Business leaders are facing a tremendous volume of suddenly emerging and challenging issues that have the potential to significantly impact the strategic direction and operations of organizations they lead. Keeping pace with the ever-evolving nature of risks on the horizon can be difficult for those serving at the C-Suite and board of director levels.
In this video interview with Mark Beasley, KPMG Professor and Director of the ERM Initiative, Kate Kraycirik, Director of Enterprise Risk Management at The University of Texas MD Anderson Cancer Center, describes how multi-disciplinary Enterprise Resiliency Teams across their organization are helping management triage issues to better understand the details of potential concerns and to apprise senior leadership of the impact of those issues to the organization.
Enterprise Resiliency Teams Conduct Deep-Dive Risk Analysis
In response to a request from MD Anderson’s senior leadership to look in more depth at emerging risks that might be on the horizon in the next six, 12 and 24 months, the ERM team developed scenarios to help them think outside the box about potential risks grouped into different categories of high probability, high impact events. MD Anderson created what they call “Enterprise Resiliency Teams,” which are “teams of teams” looking at potential risk impacts and mitigation plans for various categories of risk themes.
The Enterprise Resiliency Teams are asked to conduct a deep-dive analysis to better understand the details of a potential risk and to also think about the opportunity the risk might present for the organization. The teams also are asked to look at the current mitigation plans to see what might need to be tweaked or added as a part of the risk management plan. The goal is to create an enterprise view of the risk.
Composition of Teams
The Enterprise Resiliency Teams are composed of individuals from across the organization to examine a given risk and to inform management of the risk’s potential impact and what responses might be needed. Most teams include about 15 individuals to offer a multi-disciplinary perspective, but its also small enough to be nimble and fast in doing the work. Initially, teams meet frequently (often weekly) so they can “sprint” to learn about the risk. Over time, the frequency of meetings decreases once the team has sufficient key risk indicators to monitor.
Aggregating Risk Insights
As part of the analysis, each team does a qualitative and quantitative assessment of risks. From there, the ERM team meets with the Enterprise Executive Resiliency Steering Committee, which includes members of the executive team, to share that information across the teams. Separately, the leaders from each of the Enterprise Resiliency Teams meet to share information from each team to ensure everyone understands how the risks may interrelate.
- Types:
