The ERM Current™

In this month’s issue of the Journal of Accountancy, Enterprise Risk Management (“ERM”) is profiled as a management discipline that has much room for improvement in many companies today.  The authors of the article note that few companies have adopted a true ERM approach and a large number of companies have yet to see the value of implementing an ERM program.  However, with the complexity and interconnection of risks increasing, many senior executives and board members are realizing the need for a solid ERM program in their company.  Here is what the authors have to say.

Much of the shift in thinking about risk oversight has centered on ever-growing calls for boards and senior executives to embrace the business paradigm widely known as enterprise risk management (ERM). ERM is championed as an effective approach to identifying, assessing and monitoring risks across organizations and establishing communication protocols to efficiently share this risk information quickly across the entity. The ERM approach emphasizes a top-down, holistic view of the inventory of key risk exposures potentially affecting an enterprise’s ability to achieve its objectives. Proponents argue that a comprehensive ERM process helps to ensure that significant risks are given adequate consideration by senior management and boards of directors in the strategic planning process. Boards and senior executives use this inventory of risks with the goal of preserving and enhancing stakeholder value.

Is your company contemplating an ERM implementation?  If so, Wheelhouse Advisors can help. To learn more, visit www.WheelhouseAdvisors.com.

In the January 2009 issue of CFO magazine, an article examines the risk management challenges faced by many corporations in the wake of the financial crisis.  The article entitled “Rethinking Risk” rightly advises that new approaches are needed to successfully implement effective enterprise risk management programs.  Here is an excerpt from the article.

But some CFOs caution that formal enterprise risk management (ERM) programs won’t succeed if they don’t mesh well with a company’s culture. Impose a new framework from on high and you risk crushing something underneath.  Progress may depend largely on incremental improvements rather than technological leaps or massive consulting engagements. Existing risk-reporting processes must break down silos that impede risk oversight and prevent a broader awareness of risk throughout the organization. 

In most cases, a thoughtful, strategic approach to refining a risk management program is all that is needed. Wheelhouse Advisors provides cost-effective solutions to help corporations refine and streamline their risk management practices.  Visit www.WheelhouseAdvisors.com to learn more.

Yesterday, Rick Steinberg wrote a great article in Compliance Week detailing the many failures of risk management leading to the recent financial market crisis.  For those of you who may not know,  Mr. Steinberg is a leading authority on the topic of risk management and a principal author of the COSO Internal Control Framework that has become the de facto standard for public corporations and their boards of directors.  As such, Mr. Steinberg has a unique perspective of the unfolding events in each of the firms that have contributed to the market collapse.  In particular, Mr. Steinberg points to boards and their responsibility for holding senior management accountable.  He states,

“….the board must understand what management is doing to identify, assess, and manage significant risks facing the company. It must be comfortable that management has a process in place, and that the process is working effectively. The board must be comfortable with management’s appetite for taking on risk, and that senior management is positioned to obtain accurate information about key risks and relays that information to the boardroom.”

While he also notes areas of weakness with other players such as the regulators and credit rating agencies, it is this critical component of risk management and corporate governance that cannot be ignored.  Without a strong enterprise risk management process and frequent communication between board members and management, companies will not be able to navigate the critical risks and new regulatory environment that is now on the horizon.