Enterprise Risk Management by Derek Hendrikz

ENTERPRISE RISK MANAGEMENT ERM

derek hendrikzwww.derekhendrikz.com

Copyright © 2014

Derek Hendrikz Consulting

www.derekhendrikz.com

…the process by which organizations identify, assess, control, exploit, finance, and monitor risks from all sources for the purpose of increasing the organization's short and long term value to its shareholders….

www.derekhendrikz.com

It is a rigorous coordinated approach to assessing and responding to all risks that affect achievement of an organization's

strategic and financial objectives.

www.derekhendrikz.com

FUNDAMENTAL PRINCIPLES OF ERM:

• Continuous actions designed to meet the risk management and corporate objectives (a process).

• Applied across the whole enterprise, at every level and unit.

• Designed to manage downside and exploit upside risks in direct relation to an institutions strategy and risk appetite.

• Includes risks from all sources (financial, operational, strategic).

• The coordination of risk management activities such as:

• Risk assessment;

• Risk mitigation;

• Risk financing; and

• Risk monitoring. www.derekhendrikz.com

DIFFERENCES BETWEEN TRADITIONAL RISK MANAGEMENT AND ERM:

Traditional Risk

Management

ERM

Fragmented.

Negative.

Reactive.

Ad Hoc.

Cost-based.

Narrowly-focused.

Functionally driven.

Integrated.

Positive.

Pro-active.

Continuous.

Value-based.

Broadly focussed.

Process driven.

www.derekhendrikz.com

MEASUREMENT DRIVEN ERM APPROACH

• Focuses on identifying key risk factors facing an organisation and understanding their materiality and probability of occurrence.

• Risk mitigating activities are focused on the most material risks with appropriate mitigating strategies.

www.derekhendrikz.com

THE MEASUREMENT DRIVEN APPROACH TO ERM:

www.derekhendrikz.com

THE PROCESS-CONTROL ERM APPROACH

• Focuses on key business processes and accompanying uncertainties in the execution of the business plan.

• Emphasis on linking the process steps, reporting relationships, methodologies and data collection.

www.derekhendrikz.com

The Process-Control Approach to ERM:

www.derekhendrikz.com

STEPS TO

IMPLEMENTING

ERM

www.derekhendrikz.com

1. Develop a common risk framework.www.derekhendrikz.com

2. Establish overall risk management goals.www.derekhendrikz.com

3. Develop your risk management vision.www.derekhendrikz.com

4. Develop strategies to achieve overall goals and objectives, align risk strategies with business strategies.

www.derekhendrikz.com

5. Develop a risk management policy.www.derekhendrikz.com

6. Obtain approvals, communicate

widely and periodically evaluate.www.derekhendrikz.com

3 PRIMARY ERM RISK

CATEGORIES

www.derekhendrikz.com

Affects the viability and survival of the business.

www.derekhendrikz.com

Environmental

Risk

Affects business operations and goal execution.

www.derekhendrikz.com

ProcessRisk

Affects the reliability and relevance of information that supports value-creation decisions.

www.derekhendrikz.com

DecisionRisk

PRINCIPLES OF ERM (KING II REPORT):

Establish formal board accountability for risk management.

Develop a framework of ERM for the organization.

Establish organizational structures for ERM.

Establish a structured process of risk assessment.

Develop a risk-based environment.

Establish a system of risk monitoring.

Establish a process of risk reporting.

Embed the process of ERM into the organization.

Establish assurance processes for key risks and for the ERM process.

Incorporate the risk related aspects of integrated sustainability reporting into the ERM framework.

www.derekhendrikz.com