Cavalcade of Risk #131: All Things Risk

Posted on May 18, 2011 by Emily Holbrook

Welcome to the Cavalcade of Risk blog carnival, an aggregation of some of the best risk management and insurance-related blog posts out there. Before I get to the rundown of posts, thanks go out to David E. Williams at Health Business Blog for his insightful hosting of Cavalcade of Risk #130.

Let us begin with Dave Ingram‘s post regarding risk management entertainment systems (RMES), where he states, “The Risk Management Entertainment Systems create a very strong impression that ERM is a talking and paper shuffling activity. A waste of scarce corporate time, resources and dollars. ERM needs to be about action. If in the end, ERM does not result in any changes to a firm’s treatment of risks or selection of risks, then there was no real business reason for ERM.”

Henry Stern presents (Really) Stupid Client Tricks (P&C Edition) at InsureBlog, where he tells the story of how one really stupid client is actually increasing its own risk of exposure, and that of its insurer.

Claire Wilkinson writes about protecting your personal information on Terms + Conditions, the Insurance Information Institute’s blog regarding all things risk and insurance. She states, “the average organizational cost of a data breach increased to $7.2 million in 2010 and cost companies an average of $214 per compromised record up from $204 in 2009.”

Russell Hutchinson touches on the grim side of business partnerships with his post regarding statistics on the death of business partners on his Chatswood Consulting blog, where he states, “Any adviser serious about the business insurance market should have these numbers learned by heart.”

Rebecca Shafer writes about the eight keys to winning workers comp claims in litigation at the Workers Comp Roundup, where she lists ways to speed up the workers comp claim process and get cases settled and off a company’s loss run report.

And a few more from around the blogoshpere:

Insurance Industry Gets Social Media on Reinsurance Girls’ Blog
Illinois Comp: The Nuclear Option? on Worker’s Comp Insider
Business Resilience: Supply Chain Risk to National Security on Operational Risk Management Blog

The next host is Russell Hutchinson at Chatswood Consulting — he’ll host the 5th anniversary edition of Cavalcade of Risk on June 1st. Don’t miss it!

Discussing ERM at RIMS 2011

Posted on May 4, 2011 by Morgan O'Rourke

ERM was a big topic at this year’s RIMS Conference & Exhibition. As it increasingly becomes apparent that enterprise risk management is a vital component of business management as a whole, many attendees were taking the next step past simple understanding and actively looking for practical ways to actually implement the strategy for their businesses. And many sessions at RIMS 2011 were designed for that very purpose.

For instance, “Building an ERM Roadmap” and “ERM Technology Tool Review” included a variety of practical guidelines and sample tools. The discussions focused on how to develop, report and monitor an effective program that meets the business area and board’s needs.

Grace Crickette, chief risk officer at the University of California, offered a useful online resource, based on the university’s own ERM efforts, to help companies define and implement ERM programs in their organizations.

Like organizations within the private sector, the UC system operates in an inherently risky environment. By strategically managing risk, we can reduce the chance of loss, create greater financial stability, and protect our resources so we can continue our mission of supporting teaching, research and public service.

As part of this strategic approach to managing risk, the UC leverages an Enterprise Risk Management Information System, which provides users with a single portal through which they can access and analyze information related to their specific area.

For anyone looking to make progress with their own ERM program, this might be a good place to start.

SRM: The New Core Competency

Posted on May 3, 2011 by Emily Holbrook

Strategic risk management (SRM) has become an increasingly hot topic, with risk managers, C-suite execs and managers across all industries looking to continuously improve their risk management plan. After hearing so much buzz about SRM lately, I decided to attend a session on the topic at RIMS 2011.

Speaking on the issue were none other than the celebrated director of strategic and enterprise risk practice for RIMS, Carol Fox; the director of the center for strategies, execution and valuation for DePaul University, Dr. Mark Frigo; and Hans Laessoe, senior director of strategic risk management at LEGO Systems.

Starting off the presentation to a packed room, Fox reminded everyone of the RIMS/Advisen survey, which notes that, to survey participants, the primary value of SRM is:

28% avoided and or mitigated risk
16% compliance with regulatory and legal requirements
17% eliminated silos
5% process consolidation
24% increased certainty in meeting strategic and operational objectives

Fox noted that SRM was a discipline focused on the upside of risk. More specifically, RIMS defines SRM as a business discipline that drives deliberation and action regarding uncertainties and untapped opportunities that affect an organization’s strategy and strategy execution.

Closing her portion of the presentation, Fox questioned the way that most risk managers think. “Are we too focused on known risks or analyzing the past?” asked Fox. “There appears to be an unmet need for risk management to take a lead role in SRM.”

Following Fox, Laessoe began his speech by explaining LEGO’s theory on risk management, which is:

Prepare for uncertainty –> Active risk and opportunity planning (AROP) –> enterprise risk management –> Monte Carlo simulation

Monte Carlo simulation “has enhanced LEGO’s understanding of uncertainty,” according to Laessoe.

The company applies Monte Carlo simulation to achieve the following:

Budget and estimate uncertainties to show earnings volatility and pinpoint key drivers based on input from business controllers.
Simulation on ERM risk portfolio to consolidate risk exposure and identify 5% worst case scenarios which is the base of LEGO’s defined risk appetite.
Simulation of credit risk portfolio as a “tool” to have a more frank discussion with insurance partners.

Frigo wrapped up the session with some inspiring words on the future of SRM. “SRM is the new core competency,” he said. “If ERM encompasses all areas of organizational exposure to risk, including strategic, why is SRM the NEW core competency? We believe SRM is a foundation for elevating the value of ERM, and for that matter, management in general.”

Amen!

ERM on the Rise

Posted on April 1, 2011 by Emily Holbrook

An uprising in Egypt or a catastrophic natural disaster in Japan can make a company stop and think about how that event impacts their business. And events like these are helping to spur companies to fully embrace enterprise risk management (ERM).

This is a good thing. And, according to some, it’s only going to get better.

James Lam, president of risk-management consulting firm James Lam & Associates, has high expectations for the future of ERM, telling CFO magazine that “We’re going to make more progress in ERM implementations and its standardization in the next couple of years than we did in the last dozen.” According to his research, almost 90% of global organizations with more than $1 billion in revenue are either putting an ERM program in place or, in 25% of those cases, already have a program up and running.

Russ Banham, a contributing editor of CFO magazine, also has some great insight into the present state and future situation of the risk management movement. He penned quite an interesting ERM article that was published today. In it, Banham states that it’s not just black swan events that are to credit for the spike in ERM popularity, three trends have also caused an increase in interest.

Corporate boards are under regulatory pressure to address risk management explicitly.
Proponents of ERM are making progress in having it acknowledged as a best practice for overall risk management.
New technologies are enhancing companies’ ability to evaluate, measure, and prioritize risks, and to test and report on their potential impact.

Banham points to the Dodd-Frank Act, the fact ratings agencies factor in ERM criteria into their ratings process, COSO II (the Committee of Sponsoring Organizations) and the SEC’s sharpened stance on risk management as why some companies, especially larger ones, have no option other than the fully implement an ERM program.

Governance issues aside, ERM would get a major boost if it were widely regarded as an industry standard for best practices. “We are not talking about a one-size-fits-all standard, since risk management is part art and part science, and organizations differ by geographies, markets, business lines, and organizational structure,” Lam says. “It can, however, be an industry-by-industry standard, customized by companies within a given industry.”

Optimism aside, most companies still have a long way to go in terms of developing a comprehensive, efficient and successful ERM strategy. As we see by the second graphic below, more than half of companies still have little or no common risk management processes implemented.

Let’s hope Lam’s predictions come to fruition.

Risk Management Monitor

The Risk Management Blog

Category Archives: Enterprise Risk Management

Cavalcade of Risk #131: All Things Risk

Discussing ERM at RIMS 2011

SRM: The New Core Competency

ERM on the Rise