Tag Archives: Risk Communication

Immediate Vault Immediate Access

RIMS Report: Establishing and Communicating ERM

Posted on by

Recent trends indicate that management is being consulted more than ever by executives and boards who are looking for information that can aid in decision making. This has moved the value of enterprise risk management (ERM) to the forefront, to give the board an overall view of the risks the company faces.

A report just released by RIMS, Risk Communication to the C-Suite and Board of Directors: Visualizing Enterprise Risk Management Information, explores ERM and offers risk managers strategies to use to determine what they report to decision-makers.

According to the report:

“Without robust information about risk, directors cannot offer effective oversight. Therefore, management should carefully evaluate the format and purpose of board risk communication with consideration to risk governance responsibilities, risk appetite, and the intersection between risk and strategy. This process also ensures that the risk information is of value to the management team as well and not simply ‘paperwork.’”

In order to be proactive, boards have expressed the need for specific information, the authors noted, but with “understanding of risks” and “oversight of risk management” cited as the most important areas for board improvement, “risk managers need to be strategic in the way they disseminate information. What you pass along should be presented carefully so that an executive can easily understand and prepare to translate for stakeholders.”

The professional report highlights information from the National Association of Corporate Directors (NACD), the most recent COSO ERM Framework, and the Corporate Executive Board (now Gartner). Backed by that data, the authors discuss where ERM stands today and, by offering various engagement models and maps, provide suggestions and options for determining:

  • Which executives should receive the information.
  • How to craft the message.
  • Delivery methods.
  • Additional sources of key risk management information.

“In developing a system for delivering key risk information to the board, it must be stated that ERM is not a prescribed science,” the authors wrote. “No two organizations will have the same approach or process for determining what defines key risk information or how it should be delivered.”

The report is co-authored by Julie Cain, senior strategic advisor, information and technology risk management at the Educational Testing Service; Christine Novotny, ARM, RIMS-CRMP, manager risk and insurance for PeaceHealth; and David J. Young, lecturer at the Risk Management and Insurance Program, University of Colorado Denver Business School. The group also presented on this topic at RIMS 2018 Annual Conference & Exhibition in San Antonio.

Risk Communication to the C-Suite and Board of Directors: Visualizing Enterprise Risk Management Information is available to RIMS members only for the first 60 days. After the introductory period, it will become available to the broader risk management community. You can download the report via Risk Knowledge.

Enterprise Risk Management’s Wakeup Call: 10 Years After is also available on Risk Knowledge. Complementary to Risk Communication to the C-Suite, it discusses the importance of integrating ERM into companies’ frameworks as they prepare for the possibility of another financial crisis or a new threat. Read more about the report here.

Risk Management Storytime

Posted on by

NEW ORLEANS—One of the biggest challenges for risk managers has always been how to engage the rest of the company in risk management activities. Too often, risk managers are considered the show-stoppers, feared by other departments for their tendency to be risk averse and shoot down every idea. So the challenge is to find a way to increase their risk awareness in such a way that they start to view risk as opportunity rather than a deterrent. According to Joachim Ademusi, director of IRMS Ltd., the key to embedding risk management into the culture of an organization lies in story telling—basically finding a way to present risk management in a context that they can relate to and even enjoy.

Speaking at an educational and interactive session at the RIMS 2015 Annual Conference & Exhibition, Ademusi stressed that risk is really a performance improvement tool. So with that in mind, it is important to change any negative perceptions about it. Risk managers should create an environment for creativity that allows all company personnel to take advantage of what risk management can do. This creative engagement requires risk managers to understand the needs and concerns of other departments and find ways to inspire them to consider risk and exchange ideas. This can be accomplished by changing the narrative that risk management is somehow bad. Ademusi recommended creating a contest among all employees to identify the risk management angles in a given scenario, with the winner receiving a gift card or some other monetary award. Or simply meeting with various individuals over lunch in an effort to better understand their concerns.

Ultimately, the idea is to make risk management less intimidating. By using stories, proverbs and parallels that don’t necessarily rely on risk terminology, risk managers can gain the trust of their colleagues and foster the understanding that good risk management will improve performance and benefit the entire organization. And once the organization embraces risk management and proactively seeks out their risk manager’s advice, Ademusi said that your career with truly become something special.