Enterprise risk management-Yashvanth G Nayak

Enterprise risk management-Yashvanth G Nayak

• 1.
  Enterprise Risk Management YashavanthG Nayak Assistant Professor St Philomena College Puttur
• 2.
  Meaning Enterprise risk management(ERM) is the process of planning, organizing, leading, and controlling the activities of an organization in order to minimize the effects of risk on an organization's capital and earnings. Enterprise risk management includes financial, strategic and operational risks, in addition to risks associated with accidental losses.
• 3.
  In many projects,risks are identified and analyzed in a random, brainstorming, fashion. This is often fatal to the success of the project, as unexpected risks arise, which have not been assessed or planned for and have to be dealt with on an emergency basis, rather than be prepared for and defended against in a planned, measured, manner. Very early in the preparation and planning stage, it is essential that potential risks are identified, categorized and evaluated. There are many factors that make risk management important.
• 4.
  Why Is EnterpriseRisk Management (ERM) Important?  Organizations start an endeavor to take a business opportunity. There is uncertainty about the organization will take the opportunity or not. So each endeavor has an associated risk. That is because ERM is important.  Organizations need to increase their risk taking capability to cash on the opportunities that keep knocking at their doors. With robust ERM, organizations can identify and analyze risks and decide which risk is worth taking.  Projects can only control risks and opportunities directly within their remit. Yet, the performance of a project is very much dependent upon the obstacles thrown up by the enterprise or organization and other external influences, which are outside the projects control.
• 5.
   Enterprise RiskManagement (ERM) is important because its success determines the health and life of the business enterprise. If an organization fails to identify risks to its existence, it will be ill prepared to face any risk events. As an example, business enterprises recognize that dependency on a sole source supplier is a high risk (if that supplier goes out of business your business will be impacted). Therefore, they identify that risk and address it by developing multiple sources so reducing that particular risk. In the same way that risk is managed in projects to increase its probability of success, risk must be managed in an enterprise to assure its success.  ERM institutionalizes risk management procedures in the organization by standardizing the tools, methodology and people processes in monitoring individual project risks. This is important so that the impacts of individual project failures (in case failures do happen) are addressed appropriately.
• 6.
  Enterprise Risk ManagementProcess Step 1 – Establish an Enterprise Risk Structure ERM requires the whole organisation to identify, communicate and proactively manage risk, regardless of position or perspective. Everyone needs to follow a common approach, which includes a consistent policy and process, a single repository for their risks and a common reporting format. However, it is also important to retain existing working practices based on localised risk management perspectives as these reflect the focus of operational risk management.
• 7.
  Step 2 –Assign responsibility Once an appropriate enterprise risk structure is established, assigning responsibility and ownership should be straightforward. Selected nodes in the structure will have specified objectives; each will have an associated manager (executive, functional or business), who will be responsible for achieving those objectives and the associated risks. Each node containing a set of risks, along with its owner and leader, is a Risk Management Cluster.*
• 8.
  Step 3 –Create an enterprise risk map Risk budgeting and common sense dictate that risks should reside at their local point of impact, because this is where attention is naturally focused. However, the risk cause, mitigation or exploitation strategy may come from elsewhere in the organisation and often common causes and actions can be identified. In this case, we take a systemic approach, where risks are managed more efficiently when brought together at a higher level. To achieve this, we need to be able to map risks to different parts of the risk management structure.
• 9.
  Step 4 –Decision making through enterprise risk reporting The most important aspect of risk management is carrying out appropriate actions to manage the risks. However, you cannot manage every identified risk, so you need to prioritise and make decisions on where to focus management attention and resources. The decision making process is underpinned by establishing risk appetite against objectives and setting a baseline, both of which should be recorded against each Risk Management Cluster.
• 10.
   Step 5– Changing culture from local to enterprise At all levels of an organisation, changing the emphasis from ‘risk management’ to ‘managing risks’ is a challenge; however, across the enterprise it is particularly difficult. It requires people to look ahead and take action to avert (or exploit) risk to the benefit of organisation. It also requires the organisation to encourage and reward this change in emphasis! Unfortunately, problem management (fire-fighting) deals with today’s problems at the expense of future ones. This is generally a far more expensive process as the available remedies are limited. However, if potential problems are identified (as risks) before they arise, you have far more options available to affect a ‘Left Shift: from a costly and overly long process to one better matching the original objectives set!
• 11.
  Thank You