Apac
  • Home
  • CXO Insights
  • CIO Speaks
  • Partner Conferences
  • Newsletter
  • Subscribe
  • News
  • About us
Apac

  • Agile

    Artificial Intelligence

    Augmented Reality

    Big Data

    Blockchain

    Cloud

    Cyber Security

    DevOps

    Digital Technology

    Enterprise Security

    HPC

    Internet of Things

    IT Services

    Mobility

    Networking

    Open Source

    POS

    QA and Testing

    Robotics

    SaaS Solutions

    Security

    Simulation

    Smart City

    Startup

    Storage

    Unified Communication

    Virtualization

    Web Development

  • Automotive

    Aviation and Aerospace

    Banking

    Compliance

    Construction

    Contact Center

    E-Commerce

    Education

    Energy

    Engineering

    Field Service

    FinTech

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Pharma and Life Science

    Retail

    Sports

    Telecom

    Travel and Hospitality

    Utilities

  • Amazon

    CISCO

    Google

    HP

    IBM

    Intel

    Microsoft

    Oracle

    Red Hat

    Salesforce

    SAP

    VMware

  • Business Intelligence

    Business Process Management

    CEM

    Collaboration

    Corporate Finance

    CRM

    Data Center

    Disaster Recovery

    Document Management Systems

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Performance Management

    ERP

    Fleet Management

    Gamification

    Geographical Information System

    HR Technology

    IT Service Management

    Managed Services

    Payments

    PLM

    Procurement

    Project Management

    Risk Management

    Sales and Marketing

    Workflow

Menu
    • DevOps
    • Automotive
    • FinTech
    • Robotics
    • SAP
    • Amazon
    • Big Data
    • Education
    • HPC
    • Simulation
    • CISCO
    • Web Development
    • AI
    • EPM
    • ERP
    • Project Management
    • Salesforce
    • Sports
    • Travel and Hospitality
    • Unified Communication
    • IT Services
    More
    Education HPC Simulation CISCO Web Development AI EPM ERP Project Management Salesforce Sports Travel and Hospitality Unified Communication IT Services
    ×

    Subscribe to our Newsletter

    news
    news

    Join our mailing list for the latest articles, news, and exclusive insights from prominent technology leaders

    loading
    SUBSCRIBE

    Thank You for subscribing with us. We sent you an email regarding this.

    news

    • Home
    • Risk Management
    Editor's Pick (1 - 4 of 8)
    left
    CIOs Need To Know Their Business, Not Just Tech

    John Sadowski, EVP & CIO, Sandy Spring Bank

    Your Next Law Firm Website Project

    Vic Peterson, CIO, Stinson Leonard Street LLP

    Essentials for a Compliant Environment

    Seevali Fernando, Group CIO, Hoya Corporation

    The Digital Agency

    Ralph Chivers, CIO, Ministry of Business Innovation and Employment, New Zealand

    E-commerce and the Data behind it

    Klemen Drole, CIO, Lazada Group

    Need and Importance of IT in the Shipping Industry

    Anjan Deb, GM-IT (CIO), The Great Eastern Shipping

    At the Crossroads of Sports and Technology

    Jerry Mcglynn, CIO, Specialized Bicycle Components

    Proliferative Innovation via Platform+Agile

    Dr. Steve Hodgkinson, CIO, Department of Health & Human Services in Melbourne, Australia

    right

    Redefining Enterprise Risk Management

    By John Duncan, VP-Government Sector and Laura Jackson, Sr. Manager-Risk Management, ABS Consulting

    Tweet
    content-image

    John Duncan, VP-Government Sector and Laura Jackson, Sr. Manager-Risk Management, ABS Consulting

    risk management is critical for an organization and a major function of executive engagement. To appropriately manage risk, the risk has to be defined by identifying what can go wrong, evaluating how likely it is, and determining the consequences. Although defining risk appears to be the easiest step in the Risk Management process, the first step is not even remotely as easy as it seems.

    In recent years, the definition of risk management has changed. Today, Enterprise Risk Management (ERM) is synonymous with internal controls/activities that focus in most cases on governance, risk, and compliance. The unfortunate consequence of perceiving ERM this way is that- instead of truly managing risk, many companies have allowed ERM to devolve into a box-checking activity that allows the organization to pass an audit and helps achieve financial compliance. Innocuous as this approach seems, it is in fact, a trap.

    To truly address risk, business leaders need to refocus on the core principle of ERM, the element that makes it comprehensive, strategic, and action oriented. ABS Group serves a global client base, and much of our work focuses on risk management and safety practices. Our staff are frequently called upon in the aftermath of a major disaster, often one resulting in the death of an employee, to assess the root causes of the failure and to help clients recover. As practitioners of ERM, we would prefer to preemptively apply our risk management experience and knowledge- helping firms avoid catastrophes, save lives, maintain leadership, and preserve the existence of the entire organization. The best companies will pursue ERM as an integral part of their strategic planning and management processes.

