Tag Archives: RIMS Risk Management Maturity Model

Immediate Vault Immediate Access

RIMS ERM Conference 2021: Introducing the New RIMS Maturity Model

Posted on by

This morning at the two-day RIMS ERM Conference 2021, attendees got a “sneak preview” of the new RIMS Risk Maturity Model, presented by Carol Fox, former RIMS vice president of strategic initiatives, and Tom Easthope of Microsoft’s enterprise risk management team. RIMS decided to “reboot” the Risk Maturity Model, Fox said, since the original model was launched in 2006, and the field of risk management had changed quite a bit in the years since, as had the world in general.

Easthope outlined how the new Risk Maturity Model was “designed by practitioners, for practitioners” with input from peers, pundits, academics and critics, to show what success looks like in mature organizations. To achieve this, the new model focuses on how advanced an organization’s risk management capabilities are, not necessarily whether the organization had performed specific actions, as the previous model stressed.

Fox told the audience, which attended in person and tuned in online, that the new Risk Maturity Model was built to “grow as the profession grows,” and outlined its five pillars:

  1. Strategy Alignment: Risk related to strategy can lead to riches or ruin.
  2. Culture and Accountability: Culture and accountability drive action.
  3. Risk Management Capabilities: Risk management capabilities encompass more than proficiencies in a single process.
  4. Risk Governance: Integrated governance leads to performance improvements.
  5. Analytics: Analytics are the engines to inform decision making and influence action.

The model is also customizable for each individual organization’s goals and context. When answering the model’s questions, risk managers will have the opportunity to specify their organization’s target on each metric. Success is then measured along five tiers, with Tier 1 being “No formal capacity in place” and Tier 5 indicating that “Capability exists in a continuous improving cycle, informed by internal/external inputs.” The model will not only give a score, but also provide risk managers next steps to help them advance their programs to the next level.

A presentation slide titled "Differentiating the Five Tiers," outlining the five tiers of the model's potential results.

As more people enter data and use the model, risk managers will be able to compare their own performance against that of other organizations and industries—though the presenters stressed that the data provided will be anonymized to both users and the researchers behind the scenes. Companies will also be able to access reports on different respondents across departments to see how answers differed within the organization.

The presenters extended an invitation to participate in the next phase of testing and to give feedback. The goal, they said, is for the model to reflect the reality of risk management today and to “evolve with the world that we live in.” Beta testing is slated to begin in December and to get involved, interested risk managers can contact the organization through the RIMS app, get in touch with Fox and Easthope via LinkedIn, or email RIMS vice president of strategic initiatives Soraya Wright.

This session and many others from the conference can be viewed on-demand online after the event.

Strong ERM Gives Companies Higher Market Value

Posted on by

A new study, “The Valuation Implications of Enterprise Risk Management Maturity,” released by the Journal of Risk and Insurance, has found that organizations exhibiting mature risk management practices realize a value growth potential of up to 25%.

The survey is the first wholly independent research project that confirms the value connection of mature enterprise risk management practices in organizations.

Using data from the RIMS Risk Maturity Model (RMM) gathered from 2006 to 2011, Mark Farrell, the paper’s author and the actuarial science and risk management program director at Queens University Management School of Belfast (QUMS) and Dr. Ronan Gallagher of the University of Edinburgh Business School, provided evidence through this research that firms that have reached mature levels of enterprise risk management qualities exhibit a higher firm value.

online pharmacy trazodone with best prices today in the USA

 The broad data set encompassed publicly-traded organizations from a variety of industries. Nearly half the data tabulated by the researchers were submitted by RIMS members.

online pharmacy addyi with best prices today in the USA

The study’s authors reported that “firms that have successfully integrated the ERM process into both their strategic activities and everyday practices display superior ability in uncovering risk dependencies and relationships across the entire enterprise and as a consequence enhanced value when undertaking the ERM maturity journey.”

The authors added, “Upon decomposition of the maturity score, we find that the most important aspects of ERM from a valuation perspective relate to the level of top-down executive engagement and the resultant cascade of ERM culture throughout the firm.”

The RIMS Risk Maturity Model for Enterprise Risk Management (RIMS RMM), was developed in 2005 by risk professionals and LogicManager, and is a free assessment tool for risk professionals and executives to develop and improve sustainable enterprise risk management programs. This online resource allows organizations to score their risk programs and receive an immediate downloadable report.

online pharmacy flagyl with best prices today in the USA

The report provides information not only on current maturity levels, but offers ideas on what it may take to achieve a higher level of maturity in each of seven attributes.

“One of the biggest challenges in implementing an enterprise risk management program is articulating the value that it brings,” said Carol Fox, RIMS director of strategic and enterprise practice. “This research makes that value link quite clear. Although the study necessarily focused on publicly traded companies, the value proposition of enterprise risk management applies to not-for-profits and the public sector as well. In highlighting this research, we hope that more organizations will take advantage of the RIMS Risk Maturity Model to improve their risk practices and, in turn, create additional enterprise value.”

Steven Minsky, CEO of LogicManager and developer of the RIMS Risk Maturity Mode noted, “Boards and ERM committees now have an actionable internal road map and a corresponding return on investment measure to improve their enterprise risk management maturity from whatever level they are at today.”