Risk intelligent organisations are few and far between, similarities

By Julie Nyang’ayaAsk any business leaders selected at random to define ‘enterprise risk management’ (ERM), and chances are each will offer a different interpretation. Despite the ubiquity of the term ERM in the business lexicon, a standard definition remains elusive. And notwithstanding the growing awareness of the need to effectively manage risk, the range of practices falling loosely under the ERM domain is vast and growing.ERM, broadly speaking, has been around for at least a decade. In some business sectors, notably financial services and energy, most industry-specific risks are managed with a high level of finesse, using complex probability modelling and sophisticated analyses. Other companies, such as those in the services and consumer business sectors, may have a less refined approach to risk management, and the need for more systematic practices is now emerging.But it is the rare company, we contend, that intelligently manages the full spectrum of risk; that adequately assesses and addresses risk from all perspectives; that breaks through the organisational barriers that obscure a view of the entirety of risks facing a company; and that systematically anticipates and prepares an integrated response to potentially significant risks. Yes, financial services companies may have a comprehensive grasp of interest rate, currency, and credit risk, but how many of them have suffered significant losses from severe events — such as natural disasters, terrorist attacks, and other threats to business continuity— by failing to develop contingency plans for such occurrences?True, many companies anticipated the transition to e-commerce, but how many endured reputation and customer losses because they failed to adequately protect online customer data?Since it occurs so infrequently, we believe that when ERM is done right it deserves special designation. As such, we call such model companies Risk Intelligent Enterprises. Of course, the path to this lofty designation is long and sometimes arduous. Every company that charts its progress will find itself in a different location on the map, depending on the unique business challenges it faces and the competencies and capabilities it possesses. Numerous similaritiesBut every organisation that attains the status of the Risk Intelligent Enterprise will find that they share similar characteristics, including the following:• Risk management practices that encompass the entire business, creating connections between the so-called "silos" that often arise within large, mature, and/or diverse corporations• Risk management strategies that address the full spectrum of risks, including industry-specific, compliance, competitive, environmental, security, privacy, business continuity, strategic, reporting, and operational• Risk assessment processes that augment the conventional emphasis on probability by placing significant weight on vulnerability• Risk management approaches that do not solely consider single events, but also take into account risk scenarios and the interaction of multiple risks• Risk management practices that are infused into the corporate culture, so that strategy and decision-making evolve out of a risk-informed process, instead of having risk considerations imposed after the fact (if at all) risk management philosophy that focuses not solely on risk avoidance, but also on risk-taking as a means to value creation.Some of these bulleted items may be unfamiliar to you. But all, we contend, are essential characteristics of the Risk Intelligent Enterprise. Risk Intelligent Enterprises come in all sizes and industries, and each organization tailors its risk management practices to its particular circumstances and needs. Yet every Risk Intelligent Enterprise shares this insight:Organisations that are most effective and efficient in managing risks to both existing assets and to future growth will, in the long run, outperform those that are less so. Simply put, companies make money by taking risks and lose money by failing to manage them.—Julie Nyang’aya is a Partner and the Enterprise Risk Services Leader for Deloitte Eastern Africa

Risk intelligent organisations are few and far between, similarities

Get Full Access for Ksh299/Week.

Related Topics

Similar Articles

Latest Stories

The Standard Insider

Digger Classified

GET OUR NEWSLETTER

CONNECT WITH US

FOR THE LATEST JOB ADVERTS

Similar Articles

Why fuel prices have remained unchanged despite attacks on Iran

Fuel prices remain unchanged despite Middle East tensions

Full-in tray for reappointed nuclear agency chair

End of an era as Kirubi family exits Sidian Bank in multi-billion deal

DIGGER JOBS

Digger Motors

Digger Real Estate

Risk intelligent organisations are few and far between, similarities

Get Full Access for Ksh299/Week.

Related Topics

Similar Articles

Latest Stories

The Standard Insider

Digger Classified

GET OUR NEWSLETTER

CONNECT WITH US

FOR THE LATEST JOB ADVERTS