Skip to main content
Poole College of Management
Enterprise Risk Management Initiative

Briefs and Insights

Mar 1, 2013

Strategies to Manage Risks of Sudden Competitor Disruptions

The introduction of new business models such as cloud computing, apps for model devices, instant information sharing, and free trial of service offerings have suddenly disrupted business models for a number of organizations. The way in which disruptions to an organization’s core business now emerges is often different from how new competitors have emerged in the past, which thereby calls for new ways to manage the risk of disruptive innovations. A recent Harvard Business Review article addresses these issues by focusing on what has changed in this context and how risk managers can better plan for the unknown. The cliché “time is of the essence” could never be more true for planning ahead to mitigate the impact of major market disruptions in what the authors call “big bang” disruptions. They offer strategies and identification techniques to help managers pursue planning for a disruptive environment.

Mar 1, 2013

Demystifying Risk Appetite

The enterprise risk management (ERM) community is certainly aware of the idea of “risk appetite;” however, despite the attention that risk appetite receives from ERM practitioners, it remains an elusive concept to apply at the enterprise level. In this article from the Spring 2012 issue of Corporate Risk Canada, author Rob Quail, long-time Director of ERM at Canadian utility Hydro One Inc., attempts to explain and cut through the confusion surrounding risk appetite. Quail also walks through a fresh methodology for defining and measuring risk appetite that can help organizations to make better, more consistent business decisions.

Feb 13, 2013

Strengthening the Role of the Chief Risk Officer in an Organization

The role of chief risk officer (CRO) has been put under a microscope to understand methods and key success factors that can enhance the role. Organizations now, more than ever before, are appointing CROs to improve their risk function and better manage potential risks that could impede their strategy. To achieve that, the CRO must be placed in a position that is fundamental as well as instrumental in the decision-making and strategy-setting process. This Protiviti white paper provides six key critical success factors that organizations should be aware of and promote to ensure that their organization is in a better risk management position than in the past.

Dec 21, 2012

Making the Connection Between Strategy-setting and Risk

Organizations invest a great deal of effort in developing and executing their business strategies. Even so, winning business models are all-too-often subject to catastrophic failures in the blink of an eye. Didn't these companies see trouble coming? The answer: probably not, but only because executive managers did not think hard enough about risk during the strategy-setting process. This white paper from Protiviti Inc. explores the concept of strategic risk and provides an approach for incorporating risk assessment into the process of strategy-setting. By combining these processes, managers will be better equipped to make decisions for their organizations now and in the unknown future.

Dec 1, 2012

Managing the Risk of Disruptive Innovation

Organizations often find themselves surprised by a competitor's announcement of a new innovation. Such announcements can be hugely disruptive, and they hit the competitive environment in many forms, such as a new revolutionary business model, a completely new technology, or a new spin on an existing product or service. A December 2012 article in Harvard Business Review discusses the threat of disruptive innovation. A new product offering or a novel business model from a competitor is enough to upend any existing business and change the face of a particular market indefinitely. However, organizations can manage the risk of disruptive innovations by being proactive in regards to evaluating their own business models and those of competitors. In this HBR article, Wessel and Christensen present their approach for assessing and strategically managing the risk of disruption.

Oct 1, 2012

Applying “Big Data” to Risk Management

“Big data” is quickly building a following as a useful tool for helping managers make decisions. But what exactly is big data, and is its use actually beneficial to a business? This article from Harvard Business Review answers these two questions and more. The authors explain why digital data is perhaps more useful than ever before, and also provide real-life examples of companies using big data to make better decisions. The article also discusses five ingredients that are critical to using big data successfully in any company. Ultimately, big data could provide managers with insights into the risks facing their organizations.

Oct 1, 2012

Managing Risks of the Mobile Enterprise

Mobile devices are becoming more and more integral in the workplace today, as they are used for field work, file-sharing, and business processes. With the widespread use of mobiles, and the delicate intertwined relationship of such devices with both personal and professional lives, substantial number of risks arise that need to be managed properly in order to reap the benefits of these devices. To help organizations think about risks associated with the use of mobile devices, the Security for Business Innovation Council (SBIC) has issued an in-depth analysis of consumer mobile devices in the enterprise along with various risks that arise with the evolving technology. Furthermore, the report also provides various recommendations to manage such risks effectively over time. The following provides a summary of the report.

Aug 1, 2012

How Risk Aversion Can Hurt Your Organization

While we know we must take risks to generate returns, some programs fail to remind managers that ERM is as much about taking risks in pursuit of value as it is about risk avoidance or mitigation. Sometimes too much attention is focused on risk avoidance, which may cause some organizations to squander reasonable opportunities to grow and achieve enterprise objectives. A McKinsey & Company article explains how an overabundance of risk-averse management behavior can actually inhibit a firm from progressing at its full potential. The article outlines behavioral biases that create this risk-avoidance phenomenon among managers and offers guidelines that can help companies mitigate these behavioral biases, thus improving risk management and business performance.

Jun 1, 2012

Risk Appetite: A Conversation of Governance

Managers often view risk appetite as a highly theoretical concept: one that is determined instead of discussed, irrelevant instead of practical, or static instead of adaptive. This paradigm is due to the notion that risk appetite reflects a short term risk philosophy of the company, and the frequency of which risk appetite is viewed as being congruent with risk tolerance. The authors of this Protiviti white paper discuss the importance of developing and maintaining a risk appetite statement as well as using it to spur conversation between management and the board of directors in the governance process.

Jun 1, 2012

Categorizing Risks for More Effective Risk Management

Organizations often employ a rules-based model to manage risk; however history suggests that such an approach may not be an effective way to manage all types of risk. This Harvard Business Review article provides a framework for thinking about risk management that is centered on breaking an organization’s risks into three categories. The authors demonstrate, through real-world examples, how each category of risk is best managed through certain types of risk management mechanisms. Each of these mechanisms plays a role in strengthening the organization’s overall risk management function.