Corporate Finance, DeFi, Blockchain, Web3 News
Corporate Finance, DeFi, Blockchain News

Integrate risk management with the rhythm of the business

One of my good friends is Jim DeLoach of Protiviti. While he and I may disagree on some things (Protiviti continues – from what I can see – to favor COSO ERM over ISO 31000:2009), we agree on far far more.

Integrate risk management with the rhythm of the business
This week, a short piece by Jim was published in Corporate Compliance Insights. Integrate the ERM process with what matters gets it 100% right (IMHO).

Some excerpts:

“The relevance of the risk management process increases if it is integrated with core management processes that truly matter. The idea is to integrate risk management with the rhythm of the business so that it can make value-added contributions to establishing sustainable competitive advantage and improving business performance.”

What I like about this is the emphasis on using risk management to improve performance, not just protect value.

“The scope of integration could include one or more of such core management processes and activities as strategy setting, annual business planning, performance management, budgeting, capital expenditure funding, and M&A targeting, due diligence and integration.”

To get the most value, I believe that risk has to be considered and ‘managed’ as part of the daily process of managing and directing the business.

“Effective “corporate governance” provides a flexible corporate structure that manages the balance between the entity’s value creation objectives and performance goals on the one hand with the policies, processes and controls it puts in place to preserve enterprise value on the other.”

“Unfortunately, many organizations do not integrate risk management with strategy development. It is critical to define the soft spots, loss drivers and incongruities that are inherent in the enterprise’s strategic objectives and that could dramatically affect performance and adversely impact execution.”

“Integrate Risk Management with Performance Management……. KPIs are measures of performance developed to monitor progress toward the achievement of the strategy and the ultimate creation of stakeholder value. KRIs provide lead and lag indicators of critical risk scenarios, resulting in a more balanced mix of forward-looking indicators to complement the usual metrics around customer and employee satisfaction, quality, innovation, time and financial performance.”

Do you integrate risk management with what matters?

Norman Marks, CPA, is vice president, governance, risk, and compliance for SAP's BusinessObjects division, and has been a chief audit executive of major global corporations for more than 15 years. He is the contributing editor to Internal Auditor’s “Governance Perspectives” column.

Jeudi 16 Février 2012

Nouveau commentaire :

Your email address will not be published. Required fields are marked *
Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *