Daily News Online
   

Wednesday, 18 April 2012

Home
 | SHARE MARKET  | EXCHANGE RATE  | TRADING  | OTHER PUBLICATIONS   | ARCHIVES | 

dailynews
 ONLINE

OTHER PUBLICATIONS

OTHER LINKS

Marriage Proposals
Classified
Government Gazette

ERM process growing since past three years

H.L Sunil, C.Eng. MIE (SL). PG.Dip.DBFA(SL). MBA (USQ-AUS) Deputy General Manager; Project Portfolio Management, Sri Lanka Telecom PLC

In the context of global economic uncertainty the challenges and opportunities faced by companies around the world continued to evolved. And also evolution of Information, Communication and Technology and convergence of Technology, Media, Telecommunications and use of Internet; leads business boundaries disappearing with globalization. Hence business enterprises been exposed to many risks and uncertainties.

In public domain there was news on instant collapse of business giants worldwide. Later it has been found that the cause were failure to foreseen risks that they would have to face in future. Realizing the facts many companies globally; have taken initiatives to establish enterprise-wide formal risk management processes which lead to build up Enterprise Risk Management (ERM). ERM means to manage the positive risks (rewarded risk) to grow the business, create value and realize the same and manage negative risk (unrewarded risk) to protect existing assets.

In this regard C-Suits initiate initiated programs to create of risk intelligence culture across their companies as the priority in highly volatile business environment.

The creation of risk intelligence business culture enables managers to take rewarded risks by investing reasonable resources and reasonably manage unrewarded risks within their risk appetite using minimum resources. Through the recent survey by Harvard Business Review Analytic Service has found that ERM process are growing since past three years and found that still the companies have long way to go. However financial sector institutions have their established, well matured risk management process.

ERM Concept

ERM is an emerging concept which is being enriched through the contributions made by non-profitable private and commercial organizations in the form of developing models for ERM frameworks, conducting research and surveys, publications on ERM knowledge areas and developing management tools and systems. To name a few such organizations are ISO31000:2009, COSO, AS/NZ4360:2004, Casual Actuarial Society, etc.... Out of those, the framework developed by COSO is taken as a referenced framework by most of companies to initiate ERM.

ERM requirement

In the public domain, there were many cases reported concerning sudden occurances that have caused losses to individuals, public/private and government institutions, property, business. To mention few of such recent events: in the local context are service sector failures, Change Management failure, procurement issues, natural disasters, bankruptcy of financial institutions, deseases and epidemics; in international contexts there are much more which have had global impacts. On analyzing the issues later it has been found that accountability lies within C-Suits, where attention was not given to effectively prepare an organization see future risks and uncertainties.

Local Context

In local context the vision of Sri Lanka to become “Wonder of Asia” there are several initiatives by government institutions and private/public enterprises in the form of programmes and projects investing huge capital management, risk management and Stage-Gate investment governance process. So it is very important to establish risk management process and creating risk intelligence culture in most public, private business enterprises and government institutions to reap best out of the investments. Creation of risk management culture is the foundation for ERM.

Challenge

Establishing investment governance best practices processes it requires change of business culture within an organization is not a very easy task. Addressing the task conducting training on best practices concept, workshops and establishing Framework, risk management processes and, systems and tools are some steps that need to be initiated.

New Capability

The fig.1 shows the drivers that will be effective in ERM process and how those corner elements are being driven. All these effort would be success; only if the process be lead and owned by top management of the enterprises. Further, to define an ERM framework, it involves defining risk appetite, defining and monitoring Key Risk Indicators (KRI), People, Process and Systems which are the main tasks to establish risk intelligence. C-Suits should have well understanding of, and well aware of how ERM concept works.

They should arrange appropriate trainings for subordinates. It is also important for them leads action to establish risk management processes within each functional unit under the leadership of C-Suits and senior managers.

Initiate ERM

Establishing an ERM concept is a new change drive in an organization. Initiating ERM process; it has been recommended to use existing resources, processes, forums, committees and start with incremental step-by-step approach since it has an impact across the organization. Defining ERM Framework for a company is important.

Develop and deploy Strategies Risk Infrastructure and Management Risk Risk Owners Sustain and continuously improve Risk Governance Board of Directors CEO Oversight ERM infrastructure Risk Process Tone at the top People Process Technology Identity risks Asses and evaluate risks Integrate risks Responds to risks Design implement and test controls Monitor assure, and escalate SGB ERM Implementation team Functional Managers ERM workshop

Matured ERM process will provide information on business critical emerging dynamic risks. Having information on risks, the board of directors and C-Suits will have better insight into the company's performance. Hence management would be able to initiate appropriate response plans and strategies for implementation to achieve organizational objectives.

Risk Appetite

The risk appetite is unique for an organization. In simply meaning of risk appetite is the amount of risk one can take in achieving set target at individual level. However, when considering an organization, it is high level statements on risk appetite which is defined for each category of risks and in quantifiable means.

Defining of risk appetite statements is initiated by C-Suits managers and the CEO who will obtain approval from the board of directors.

The approved statements will be cascaded down to functional units, risk owners and communicated to them with risk tolerance which is the deviation that could be taken by an individual from the defined risk appetite to achieve a task.

Key Risk Indicators

Key Risk Indicators (KRI) provides early signals to an organization on the increase of risk exposures in various business units of the enterprise that prevents the achievement of organizational objectives.

These indicators provide early warning on risks that an organization will have to face. Risk owners should identify risk indicators; interpret KRI and signals on intensity (probability and impact) and closeness of the risks (risks may be emerging).

The managers then will have to change strategies to maintain outcomes, in order to achieve desired objectives.

Conclude

Identifying and managing risks is the key to the survival of any business entity.

Therefore to reduce losses, create value and realize the same to the satisfaction of stakeholders, any organization should be prepared to manage risks and uncertainties. In order to manage risks, initiatives for implementation of ERM should be the priority. To initiate ERM is very challenging and it may require compliancy to legal requirements.

In this regard it is appropriate government and the relevant authorities to initiate actions to impose required legislations indicating requirement of implementing ERM process in the public and private institutions.

This will enable better services to the public and protect public investments in corporate. It will also help to reduce unexpected surprises and business calamities at every level.

Reference:

1. ISO 31000
2. Enterprise Risk Management Integrated Framework by www.coso.org
3. Risk Intelligent enterprise management by M/s Deloitte www.deloitte.com
4. Report on the Accenture 2011 Global Risk Management Study by Steve Culp
5. Risk Management in a Time of Global Uncertainty by Harvard Business Review Analytic Services

 

EMAIL |   PRINTABLE VIEW | FEEDBACK

ANCL TENDER for CTP PLATES
Donate Now | defence.lk
www.apiwenuwenapi.co.uk
LANKAPUVATH - National News Agency of Sri Lanka
www.army.lk
Telecommunications Regulatory Commission of Sri Lanka (TRCSL)
www.news.lk
www.defence.lk

| News | Editorial | Business | Features | Political | Security | Sport | World | Letters | Obituaries |

Produced by Lake House Copyright © 2012 The Associated Newspapers of Ceylon Ltd.

Comments and suggestions to : Web Editor