 Most businesses believe they understand and can manage their significant
risks effectively, but the ever-growing list of failures and public
embarrassments graphically illustrates that this may not always be
the case.
Most organisations will now have a formal programme to evaluate
and record their most significant risks. But has this been a
positive experience?
Can you demonstrate measurable benefits as a result?
Did your organisation embrace the need enthusiastically or
did they regard this as another passing fad - yet another
initiative?
Have you identified new areas of exposure?
Have you identified any over controlled activities – and
taken action to reduce the unnecessary controls?
Has the scoring method adopted caused confusion – risk
matrix scoring problems will show you why
the approach adopted my many organisations may be
providing a false picture
of the risks
Or have you just met the regulatory requirement
and ‘ticked
the right boxes’?
Establishing or revaluating your Enterprise risk
management process can be a daunting task. It can
be difficult
to engage management
(particularly Directors) . The key is to adopt
a simple but comprehensive approach
focussing on specific deliverables and benefits.
 This is our specific area of expertise. We have
worked with hundreds of organisations across
both the public
and private
sectors to
help them introduce or update their ERM process.
Our aim is to help establish
a firm base to enable any organisation to confidently
take ongoing responsibility for the process.
The Process
A facilitated workshop based approach with the objective of enabling
any organisation to quickly and effectively evaluate or update the
significant risks impacting the enterprise and it’s future
direction.
The Deliverables
- Key risks identified and recorded
- Risks sifted and
clustered using a proven model (which will be tailored
specifically to meet the needs of your organisation)
- Each risk evaluated as to magnitude and likelihood
of occurrence
- Results plotted on a matrix
- Mitigation evaluated and recorded for
each key risk
- Exposures identified
- Exposures assessed and actions
proposed using the four T's
- Tolerate (accept the risk
e.g. those with low likelihood or low impact)
- Transfer
(normally via insurance)
- Terminate (eliminate the risk
if too great for the business to bear or ways to
reduce it are impractical
or too expensive)
- Tackle or Treat (reduce the risk
by taking specific action) Experience has shown that
the vast majority of
risks can
be treated
- Action plans developed and assigned to address
the manageable exposures
- Fully detailed risk register with all risks identified, including mitigation, exposures
and actions planned prepared and
issued (link opens in new window)
Why Business Risk Management Ltd
- The company specialises in this field
- The process
used is comprehensive but simple to understand and apply
- it is therefore extremely cost effective
- Services
are tailored specifically to meet clients exact requirements
- Programmes are delivered personally by a Director
of the Company
- Clear, comprehensive and timely output
will be delivered with action plans that can be immediately
put in train.
- The process is proven and has been highly
successful with hundreds of clients.
The following links provide an example of a memo to launch
an Enterprise Risk Programme and a typical proposal for
provision of Risk Management services and a list of
the benefits clients
have
achieved.
|
