Progressive Enterprise Risk Management

Techniques for Risk Measurement in Enterprise Risk Management (ERM)

• Techniques for Measuring Risk

• The need of quantitative risk assessment 
• Interviews That Are Structured

• Workshops on risks

• Expert analysis, or Delphi
• Fishbone analysis, or Ishikawa diagrams
• Analysis of failure mode and effect (FMEA)
• Planning scenarios
• Examination of the root cause
• Monte Carlo simulation
• Bayesian networks
• The benefits and drawbacks of each approach 
• Workshops on Risk
• The effectiveness of workshops
• Strategies for conducting effective risk workshops 
• Peer groups must be included.
• Putting together a risk workshop
• Techniques for Facilitation 

• Expert Analysis, or Delphi

• Obtaining agreement from professionals with various experiences and viewpoints
• Contrasting the views of knowledgeable professionals from various sectors 
• Using experts to determine acceptable risk, such as the ratio of total credit extended to available credit or the establishment of creditworthiness standards
• Operational illustration 

• Analysis of Ishikawa (Fishbone)

• Really useful for assessing risks with many sources
• Fishbone analysis steps 
• Identification of the problem
• Both primary and secondary reasons
• Setting Priority Criteria
• Creating a fishbone graphic
• Examining the result 

• Root Cause Analysis and Failure Mode

• Assessment of possible processes failure modes
• The expected impact on results and/or performance of the product 
• Risk-reduction strategies to get rid of, minimise, or manage possible failures
• Effect, likelihood, and identification standards
• Calculating the risk priority number, or RPN
• FMEA worked example 

• Planning Scenarios

• Why do recognised dangers tend to be too generalised? For example, losing important employees
• The need to assess many scenarios for every generic risk 
• The methods and elements of success 

Additional Risk Assessment Methods

• Analysis of Fault Trees

• Systematic approach to System Analysis 
• Investigates the system from the top down
• Used to look for possible issues
• Calculate your part in the unreliability of the system.
• Operational illustration

• Monte Carlo Models

• Mathematical method that enables risk to be taken into consideration while doing quantitative analysis and making decisions.
• Gives a variety of potential outcomes together with the likelihood that they will happen.
• Establishes a probability distribution
• The different distribution types
• Typical (bell curve)
• Consistent
• Triangle-shaped
• Applications for Monte Carlo Models
• Used to determine the cost of complex financial products
• To calculate the value at risk, or VAR
• Choosing whether to extend, reduce, or pause a project

• Bayesian Networks

• The Bayes theorem
• Adding extra information to a creative concept to improve decision-making
• Using Bayesian networks
• Will it be cloudy tomorrow?
• Going to the physician

• New Hazards

• The line separating one kind of danger from another is unclear.
• Emergent risks are often difficult to predict. 
• Early on, they are often high impact / low likelihood.
• Topics to think about
• Political
• Controlling
• Lawful
• Safety
• Technology
• Surroundings
• Understanding

• Crisis Handling

• The need of getting ready
• Planned press releases in advance
• Categories of crises
• The distinction between crisis management and emergencies

• Important Risk Indices (KRIs)

• The peels of bananas
• Recognising these beforehand
• Illustrations of KRIs
• Updated KRI guidelines
• How to create KRIs that work 

Advanced Problems with Enterprise Risk Management (ERM)

• The Challenges of the Risk Register

• Why it's common for the Enterprise Risk Management (ERM) approach to not include management 
• The risks listed are much too broad.
• Risks are confused with causes and consequences.
• The only remaining danger is focused on 
• There are several techniques for rating hazards.
• Benefits are hard to quantify
• The registration is based on a spreadsheet.
• The procedure is very intricate.
• The solution for the risk register 

• Success Strategies for Enterprise Risk Management (ERM)

• Assess your risk maturity using a risk assessment framework, and if necessary, create a strategy to increase it.
• Adopt the International Risk Standard (ISO31000) and implement the guidelines across the company. 
• Use a single risk matrix for the business; don't create separate ones for each function.
• Make sure you have a consistent vocabulary for risks and spread the word about them.
• Identifying risks might include a variety of situations, such as the loss of important persons (quantity, location, etc.).
• Establish insightful Key Risk Indicators (KRIs) to alert you before hazards occur.
• Create a tabular or graphical record of the Board's major risks.
• Realise that effective corporate governance depends on a grasp of risk.
• Organise an upper management workshop on reputation risk.

• Risk Tolerance and Appetite for Risk

• What does risk appetite mean?
• The distinction between tolerance and desire for risk 
• Establishing danger boundaries
• Risk assessment
• Creating statements on risk appetite
• Samples of remarks expressing a risk appetite

• Managing Enterprise Risk (ERM) and Making Decisions

• Enforce the submission of a comprehensive risk analysis for each significant proposal that is sent to the Board or senior management for consideration.
• Each year, align major risks with company goals.
• Make sure you overdeliver on your promises rather than the opposite.
• Invite the important members of your team to a risk workshop.
• Examine the biggest shocks and near-misses you had within the last 12 months.
• Realise that "it probably is" if anything seems too wonderful to be true.
• Prepare press releases ahead of time to address any potential emergencies.
• Ask all major executives to name three possibilities twice a year, then organise a high-level session to prioritise and debate them.
• Create a record of corporate opportunities.
• Provide unique rewards for the finest concepts that lower risk or take advantage of possibilities.
• Unless there is evidence of a clear financial or other major advantage, do not invest time and money on risk mitigation.
• Determine how much revenue is needed to compensate for every dollar, dirham, or riyal lost as a result of inadequate risk management, and utilise this multiplier as a business motivator. 

Additional Enterprise Risk Management (ERM) Aspects

• Enterprise Risk Management (ERM) and Assurance

• Making sure the functions of your assurance providers—such as internal audit, compliance, risk management, insurance, and security—are coordinated to prevent effort duplication 
• Why should your risk register include agreed-upon actions from internal audits?
• Make sure you treat environmental risk seriously, even if your industry is the financial services sector.
• Make sure your business continuity strategy is well tested and that it addresses all potential scenarios.
• Find innovative approaches to help the most disadvantaged members in the larger community you serve.
• Updated guidelines for coordinating assurance and RM 

• Motivating Your Employees to Take on Risk

• Make sure that your employees understand that risk management is a business process rather than a passing trend or the newest project.
• Make risk management a topic of discussion at staff meetings. 
• Realise that your staff members won't be motivated to manage risks unless doing so would benefit them.
• Don't assign the same management too many risks.
• Work with your management to finish as much of the risk programme as possible. Don't depend too much on consultants; take responsibility for the process.
• Recognise that management would often overstate the risk in order to get a plan approved (if you allow them)
• Realise that risk is the organization's lifeblood, and ensure that you have personnel to regularly take this pulse

• Project and Joint Venture Enterprise Risk Management (ERM)

• Early on in a project, identify the risks that are involved.
• Acknowledge that there is little chance the project will be completed on schedule, under budget, and with all of the stated goals. 
• Prioritise the three factors: time, money, or functionality. Determine which one you are ready to give up on first. 
• Before giving a contract, do risk workshops with the selected vendors or contractors.
• Before executives attend each partner meeting, provide them with a clear brief on the choices that may or may not be taken by them. 
• Demand that your executives provide written evaluations after each of these sessions.
• Establish a precise procedure for evaluating joint ventures and partnerships.
• Don't assume that just because a joint venture works well in year one, it will continue to work well in years two and beyond. 
• Request that your internal audit department participate in all important systems and projects at crucial junctures during the development process.
• Make sure every operation you outsource has a right to audit clause, and make use of that right. 

• The Golden Rules of Enterprise Risk Management (ERM) in Projects (with case studies)

• Include risk management from the beginning of the project.
• Detect hazards at the outset of the project 
• Spread the word about the dangers.
• Take into account both possibilities and threats.
• Give the dangers top priority.
• Examine the hazards thoroughly.
• Create and carry out risk mitigation strategies.