    The key to achieving this objective is having a holistic ERM program that considers all aspects of an organization’s activities  and addresses any shortcomings that are narrowly focused on internal controls and compliance. We refer to the new interpretation as ‘Adaptive ERM’.

    ABS Group’s ERM-lens approach supports identification of both an organization’s risks and opportunities – which is the first step in building an effective ERM plan. This is supported by a repeatable and transparent process for developing prioritized actions- the company can take to pursue opportunities and mitigate risk.

    Developing an ‘Adaptive ERM’ program helps an organization move beyond the second challenge a large number of companies are facing – effective implementation.

    Some organizations are good at identifying their major risks, events that can lead to significant organizational change. They may even be good at developing plans to address the risks. But ERM is not complete until, there is an ongoing progress to implement those plans. and This takes executive commitment and follow through. The best organizations implement a Program Management Organization (PMO) to advance risk management initiatives.

    The end result is an ERM approach that connects with the organization’s strategic plan, business intelligence system, performance measures, root cause analysis, and project management office support systems.

    Many ERM issues lurking just beneath the surface have the potential to have near-disaster-level impact. One that seems to be prevalent in recent years is succession planning. In many government agencies, for example, Baby Boomers make up a disproportionate percentage of the workforce. These agencies are facing a tidal wave of turnover as employees reach retirement. Agencies stand to lose not only a large number of employees but also the core knowledge these seasoned professionals will take with them when they walk out of the door.

    A number of executives we interviewed described succession planning as a top priority in mitigating risks relating to loss of expertise. These executives have identified a problem, but some are overwhelmed by the prospect of developing succession plans for as many as 40,000 people who soon could be joining the retirement rolls. When dealing with that number of staff, where do you start?

    “Many companies have allowed ERM to devolve into a box-checking activity”

    A number of executives we interviewed described succession planning as a top priority in mitigating risks relating to loss of expertise. These executives have identified a problem, but some are overwhelmed by the prospect of developing succession plans for as many as 40,000 people who soon could be joining the retirement rolls. When dealing with that number of staff, where do you start?

    The answer is to apply a comprehensive, action-oriented ERM approach. By rating and ranking the major functions of an organization, executives can quickly identify areas where staff turnover would have the most detrimental effect. ERM actions, or ‘risk treatments,’ can be applied to those functions within an organization where the greatest risk reduction can be achieved.

    Another very serious risk is cybersecurity. Although, companies have spent billions of dollars to protect their IT systems, there are major breaches multiple times each day. The traditional approach is to apply more layers of security, but as we know, the safest computing platforms are those that are disconnected from networks and are turned off. A holistic ERM approach allows organizations to assess the risk related to their IT infrastructure in the context of overall organizational risk. The result is often a better, integrated understanding of risks and a more appropriate allocation of resources to address them.

    Most organizations focus their resources on achieving their goals. Executives should evaluate both how they are going to achieve their goals, but also how much enterprise risk they have in not meeting those goals. An efficiently structured organization does not have extra resources to draw from. That is why, it is essential to have a structured and systematic method for prioritizing time-critical risks and identifying opportunities to improve the focus of limited resources on executing the most effective actions. ERM should be an integrated element of the Performance Management System and a key focus of business planning cycles, following a regular process that guarantees progress by allowing risks to be identified and managed.

    By implementing an ‘Adaptive ERM’ process and maturing it over time, business activities become risk-informed. The end result is that risk impacts are considered as part of a process, which improves the decision process and as a consequence, protects and improves shareholder value for businesses or mission performance for government agencies. 

    Read Also

    Fintech: Opportunities and Challenges in APAC

    Fintech: Opportunities and Challenges in APAC
    Fintech and Risk Management: Oil and Water Never Mix?

    Fintech and Risk Management: Oil and Water Never Mix?
    Leveraging Compliance Infrastructure Investment as a Basis for Scenario-Based Governance

    Leveraging Compliance Infrastructure Investment as a Basis for Scenario-Based Governance
    Demystifying Risk Appetite Statements

    Demystifying Risk Appetite Statements
    10 Most Promising Risk Management Solution Providers - 2017

    10 Most Promising Risk Management Solution Providers - 2017

    Featured Vendors

    Delta Insurance

    Ian Pollard, Co-Founder & MD

    Broadridge

    David Becker , MD, Asia Pacific

    Risk Management Special

    Copyright © 2018 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy  |  Sitemap

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://risk-management.apacciooutlook.com/cxoinsights/redefining-enterprise-risk-management-nwid-777.html