Risk continues to dominate executive team and boardrooms agendas. The 21st century business environment is continually changing. Competition is fierce, stakeholders are more demanding and pressures on costs are ever present. Business is becoming more complex every day and is full of risk.
Organisations have typically viewed risk as a dirty word and one that should be eliminated whenever possible. Recently, increasing legislation and regulatory requirements have driven organisations to allocate extensive resources to address the risks that they face. Shareholders are beginning to examine the level of business controls in place. Stakeholders and regulators have increased their demand for transparency. Identifying, managing and exploiting risk throughout the organisation is becoming significantly essential to its success and future.
Enterprise wide risk management offers a methodology for identifying risks that undermine an organisation’s ability to achieve its objectives – equally it also provides a framework for identifying and exploiting opportunities. When carried out effectively, risk management provides an organisation a much clearer panorama of the environment in which it operates and the events that it’s exposed to – whether external or internal. A robust framework is aligned to the organisation’s appetite and tolerance for risk and offers a basis for establishing appropriate risk treatments.
When applied consistently and embedded throughout the organisation, it empowers and facilitates management to balance the level of risk that they are prepared to take with the control environment they have implemented. They will be in a better position to identify, analyse and evaluate risk to ensure appropriate governance, regulatory compliance and efficient/effective operations
For enterprise risk assessment to deliver value, it should begin with the organisation’s key business goals and objectives. These goals and objectives offer the foundation to evaluate risks in terms of their impact to the organisation and the likelihood of the risks occurring. Results from this assessment can then be used to develop a portfolio view of the organisation’s risks and develop risk management strategies that are aligned to the organisation’s risk appetite and risk tolerance.
Organisations that routinely evaluate these results are on a clearer path to establishing a risk management framework that exploits opportunities as well as addresses the down side of adverse events. Organisations that master risk management by embedding risk into decision making processes, introducing executive and board room visibility will differentiate themselves. Organisations that are pro-active and set high benchmarks will deliver shareholder value and achieve higher levels of performance.