“We would like to implement ERM. What can RiskVeda
do for us?”
If you have decided it is not Core Activity Risk Management your organization requires, then you must have a fairly good knowledge about risk management. You are ready for ERM, which means:
- You are well into the extended risk management journey.
- You have resources in place and are ready to invest in more.
- Your organization currently enjoys some of the fruits of risk management.
- You have a top-down commitment to foster a risk mindset.
In companies we have advised, our ERM work begins with a review/identification of the enterprise inherent risk profile and its alignment with corporate strategy and risk philosophy. Next, we assess Core Activities, paying strict attention to risk overlaps, gaps and repercussions, and alignment with corporate strategy.
To administer the risk complex, an infrastructure of policies, roles, responsibilities, and processes needs to be developed, a reporting regime implemented, and an accountability system established. Review of internal control effectiveness must be allocated to a Risk-based Internal Audit function and the Board has to be in a position to provide risk-based oversight (see: Governance and Internal Audit sections).
Operationally, your organization can benefit from ERM by:
- Raising the level of your people’s risk competence.
- Improving the system of internal controls for managing risk.
- Reducing the potential for strategy misalignment and failed objectives.
- Reducing revenue attrition, excess costs, losses, destruction and fraud.
- Limiting legal liability, regulatory sanction and reputational damage.
- Improving revenue growth, employee value-added and client satisfaction.
- Enhancing the quality of investor and public relations.
- Preparedness to deal with adversity if and when it happens.
Our objective is to institutionalize your risk intelligence and enable your enterprise to deliver more consistent results while balancing the diverse expectations of various stakeholders.