The Seven Deadly Sins of Enterprise Risk Management One Needs To Avoid
Enterprise risk management as we all know is one of the biggest buzz words of the credit movement today. But there are organizations who struggle while implementing enterprise risk management software solutions for a variety of reasons beginning from staffing to performance measurements to costs. Many have been down this road being successful and some unsuccessful. However you need not do the same mistakes again like the ones who have done before. Through this blog post we would highlight some of the egregious errors others have made and the traps they have fallen into.
· Being too process oriented: Enterprise risk management is generally viewed as just another check box exercise and a low value administrative initiative.
Solution: Identifying the different ways to distinguish ERM early, in other words offering yourself as an advisor on risk mitigation, building on the existing risk management practices and bringing specific concerns to the risk managers or executives. Implementing the erm software would help the stake holders realize its value and in better identify the different threats as the program matures.
· Reporting too many risks: Business organizations easily fall into the trap of tracking too many risks at an early stage. So remember the E in the ERM and try focussing on the most potent threats.
Solution: Ask the board members and the executives to clarify the number of risks they see on regular basis and educate the risk managers about the appropriate level of analysis.
· Failing to track the number of risk as they occur: Organizations that don’t track the risks when they occur generally lose an opportunity to validate their assumptions and erm purpose.
Solution: Work with the stake holders or the risk managers to develop the process of identifying and reporting the risk events as they occur.
· Striving towards success soon: Trying to establish ERM as a quantitative exercise too early either on the basis of the key risk indicators or the formal risk appetite statement, or trying to create risk culture asking the risk managers to add trust in erm software before they could understand it in a much more potential manner. Having premature attempts done with advanced capabilities would undermine enterprise risk management across the firm.
Solution: Enterprise risk management should build trust through quick wins improving the stake holder’s exposure towards the management and risks. Enterprise risk management should begin with the process of concentrating on the basics including the performance assessments ensuring that the treatments are in place and reporting the risks to the senior stake holders.
· Being miss – communicated with the executive team and the board members: ERM is still continuing to emerge as a discipline where the senior stake holders and the head of the risk managers have limited experience with the practical implementation of the program. Whereas some of the major heads of enterprise risk management complete their risk assessments preparing reports only to understand and know if they have addressed the concerns leading to the organization.
Solution: In order to avoid the challenges or failures to seize an opportunity that would increase the software value, set regular meetings with the risk managers and stake holders. They would then continue to become less as the function matures.
· Assuming that the support of ERM software would trickle down within the organization: Business organizations generally focus on building up support for the entire program from the executive leadership team and the board. Despite the seniors leader buy in organizations continue to find lack of enthusiasm from business unit leadership and line manager’s barrier towards success. This comes off as a big black spot on the list of leadership traits that a leader should have.
· Solution: Begin from the top and then incorporate the business leaders into the entire process of erm. Explain the values and use the leaders as the erm software champions to spread awareness among the employees of a specific organization.
Erm risk management solutions do have the capacity to deliver the exceptional value back to the organization that specifically depends on COSO methodology. The COSO methodology would then seem to be more complex and convoluted in application and would continue making mistakes that we have described here and are called the seven deadly sins.
About The author:
Sophia Wright covers the latest news and updates in Risk Management Strategy. With more than seven years of marketing management experience, she has contributed to a variety of traditional and online publications, She has over six years of experience in journal risk analysis and as a practicing manager of ERM software system, and successfully executing several projects in ORM Software solutions, internal audit risk assessment and Governance risk compliance.