Articles: Interaction of ERM and Strategic Planning

  • The State of Enterprise Risk Management at Colleges and Universities

    July 01, 2009

    A survey was conducted in June 2008 of over 600 presidents and chancellors, CFOs, governing board members, chief academic officers, and risk managers from private and public colleges and universities of varying sizes. Key survey findings indicate there is significant room for improvement in enterprise risk management at higher education institutions. Best practices and action steps institutions can take to improve their enterprise risk management efforts are discussed. Additionally, a sample worksheet is provided to help higher education leaders begin the systematic risk assessment process in their institutions.

  • The Top Ten Risks for Global Business in 2009

    January 01, 2009

    This report compiles views of industry commentators, sector experts, and Ernst & Young practice professionals as to the major business risks facing “leading global firms” in each of their sectors. The risks identified as the top ten risks for global business in 2009 were rated as having the greatest impact across the largest number of sectors, and these risks will likely do the most to influence markets and drive corporate performance in the coming year. Several of the top ten risks identified were on the list last year: the credit crunch, regulation and compliance, radical greening, cost cutting, and executing alliances and transactions. Three of the top ten risks, non-traditional entrants, managing talent, and reputation risks, moved up from lower rankings the previous year. There were also two new risks that were not identified last year, deepening recession and business model redundancy.

  • Costs Associated with Regulatory Risks

    December 31, 2008

    A significant portion of an organization’s enterprise risk management efforts in both time and dollars may be spent on compliance and regulatory risks. Compliance with federal regulations cost approximately $1.157 trillion in 2007. There were 159 economically significant rules under consideration in 2007, each having an estimated cost of at least $100 million annually. Regulatory compliance costs are important to all businesses, but can be higher per-employee for small businesses since some costs are imposed regardless of size. Federal regulations provide a means of funding government programs without using tax dollars, essentially becoming a form of off-budget taxation that minimizes public scrutiny. The significant impact of these regulatory compliance costs and their overall lack of visibility suggest a need for increased disclosure, transparency, and accountability related to federal regulations.

  • ERM in Academic Institutions

    December 01, 2008

    Academic institutions tend to manage risks in organizational silos, as is common in many businesses. By implementing ERM, an academic institution can benefit from an enterprise-wide identification and assessment of risks which can be used to refine the strategic planning process. Taking an ERM approach improves management’s decision making when a risk’s impact and likelihood are considered.

  • Emory University’s ERM Implementation

    December 01, 2008

    Leaders at Emory University began an ERM program to improve the university’s ability to manage risks, prepare for adverse events, improve principles and practices related to financial controls, and to communicate with managers across the university about key issues. The ERM effort was endorsed by the executive committee and the process was developed by an ERM steering committee, which consisted of operational vice presidents and senior administrators. Emory did not find an ERM model in higher education or one offered by consultants that suited its goals for ERM, so it began its efforts with a bottom-up inventory of operational risks.

  • Embedding ERM: 2008 Global Insurance Sector Survey Results

    October 27, 2008

    More than 350 Chief Financial Officers, Chief Actuaries and Chief Risk Officers responded to a global ERM survey of the insurance industry which found that European insurers are more advanced in ERM implementation than insurers in North America and Asia. Large insurers are more advanced in most aspects of ERM implementation. Economic capital standards are emerging for risk measurement, with a shift toward using a one-year value at risk approach.

  • Does ERM Matter?: Enterprise Risk Management in the Insurance Industry

    June 01, 2008

    The recent upheaval in the banking industry, which is heavily regulated and an early adopter of enterprise risk management (ERM) strategies, has caused other businesses to question the efficacy of an ERM program. A recent study by PricewaterhouseCoopers, LLP makes it apparent that ERM is not fully embedded in many businesses. Failing to consider risk in business decisions makes it unlikely that businesses will achieve their ERM objectives, and increases the difficulty of realizing strategic objectives.

  • ERM in Higher Education

    September 01, 2007

    This document provides guidance for the embrace of Enterprise Risk Management (ERM) in Higher Education. While this is not a step-by-step guide on how to implement ERM at any specific institution, it does provide a good overview of the ERM process, where to begin, and best resources available for structuring and implementing an ERM framework. The document also summarizes examples of ERM at several institutions of higher learning.

  • Insurance Companies’ ERM Ratings

    July 16, 2007

    Standard & Poor’s has spent a significant amount of time developing criteria for and measuring the effectiveness of insurance providers’ enterprise risk management (ERM) systems. Recently, they have focused on European insurance companies. They find that the state of ERM practices in Europe may best be described as adequate for a large majority of European insurers.

  • ERM at the Federal Reserve Bank of Richmond

    March 31, 2007

    This is an examination of an implementation of an ERM discipline in one of the Federal Reserve Banks. It demonstrates a possible model where financial performance targets are not the primary measures of success. The Federal Reserve Bank of Richmond’s ERM approach captured risk within each functional area and then assessed those risk events in terms of both functional and then corporate objectives. Private sector organizations look at threat to value (net worth, revenue, etc.). Public sector firms usually have non-financial objectives. Since measures of success are different, ERM models should be different.

  • Insurers Discover ERM Isn’t Just for Banks Anymore

    June 01, 2006

    The Conference Board issued a July 2006 research report, “The Role of U.S. Corporate Boards in Enterprise Risk Management,” that provides insights about board of director perspectives on their role in overseeing enterprise risk management processes at organizations where they serve. Mark Beasley, NC State’s ERM Initiative Director, served as a member of the Advisory Board for the Project. Based on a research approach that involved personal interviews with 30 board members, analysis of Fortune 100 board committee charters, and a broad survey of 127 board members, the report finds that while ERM processes have improved in some companies, directors serving on multiple boards reported significant variations in the quality of risk dialogue and fewer boards seem to have well-established risk processes. Only 54% have clearly defined risk tolerances and only 47.6% of the boards rank key risks. Almost 50% of the directors would like to see more data analysis related to the company’s risk profile.

  • ERM – UnitedHealth Group

    July 01, 2005

    UnitedHealth Group has implemented ERM within the organization to help identify risks and alleviate negative exposures while profiting from positive opportunities. ERM implementation at UnitedHealth Group evolved out of their Business Risk Management processes used in their six diverse operating businesses.

  • The Orange Book: Management of Risk – Principles and Concepts

    October 01, 2004

    The original Orange Book was published by the British government in 2001 to promote more robust risk management practices in government sectors. Since 2001, organizations have begun to now have basic risk management processes in place. The risk management challenge is no longer in the initial identification and analysis of risk and the development of the risk management process. Rather, the challenge today is in the ongoing review and improvement of risk management. Thus, the British government issued this 2004 revision of The Orange Book to include more advanced guidance, such as the importance of “horizon scanning” (a systematic activity designed to identify indicators of changes in risk). This document also examines how the organization’s risk management activities relate to the wider environment in which it functions.

  • Using Technology to Support ERM:  A Case Study

    December 31, 2003

    Companies face added complexity to overall risks threatening an enterprise. Management needs a risk management program that is complete and proactive toward risk. This article highlights steps that Zions Bancorporation took to develop an application to facilitate risk management.

  • Business Risk Management in Government

    October 01, 2000

    While risk management is well-established in the private sector, no generic risk management approaches are available for government entities. Due to potential pitfalls that exist in government practices, it is not feasible to simply apply private-sector risk management guidance directly to the public sector. Government risk management should focus on systemic risk in order to prevent the blame-shifting that is often present in the government sector.