is critical not to jump to solutions in this phase—you may get “answers,” but the purpose here is true diagnosis.
  • The next 10 minutes should be spent on group action brainstorming, brainstorming solutions for the presenter, embracing all perspectives and bringing personal experience, values, and insight to the table. “Be willing to give the presenter bad news, if necessary,” Kertamus urged. For example, you may need to acknowledge that there is no solution, or that they missed a strategic opportunity along the way. The presenter should remain quiet and listen during this step.
  • Next, the presenter gets 10 minutes to respond to the discussion, speaking candidly and asking questions after listening to the group’s brainstorming session. “This can be a defensive time, they may feel beat up, but it can also be an opportunity for real connection, understanding, and for making agreements and commitments moving forward,” he said.
  • If agreements are made, one question is critical before adjourning: “When will you move forward using action steps recommended today?” This can be a critical moment in advancing concrete plans and changes in attitude or approach to DEI in the workplace.

While this approach can be used with a wide range of issues as the focus “case,” Kertamus noted it is particularly useful with “problems where someone cannot just use their authority to impose a change or solution,” for example, a leader who has tried to implement changes and build equity and inclusion as values in a department but keeps meeting resistance. “This is really for instances where you accept the mission of the organization and want to make it real or palpable, but cannot just impose it, you need to open other dialogues,” he said.

If you are not attending the RIMS ERM Conference 2021 live this week, “Identify and Solve Any Organizational DEI Issue In One Hour” and other sessions from the event will be available to stream online during the event or later on-demand.

Automating Risk Functions for Greater Value Creation

Posted on by

Despite recent volatility, more than 60% of risk executives surveyed in a recent PwC US Pulse Survey were optimistic about the global economy, as well as the state of the pandemic recovery. This optimism could stem from a greater alignment between risk functions and the business. Fifty percent of risk management executives reported interacting more with the C-suite, and 42% said they interact more with the board level. Nearly half of respondents said that risk functions and capabilities are now embedded in the business operations that are driving transformations.

Risk functions were once considered tactical and reactive, and often seen as a roadblock to business decisions. Infusing risk management into corporate planning allows an organization to think about compliance responsibilities in a proactive and strategic manner—moving risk and regulatory functions from a back-office cost to a competitive advantage. Staying ahead of uncertainties while also bolstering planning with data helps make companies stronger and more resilient.

Many companies spent the last decade overspending on risk management as they attempted to keep up with compliance and regulatory shifts, frequently lagging behind changes in policy. They often invested heavily in new technologies and data collection, but failed to create efficiencies by integrating those systems across largely siloed business functions. The swift onset of the pandemic made many organizations come to terms with the reality that an entire organization didn’t need to be reimagined in order to implement technological transformations, and that there was still a disconnect between many of the piecemeal systems that had been previously put in place.

Now, executives are increasingly seeing the value of risk management as a strategic advantage. It allows companies to grow in areas with less mature risk management functions, like taking on higher risk clients or entering new geographies. More intelligent monitoring also allows for increased efficiencies and reduced compliance costs.

Integrating AI and automation into the investments that have already been made can help streamline the risk management and compliance processes. Many companies still have room for improvement; only 25% of risk professionals said they were implementing new risk management technologies in 2021 and only 19% said it was a priority to integrate risk management tools onto a single platform.

By automating and enhancing risk management functions, organizations can:

  • Strategize for entering new markets. Make more informed decisions about entering a new market by taking into consideration a shifting regulatory environment and increasingly complex supply chains. Taking on high risk customers relies on analytics and transaction monitoring systems in order to identify potential suspicious activity.
  • Increase speed to respond. Automation and technology-led monitoring of policy and negative news helps position companies to respond more quickly to regulatory bodies and head off negative events before they go viral.
  • Allocate costs efficiently. No longer duplicate costs by operating the departments of your business in a siloed fashion. Leverage case management and workflow systems to aggregate control failures or suspicious activity by customer or focal entity, allowing you to evaluate the root cause and apply analysis across multiple control failures.
  • Enter new business partnerships more confidently. Know the risks of a potential business partnership and get deeper insights into the impact a business partner or vendor’s supply chain could have on your business. Vendor risk management and contract analytics technologies can monitor whether business partners are adhering to their terms and conditions.
  • Reduce the impact of new requirements.  Identify the blind spots and shed light on the potential risks within your enterprise system so you can quickly take action early in the process, allowing your organization to avoid fines when implementing new regulatory requirements.

Regulators and other stakeholders are increasingly calling for the organization of risk management functions under one cohesive point of view. By fixing the disconnects and setting a collaborative tone, you give senior executives more cohesive insights and allow them to adopt more extensive views on the organization’s risk profile.

RIMS ERM Conference Preview: Q&A with Keynote Dr. Andrea Bonime-Blanc

Posted on by

This year’s RIMS ERM Conference will be held virtually on November 4 and 5, 2020, promising two days packed with informative sessions featuring global risk leaders. The conference kicks off November 4th with a live keynote delivered by Dr. Andrea Bonime-Blanc, founder of GEC Risk Advisory and the author of Gloom to Boom: How Leaders Transform Risk Into Resilience and Value. She will also answer questions from the audience during a live session on November 5th.

Andrea Bonime-Blanc

Dr. Bonime-Blanc recently appeared on RIMScast to discuss her upcoming keynote; the role technology has played in environmental, social and governance risks (ESG); and what risk practitioners must do to succeed today. Check out some highlights below, and download RIMScast episodes 100 and 101 for a deeper dive with Dr. Bonime-Blanc into topics such as diversity, strategic risk management and ways ERM practitioners can generate and retain value. If you’d like to watch her keynote and join RIMS for the rest of the ERM Conference 2020, registration is now open for all attendees.

