From The ERM Library
The Board of Directors (“the Board”) plays an integral role to the risk management function of a corporation. Risk has been at the forefront of debated topics over the years, more so in the recent years due to the financial crisis that drew the ire of the public, legislators, and the media over compensation of executives. When considered with the ongoing global economic instability and increasing regulatory requirements, the development of rigorous risk management procedures will continue to change. In a recent article from the Bank and Corporate Governance Law Reporter, authors provide an overview of past issues and updates to emerging issues regarding the Board’s risk oversight function from regulatory requirements to suggested best practices.
September 9, 2013
Governance Risk and Compliance (GRC) solutions are designed to assist organizations in overseeing and automating their processes by reducing redundant activities, producing more reliable data, and increasing the automation of processes. GRC solutions an appealing product for today’s large businesses, which are seeking to develop a “holistic view of risk and compliance.” Overall, studies show that GRC solutions can help organizations achieve considerable cost savings. While loaded with a number of benefits, organizations can also face a number of challenges when they embark on a GRC implementation project, that if not effectively managed, can create tremendous risks to the organization. A recent Protiviti thought paper provides insights about issues to consider and suggestions for mitigating risks associated with GRC solutions.
Our Top Articles
May 5, 2009
While the concept of a risk appetite framework is sound and can provide many benefits to organizations, many of these frameworks failed during the current crisis due to design and application problems. Organizations can learn from several key failings in risk appetite frameworks that were highlighted by the crisis. Though this article looks at risk appetite from the perspective of banks, the suggestions are applicable to many types of organizations seeking to improve their risk appetite framework.
February 2, 2013
There is a growing need for organizations to understand how their strategies are shaping their corporate sustainability responsibilities. New business practices may be needed to enhance and promote environmental, social, and governance (ESG) initiatives. Certain strategic risks may arise if these efforts are not executed in an effective manner. A recent report issued by The Conference Board explains the need to enable sustainability reporting as an essential imperative for engaging investors, customers, and employees in eventually lowering certain risks. Furthermore, it outlines risk management strategies on how best to communicate, engage and integrate the matter of sustainability reporting.
March 3, 2013
In this recently published report, business consulting firm Protiviti reveals the results of its annual “Internal Audit Capabilities and Needs Survey.” The survey was administered in late 2012 to over 1,000 internal audit professionals from organizations of all sizes, and across a broad range of industries. The questions in the survey are designed to draw out internal auditors’ perspectives on the current and emerging skill requirements facing the internal audit function; each survey respondent is also asked to grade how well their organization’s internal audit group is handling these looming challenges. Protiviti’s report highlights the growing need for internal audit professionals to expand their knowledge base and skill sets in order to address a new wave of enterprise risks.
November 11, 2006
A survey administered to financial professionals of large public companies that explores their views on the key risks facing their companies and how they are managed. The consensus is that the nature of risk is changing due to new business models. Enterprise Risk Management (ERM) has emerged as a possible solution to many of the risks indicated.
May 5, 2011
With the scarcity of useful guidance to help organizations determine risk appetite and risk tolerance, the Institute of Risk Management (IRM) is seeking to clarify and produce guidance to more effectively communicate an understanding of risk appetite. As a result, IRM released a consultation paper with detailed approaches for developing and using risk appetite and risk tolerance in risk management. In addition to the guidance provided, questions are listed throughout the document with the suggestion that they be asked in the boardroom to ensure that risk appetite and risk tolerance are being adequately addressed.
December 12, 2010
Organizations are seeing the value of adopting a risk-based approach to execute strategies in order to survive in a post-recession world. This approach enables managers to focus on opportunities in strategic plans, as well as minimizing the potential impact of threats. A recent article in the Journal of Business Strategy outlines four steps to execute a strategy using a risk-based approach.
August 8, 2009
In response to the current economic crisis, company boards and audit committees are looking for ways to improve their approach to risk oversight. Risk management perspectives are becoming more focused on external versus internal factors and are being broadened to a long-term approach. The board of directors and audit committee should give more attention to the entity’s risk appetite to ensure that the risks being taken are in alignment with the entity’s strategic objectives. The approach to risk management should be broadened, dynamic, and long-term. This whitepaper discusses how to evaluate the quality of a risk management system and how to ensure that a risk oversight strategy is appropriate.
February 2, 2011
After the recent global financial crisis, many economies and financial markets around the world appear to be strengthening. However, serious concerns still exist as organizations are not returning to the same environment, but rather one that is constantly changing. That reality is causing many organizations to change their risk management approach. Deloitte recently conducted a survey of financial institutions in an effort to understand the state of risk management in this new environment. Though the survey analyzes the financial industry, this white paper is applicable to many different types of organizations.
January 1, 2010
Risk management has quickly become the most targeted area of improvement since the financial crisis for businesses to help prevent another crisis or lessen the impact if another one were to occur. With this intensified focus comes confusion about how ERM applies to corporate governance and internal controls. This article by Bonnie Hancock briefly explores these relationships and how they should be understood within an organization.
June 6, 2010
The devastating effects of the global credit crisis can be linked to the failure of organizations to embed risk management within the foundation of strategic and operational processes. Now, increased pressures from all around call for an integrated and aligned approach to risk management. This white-paper explores how organizations can effectively align performance and risk management processes to not only reduce risk but also embrace opportunities.
December 12, 2008
Boards of directors are charged with corporate governance tasks that include setting executive compensation and developing the corporation’s strategic agenda in light of its risk tolerance. Using short-term performance metrics, like stock price or earnings per share, to determine executive compensation may encourage executives to make decisions that are not aligned with the corporation’s strategic plan or overall risk appetite.
May 5, 2012
The turmoil surrounding recent announcements of over $2 billion in trading losses at JPMorgan Chase is now shining a spotlight on risk management failures at the bank. A front-page story in The New York Times (May 15, 2012) reveals that in the years leading up to the bank’s trading loss, risk managers and some senior investment bankers raised concerns that the bank was making increasingly large investments in complex trades, but their concerns were ignored and dismissed. Some allege that the senior executives failed to respond to concerns from internal risk officers, who were largely side-lined. This unfolding story is highlighting the critical importance of the tone at the top regarding maintaining and enforcing an appropriate risk management culture and continues to support the call for direct lines of reporting from chief risk officers to independent members of the board of directors.
October 10, 2011
PwC’s 2011 Annual Corporate Director Survey report summarizes the responses of 834 corporate directors concerning stakeholder concerns. Critical areas highlighted in the findings were executive compensation, succession planning, and risk management. Given that expectations of governance oversight have reached unprecedented levels, boards are working to adapt their risk oversight role to the shifting risk landscape. See what directors say about their risk oversight maturity.
From SME Mark Beasley , Ph.D
From SME Bonnie Hancock
From SME Bruce Branson
January 23, 2014
January 15, 2014
January 21, 2014
KPMG: Audit Committees Say It’s Getting Harder to Oversee Risks
ERM Professional Training
ERM Roundtable Summit
Send me the agenda on the next Roundtable
Custom Executive Training
Enterprise Risk Management Library:
- Enterprise Risk Management Basics
- Risk Management Fundamentals
- Risk Management Leadership
- Risk Management Benchmarking
- Risk Management Trends