Enterprise Risk Management
One way to implement enterprise risk management in your business could be to interview the executives that make up your company’s executive team and few members of the board of directors and ask them: “What do you believe are the major risks that would prevent our company from reaching its strategic goals and objectives?” Then, you rank the top five risks based on their likelihood and impact. Now that you know what risks to mitigate, you identify the risk owners (those that have oversight of the activities driving the risk), put together an influence diagram (to find out the root causes of the risks) and then decide how to mitigate the risks. Finally you create a plan to review the mitigation activities in 60 days and determine their effectiveness.
One problem with the approach above to implement enterprise risk management lies on the risk identification method which assumes (probably wrong) that each member in the executive team is a trained and experienced risk management professional that can not only identify and assess risk but also will be able to link company’s exposures to its goals and objectives. This approach has already been proved to be ineffective and even fatal. Enterprise risk management was already in place during the financial crisis of 2007-2008.
Another critical problem with the approach above to implement enterprise risk management is to forget that risk management is an on-going activity that requires constant monitoring and real-time tools that can alert the risk manager each time an event creates a new risk exposure.
INSIGHT has developed a better way to implement enterprise risk management named Insight ERM©, a business method with an ERM approach, to help companies meet their goals and objectives by acquiring information about the exposures associated to the company’s resources, activities, and products; and then, by performing a series of risk management activities to reduce those exposures. We just follow the money flowing through the business. Would we have done something different if we had known that before the financial crisis of 2007-2008 our retirement money was going to risky real estate investments?
Companies could use ChancesR®, our web-based risk management information system, and follow the process; and next time, the person in your organization responsible for managing risk (Risk manager, CRO, CFO, or other member of senior management), while attending a conference oversee, could be receiving in the next 5 minutes the following email alerts:
Email Alert 1 – An automatically generated email alerting her that natural gas prices just dropped by 20% for May-2014 and if she locks 70% of the budgeted volumes, the company could be saving $90,000. Right away and from her smart phone (or IPAD), she could use the link in the email and lock the gas needed directly from the gas supplier, and complete the entire transaction in fewer than 15 minutes. (Utility Risk Manager©)
Email Alert 2 – An automatically generated email letting her know that HR was considering to terminate Mr. John Herndon, who is NOT a white male under 40 years old. (Insight ERM©)
Email Alert 3 – An email from HR asking her to confirm that is OK to terminate Mr. John Gonzales, who until last January, was a key witness in an ongoing litigation. (Insight Claims©)
Email Alert 4 – An automatically generated email informing her that due to product demand, the Atlanta Biomass plant (a company’s production facility) has reduced their production forecast for the next six months by 50%, which probably will require the sale of some forward contracts. (Real-time Budgeting©)
Email Alert 5 – An automatically generated email informing her that BEST PAINTING, has signed the company’s service agreement to start painting the Georgia facility’s 100′ water tower. Right away and from her smart phone (or IPAD), she could use the link in the email and verify that BEST PAINTING is complying with company’s Contractor Work Rules and Vendor’s insurance requirements for this kind of job.(Contractual RM©)
Email Alert 6 – An automatically generated email letting her know that the Emergency Response Plan (ERP) for the storage facility in the Port of Tampa (FL), has just been activated as a result of a fire, with instructions about what to do as member of the Emergency Response Team (ERM) and a “pdf” copy of the Business Continuity Plan (BCP) attached to the email.( Insight BCP©)
Email Alert 7 -An automatically generated email reminding her of her next deposition on a large claim against the company. (Insight Claims©)
Email Alert 8 – An automatically generated email from INSIGHT bringing the news that your main competitor just purchased one of your main suppliers of raw material.(Insight News©)
Email Alert 9 – An automatically generated email to let you know that Arthur J. Gallagher has completed the broker’s questionnaire in your RFP, and is ready for your review.(Insurance RFP©)
ChancesR® is the first activity-based risk management information system designed to help companies manage their risk of not meeting their goals and objectives by mitigating their exposures associated to company’s resources, activities and products.ChancesR® uses a rational and systematic way to identify risk following company’s money flowing down from resources, to activities, and finally to products; and then determining the exposures associated with them. ChancesR® allows companies to centralize all their risk identification, analysis and mitigation activities in one highly secure location that can be accessed from anywhere at any time by any authorized user using a desktop, laptop, IPAD, smart phone or any other mobile device with internet access.
ChancesR® brings the risk manager to the C-suite. By just following the money, now she can identify those exposures (or activities) that may affect company’s financial position (Balance Sheet Exposures) as well as those affecting company’s profitability (Income Statement Exposures).
ChancesR® has a series of web-based tools that the risk manager (or any person responsible for managing risk in the organization) can use to receive automatic (or man-made) email alerts of new events that can trigger the Insight ERM© process. The diagram below shows some examples of those events.
ChancesR® web-based risk management information system (RMIS)
Below is the list of risk management web-based applications included with ChancesR®: