Skip to main content
Poole College of Management
Enterprise Risk Management Initiative
ERM Leadership and Governance

An ERM Leader’s Strategy For Success

November 1, 2014 5-min. read

Implementing a risk program is more difficult than ever, as risks have become more complex and numerous across business units and throughout multiple locations. Risk leaders may encounter hostility from business unit managers and domestic and overseas subsidiaries that fear that the process will result in a loss of control and added bureaucracy.   As a result, corporate risk managers are shying away from a “strong arm” approach in implementing enterprise risk management programs. Instead, risk leaders are taking a softer approach and emphasizing the long-term rewards. 

ERM Diplomacy, authored by Lawrence Richter Quinn (see link to full article below), discusses the characteristics of an ideal leader and how his or her skills can further propel the ERM initiatives at a company. With these skills, a leader can then effectively deal with doubt and hesitation from an organization, while also maintaining an enterprise-wide strategy of managing risk.

Make The Connections

All too often ERM efforts ignore the human dimension and fail to gain commitment from the people in the organization. The head of ERM may be seen as a devil’s advocate- questioning every process and procedure. While the ERM leader may see it as merely learning about the organization’s functional areas, business leaders may see it as questioning their capabilities and judgment.

For this reason, earning confidence and respect should be the ERM leader’s first and foremost priority. One way to gain respect is to take the time and effort to understand the different functional areas and the company as a whole. Conversations with business units can allow a leader to understand how a company makes money, how it perceives risk, and what is currently being done to manage risk. When the needs of a company are fully understood, the ERM leader can effectively design a program that is most attractive to the company.

Another way to be a successful risk manager is to develop relationships with executives. Often, executives see an ERM program as something forced upon them. It takes time to show them that the program will only benefit their firm long-term. To demonstrate flexibility, a leader should understand their concerns about the company and what they would like to see occur in order to resolve issues. The key is to be empathic and listen well to show executives that the corporate risk leader is there to support them in reaching the organization’s goals. A head of ERM who demonstrates soft, understanding characteristics will contribute to sound and strong governance, risk and compliance cultures.

Be The Ultimate Leader

An ideal executive undertakes more than just managing the company’s ERM efforts; the executive also should demonstrate the following skills:

  • Architect: The leader should be able to create, design, and implement a program with the practices that best meet the risk management needs for that company. A cookie cutter program will is typically not effective; it is vital to tailor the program to be consistent with organizational goals and objectives.
  • Facilitator: It is vital to keep constant communication around the topic of risk. An ERM leader can help by being a facilitator to create conversation in the proper environment. 
  • Coach: Employees need encouragement to manage risk both within individual departments and across the business as a whole. It is important to support and promote all of the line executives’ efforts in managing risk. 
  • Communicator:ERM is a difficult topic to discuss in the early implementation stages. To effectively and authentically assist employees, a leader should present a bigger picture of how ERM will benefit the company using terms that can be widely understood. 

Win Over the Doubters

A risk manager can embody all of these ideal standards and still experience resistance to an ERM program. Initial hesitations involve the cost of such a program. When the leader can prove that an implemented ERM program is more of an investment than a cost center, it is easier to see the value of the leader’s efforts. The leader should prove that the investment would reduce both short-term and long-term costs. Start small; rather than taking an aggressive approach to enterprise risk management implementation, use a single silo approach. Demonstrate ways risk management can be executed in one area of the business before implementing enterprise-wide. When a business unit manager can see immediate results, he or she will be more willing to support an ERM partnership and convince the other executives to be supportive as well.

Some executives argue that they are already adequately managing risk within their business units. While this may be true, the individual often forgets the implications of the interrelated risks impacting other business units. Convincing business leaders to see the unmanaged risk is a feat, and often takes a disaster to stimulate agreement for an ERM approach. The key to helping executives see the cross-silo impact of risk is continuous communication. Discuss actual results and implications of an implemented process, rather than theoretical outcomes. The risk dialogue should facilitate real insight about risk/reward relationships and, in turn, help provide a foundation for effective risk management.

Think Big

Of course, a risk manager would ideally have every employee invested in the risk management process. However, more often than not, this is not the case. It is a process that takes time and should begin with convincing individual business executives to use an ERM approach within their organization.  Once the process shows results in one area that can be used as success story to gain buy-in elsewhere in the organization.

One example given was a company whose Chief Accounting Officer worked with ERM to use risk assessment results to supplement and ultimately replace some of their audit work. In this way, executives become process owners as they take on more responsibility for managing their risks.  Often it takes proven results, such as a reduction in cost and time, for an executive to see the reward of a risk management process. It is critical to maintain their focus on the ERM objectives through consistent communication about the company’s efforts. This communication reinforces the personal, human element connections needed between risk managers and C-suite executives to facilitate successful implementation of ERM.

Original Article Source:ERM Diplomacy,” Lawrence Richter Quinn, Risk Managemnt, November 1, 2014

More From Enterprise Risk Management Initiative

2024 The State of Risk Oversight Report featured image

2024 The State of Risk Oversight: An Overview of Enterprise Risk Management Practices - 15th Edition
Assessing How Org Culture Impacts Risk Mgt

ERM Tool: Assessing How Organizational Culture Impacts Risk Management
SEC Building

Whited, Burd Examine SEC Climate Disclosure Amendment