ERM for the Non-Risk Manager
Presented by:Lisanne SisonDirector, ERMBickmore
What is ERM?
“Enterprise Risk Management (ERM) is “a process, effected by an entity’s board of directors, management and other personnel, applied in strategy-setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”
- Committee on Sponsoring Organizations Enterprise Risk Management Integrated Framework, 2004
What is ERM?
“[ERM is] a structured, consistent and continuous process across the whole organization for identifying, assessing, deciding on responses to and reporting on opportunities and threats that affect the achievement of it’s objectives.”
- The IIA – UK and Ireland
What is ERM?
ERM is an integrated systematic process of identifying major risk to achieving the specific goals and objectives of the organization. These risks should be analyzed by likelihood and impact and mitigated to an acceptable level of risk.
- The IIA Research FoundationContrasting GRC and ERM, Perceptions and Practices Among Internal Auditors, 2013
Einstein’s* explanation
ERM is a process that helps manage diverse organizational risks and supports successful achievement of objectives
ERM Life Cycle
Internal Environment Event Identification
Risk Response
Control Activities
Objective Setting
Information & Communication
Risk Assessment
Monitoring
Culture
Identify and prioritize risks
Evaluate options
Evaluate Performance
Goal setting
Confirm next steps
Implement
Start with Why…
Simon Sinek’s Golden Circlehttp://www.youtube.com/watch?v=_I-_0cnj_xQ
Internal Environment Event Identification
Risk Response
Control Activities
Objective Setting
Information & Communication
Risk Assessment
Monitoring
Opportunity Cost
• Every decision can be weighed in terms of costs and benefits
• Decisions can have multiple options• Compare both costs and benefits• Only realize the benefits of one
Internal Environment Event Identification
Risk Response
Control Activities
Objective Setting
Information & Communication
Risk Assessment
Monitoring
Failure Mode Effect Analysis
• Review a process for what can go wrong• Assess and prioritize• Identification factor (Likelihood error will
be caught)
Internal Environment Event Identification
Risk Response
Control Activities
Objective Setting
Information & Communication
Risk Assessment
Monitoring
Tippy Tap
• http://youtu.be/Qdpd3roZjYw
Internal Environment Event Identification
Risk Response
Control Activities
Objective Setting
Information & Communication
Risk Assessment
Monitoring
ADKAR
Internal Environment Event Identification
Risk Response
Control Activities
Objective Setting
Information & Communication
Risk Assessment
Monitoring
Internal Environment Event Identification
Risk Response
Control Activities
Objective Setting
Information & Communication
Risk Assessment
Monitoring
Plan Do Check Act
Six Sigma (cont’d)
• A clear focus on achieving measurable and quantifiable financial returns
• Increased emphasis on strong and passionate management leadership and support
• Clear commitment to making decisions informed by data, rather than assumptions
• Developed by Motorola in 1986
Six Sigma
Covey’s 7 habits
Internal Environment Event Identification
Risk Response
Control Activities
Objective Setting
Information & Communication
Risk Assessment
Monitoring
Be Proactive
Seek first to understand,
then be understood
Think win-win
Sharpen the saw
Begin with the end in mind
Put first things first
Synergize
1989!!!
Lean
• Problem: Overtime every day because people were coming in 30 min before their shift to re-organize their ambulance the way they like it
• Solution: Standardized ambulance set up• Communication and training to enable
the change
Case Studies
Case Study – Raley’s
Non-Risk Manager ERM Checklist
• What are you trying to accomplish?• What are the realities/barriers?• What needs to be addressed immediately,
soon, later, or never?• What is the best, most efficient way to
overcome this challenge?• How do we prepare people to accept this
change?• How will we measure success?
©Lisanne Sison, Bickmore 2014
Top Related