Upload
anu-damodaran
View
231
Download
1
Embed Size (px)
DESCRIPTION
An introduction to ERM
Citation preview
1
ENTERPRISE RISK MANAGEMENT A COMPETITIVE EDGE FOR THE COMPANYANDHOW IT ADDS VALUE TO ITS SHAREHOLDERS
Presented by:Anu Damodaran, MBA G 2nd Sem, AUD0260Amity University, Dubai
2
OBJECTIVE
To understand what Enterprise Risk Management is, why it is important for any business and how it can be measured.
To know whether by measuring and managing the risks consistently and systematically can a company strengthen its ability to carry out its strategic plan.
To understand the methods/ tools used by firms to manage Enterprise Risk.
To study the processes and challenges in implementing Enterprise Risk Management and to identify how much risk can be retained and how much should be laid off.
3
DEFINITION OF ERM
“… a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risks to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”
Source: COSO Enterprise Risk Management – Integrated Framework. 2004. The Committee of Sponsoring Organizations of the Treadway Commission (COSO)
4
EVOLUTION OF ERM
Historically: “risk silo” mentality Mid-1990s:
First “Chief Risk Officer” First use of ERM terminology
Late-1990s: Risk-related regulatory requirements (e.g., Turnbull) Earnings protection insurance debuts
2001: September 11 Corporate scandals Beginning of efforts to improve corporate
governance
5
THE COSO ERM FRAMEWORK
6
WHY IS ERM IMPORTANT?
Integrated strategy Consistency Communication Clear and concrete measures of
performance
7
8
GOALS OF ERM
Create and increase company value Ensure business continuity Stabilize earnings Enhance opportunities for the company
to achieve its objectives Make risk management more cost-
efficient
9
TYPES OF RISKS
Operational Hazard Physical
Strategic Capital / resource
allocation Industry / competitors
Technological Databases Security Confidential information
Stakeholder
Legal Compliance Regulatory
Financial Capital markets Credit risks Taxes
Human capital Retention Training
Reputational
10
THE ERM PROCESS
Identify Risk
Analyze Risk
Identify Requirements
Identify Controls
Risk Registry
11
IMPACT VS. PROBABILITY
Control
Share Mitigate & Control
Accept
High Risk
Medium Risk
Medium Risk
Low Risk
Low
High
High
IMPACT
PROBABILITY
12
Low
High
High
IMPACT
PROBABILITY
High Risk
Medium Risk
Medium Risk
Low Risk
• Loss of phones• Loss of computers
• Credit risk• Customer has a long wait• Customer can’t get through• Customer can’t get answers
• Entry errors • Equipment obsolescence• Repeat calls for same problem
• Fraud• Lost transactions• Employee morale
EXAMPLE: CALL CENTER RISK ASSESSMENT
13
KEYS TO SUCCESS IN ERM
Senior management commitment and sponsorship
Embed a “risk management culture” in the corporation at the operational level
Provide for accountability, both specific and widespread
Clearly defined responsibilities for coordination and maintenance
Adequate communication
14
ERM PREDICTIONS
1. ERM will become an industry standard2. CRO position will be prevalent3. Audit committees will become risk committees4. Economic capital will replace VaR5. Enterprise-level transfer of risk6. Impact of advanced technology7. Measurement standard for operational risk8. Mark-to-market accounting9. Risk education will grow10. Salary gap between risk professionals will widen
15
CONCLUSION
However, let’s not underestimate how big a challenge it is
Even in a “frictionless” world, quantifying and codifying a holistic approach to risk management is an enormous task
Real-world realities make it even more difficult
But it’s worth the effort
16