How did you first begin using and implementing ERM in your career?

Dr. Andrea Bonime-Blanc: I was the general counsel of a startup within a much larger utility company, and we were the global division that was going all over the world in the mid- to late-1990s and early 2000s looking for electric power generation distribution opportunities. I became the risk manager because…[someone] needed to put the risk hat on. We ended up creating programs, policies, procedures to really perform risk management. Building power plants in the middle of the jungle of Colombia or negotiating a joint venture with a Chinese government corporation running a coal mine in northern China presents a number of risks.

When did you notice how vital it was to “wear the risk hat”? 

AB-B: I’ll give you the example of an environmental, health and safety risk: When I was at PSEG, we went into a lot of different countries, including at least six or seven major Latin American countries that were privatizing their electric assets. There were competitions to acquire those assets in the first place, which created a whole bunch of risks from a standpoint of fraud and government corruption. I supervised the legal teams, and also led audit and finance teams. We had utility folks who understood the environmental, health and safety aspects of the assets we were looking at. There were cross-functional and cross-disciplinary teams that would work with the legal department and the general counsel’s office to figure out the risks involved with acquiring those potential assets. It showed how ERM done properly provides that way of collating and collecting really important, strategic information that is necessary at the highest levels of an organization.

How can diversity—of people and perspective—influence ERM in an organization?

AB-B: ERM is a collaborative process. It requires many different minds. A good ERM program will draw upon the knowledge of other key people and functions within an organization. If it’s a standalone program, it won’t work. Drawing on the knowledge and expertise and experience of your colleagues in different parts of the organization is crucial. Likewise, ESG plus T is all about understanding your non-financial issues as well as the risks that will have a financial impact.

You noted the addition of “T,” which stands for “technology”—why is technology so integral to ERM now, and how does it tie into your keynote?

AB-B: The technology piece has become so overwhelming, so suffusing, so minute-by-minute for us in the world that we live in—whether it’s negative like cyberattacks, or positive things, and there are so many other issues in between. We’re just starting to scratch the surface of both the negative and the positive in these technology issues.

Risk professionals have a role to play in creating the information that reaches the management and the board, and building a risk savvy culture. This includes building ERM that is integrated with the strategy of understanding the ESG+T issues that are part of your business, and how you integrate with crisis management and business continuity, for example. These are all pieces of the resilience model that I will share at the end of the keynote. It is something that risk professionals really need to understand, because it not only liberates you from your silo—if you’re in a silo—but it also demonstrates your value to the rest of the organization.

How to Leverage Risk Management to Influence Positive Business Outcomes

Posted on by

Business strategy and risk management occupy separate spaces in most organizations. Business strategy sits at an enterprise or executive level, but risk management usually functions at a tactical and operational level. A chasm often exists between the two groups, removing important risk-based context from pivotal business decisions.

To bridge the chasm, risk management professionals must demonstrate to business leaders the value of the information they possess for one primary reason: the long-term growth and good of the business. Risk management today, bolstered by advances in technology, contains vital data that can inform executive decision-making to support business strategy, reduce risks and ensure long-term growth. To that end, risk management professionals need to take four steps.

1: Understand Enterprise-level Objectives, Outcomes, and Metrics.

buy xtandi online orthomich.com/img/blog/jpg/xtandi.html no prescription pharmacy

Objectives might include increasing revenue, launching a new product or providing customer support in a timelier fashion. These objectives are strategic in nature and can be broken down into specific business outcomes such as increasing production by a certain percentage or publishing a set number of technology upgrades or enhancements each year. The business outcomes, in their own turn, are tracked and measured using business metrics.
buy lexapro online orthomich.com/img/blog/jpg/lexapro.html no prescription pharmacy

2: Correlate Business Objectives with Risk Management Activities. Risk management professionals can assess how enterprise-level concerns correlate to what risk management is doing on a day-to-day basis. This requires a distinct shift in perspective, since activities such as conducting risk assessments, establishing controls to mitigate the impact of risks and assessing residual risk—while incredibly important for risk managers—do not directly tie into the enterprise’s business objectives and strategies.

3: Establish Leading Key Indicators that Tie to Business Outcomes. Risk management personnel need to establish a leading key risk indicator (KRI) that has a direct relationship with the desired business outcome. Typically, key indicators tend to be lagging in nature, such as tracking the number of cyberattacks that happened over the past quarter. This is useful information, but it is not effective in influencing business metrics or business outcomes. A leading indicator, in contrast, is one which provides advance notice of a situation before a risk event is experienced so that action can be taken to avoid or mitigate the impact of the event.

4: Present Metrics that Support Decision-Making.
Risk management professionals must also present these metrics in such a way that it supports decision-making by the target audience. In particular, risk metrics and key indicator need to be presented in their business context and in a manner that drives action.

buy rotacaps online orthomich.com/img/blog/jpg/rotacaps.html no prescription pharmacy

When a risk metric or key indicator shows that action must be taken to avoid loss or achieve gain, it becomes valuable to business leaders and decision makers.

Driving value related to business strategy requires both time and commitment on the part of risk management professionals. Once that value is proven, target audiences will begin to rely on and request KPIs and KRIs to support decision-making. They will understand the relationships between risk metrics and business outcomes. With this deeper understanding, risk management will no longer be viewed solely as an operational risk mitigation function. It will also be seen as a strategic function that contributes vital intelligence necessary for the long-term growth of the enterprise.