Home > Risk > Integrate risk management with the rhythm of the business

Integrate risk management with the rhythm of the business

February 8, 2012 Leave a comment Go to comments

One of my good friends is Jim DeLoach of Protiviti. While he and I may disagree on some things (Protiviti continues – from what I can see – to favor COSO ERM over ISO 31000:2009), we agree on far far more.

This week, a short piece by Jim was published in Corporate Compliance Insights. Integrate the ERM process with what matters gets it 100% right (IMHO). Some excerpts:

  • “The relevance of the risk management process increases if it is integrated with core management processes that truly matter. The idea is to integrate risk management with the rhythm of the business so that it can make value-added contributions to establishing sustainable competitive advantage and improving business performance.”

What I like about this is the emphasis on using risk management to improve performance, not just protect value.

  • “The scope of integration could include one or more of such core management processes and activities as strategy setting, annual business planning, performance management, budgeting, capital expenditure funding, and M&A targeting, due diligence and integration.”

To get the most value, I believe that risk has to be considered and ‘managed’ as part of the daily process of managing and directing the business.

  • “Effective “corporate governance” provides a flexible corporate structure that manages the balance between the entity’s value creation objectives and performance goals on the one hand with the policies, processes and controls it puts in place to preserve enterprise value on the other.”
  • “Unfortunately, many organizations do not integrate risk management with strategy development. It is critical to define the soft spots, loss drivers and incongruities that are inherent in the enterprise’s strategic objectives and that could dramatically affect performance and adversely impact execution.”
  • “Integrate Risk Management with Performance Management……. KPIs are measures of performance developed to monitor progress toward the achievement of the strategy and the ultimate creation of stakeholder value. KRIs provide lead and lag indicators of critical risk scenarios, resulting in a more balanced mix of forward-looking indicators to complement the usual metrics around customer and employee satisfaction, quality, innovation, time and financial performance.”

Do you integrate risk management with what matters?

  1. March 14, 2012 at 1:37 PM

    I’ve been looking at risk management myself of late, with a view to disaster recovery. Coming up with some of the scenarios was quite simply terrifying.

  1. February 14, 2012 at 3:46 AM
  2. February 14, 2012 at 5:43 AM
  3. February 14, 2012 at 3:41 PM

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: