Zach Wolff, Director of ERM and SOX Internal Controls, ConEdison, shares insights with Don Pagach, Director of Research in the ERM Initiative about approaches his organization takes to develop “watch lists” of emerging, hard to identify strategic risks that may be outside the familiar bounds of overseeing ongoing well-known and recognizable operational risks.
Balancing Focus on Known Operational Risks with Developing New Trends
As a public utility focused on providing customers reliable and safe power, helping the business manage key operational risks is a critical component of ConEdisons’ ERM program. A significant amount of the company’s ERM risk profile focuses on risks important to ensuring ongoing public safety, environmental stewardship, and operational excellence. Given the extensive focus on these operational risks over time, risk responses to address those risks are fairly robust with significant management focus on ensuring these core operational risks are managed well on an ongoing basis.
Given the familiarity of core operational risks that have existed over time, management is well informed of the general nature of operational risks and the company is able to develop robust metrics to keep an eye on those kinds of recognizable operational challenges. However, the extensive experience with managing operational risks sometimes makes it challenging for organizational leaders when it comes to identifying and assessing unfamiliar, emerging risks that may be less operational in focus but developing as innovations and other developments emerge in the marketplace.
Developing Watch Lists of Risks
The ERM program at ConEdison works with business leaders across the company to help them focus not only on ongoing active operational risks, but also to be looking out to new developments and trends that can be included in a “watch list” of potential issues that might lead to future business risks at the enterprise level. To help leaders articulate potential emerging issues that management may want to begin paying attention to, the ERM program purposefully does not label these as “risks” but rather refers to them as “operational watch list issues” and “enterprise level watch list issues”.
Over time, the ERM program has worked with subject matter experts to develop analyses that can be shared with management and the board to help expand understanding across the leadership group of emerging trends. They also work with management to help find creative ways to measure some of these less defined kinds of risks. Zach shares how they partner with various groups across the company to keep an eye on these more nebulous kinds of risks. He also shares how the ERM program helps harmonize the different views about these emerging issues held by different groups within the company. That harmonization helps ensure the board and the senior leadership have a well-rounded and enterprise-wide understanding of these potential risk issues, in addition to developing a coordinated response to these emerging challenges.
Interested in this topic?
Check out a separate video interview where Zach Wolff discusses how ConEdison engages management in discussions to identify not only short-term risks, but also long-term risks that may emerge a decade out.
Also, download this thought paper, Enhancing the Future Relevance of ERM, that highlights the importance of focusing management’s explicit attention on emerging risks as part of the way ERM can be viewed as providing more strategic value.
