Fortifying your business with enterprise risk management
Establish an enterprise risk management (ERM) program to protect your business. Just as hundreds of years ago, when prosperous towns managed the various risks of foreign invaders, thieves and wild animals by fortifying their entire communities with walls and towers.
In short, ERM is an integrated, company-wide system of identifying and planning for risk. Many larger companies have entire departments devoted to it. If your business is ready to implement an ERM program, be prepared for a lengthy building process.
This isn’t an undertaking most business owners will be able to complete themselves. You’ll need to sell your managers and employees on ERM from the top down. After you’ve gained commitment from key players, spend time assessing the risks your business may face. Typical examples include:
• Financial perils,
• Information technology attacks or crashes,
• Weather-related disasters,
• Regulatory compliance debacles, and
• Supplier/customer relationship mishaps.
Because every business is different, you’ll likely need to add other risks distinctive to your company and industry.
Developing the program
Recognizing risks is only the first phase. To truly address threats under your ERM program, you’ll need to clarify what your company’s appetite and capacity for each risk are and develop a cohesive philosophy and plan for how they should be handled. Say you’re about to release a new product. The program would need to address risks such as:
• Potential liability,
• Protecting intellectual property,
• Shortage of raw materials,
• Lack of manufacturing capacity, and
• Safety regulation compliance.
Again, the key to success in the planning stage is conducting a detailed risk analysis of your business. Gather as much information as possible from each department and employee.
Depending on your company’s size, engage workers in brainstorming sessions and workshops to help you analyze how specific events could alter your company’s landscape. You may also want to designate an “ERM champion” in each department who will develop and administer the program.
Yes, just as medieval soldiers looked out from their battlements across field and forest to spot incoming dangers, you and your employees must maintain a constant gaze for developing risks. An ERM program, while an ambitious undertaking, can provide the structure for doing so. We can assist you in managing risks to your business in a financially sound manner.