There’s some good material in KPMG’s Enterprise Risk Management Benchmarking Study, subtitled Evolving to an active, integrated and agile approach amidst change and disruption.
Here are some excerpts, with my comments, in the order in which they appear in the report.
- Companies are rightly questioning the strength of their ERM programs in the face of rapid change, competitive disruption, an unrelenting news-cycle, and a global crisis in trust. Unfortunately, this questioning may come after a major risk incident for an organization, when vulnerabilities become apparent. Despite seismic shifts in the environment and a critical need for risk agility, the evolution of ERM is slow.
Comment: While it is important for organizations to “question the strength of ERM”, they should start with questioning why they have a program in the first place. No significant progress is going to be made unless and until organizations realize they are not in the business of managing risk; they are in the business of managing the business for success, which means achieving their objectives. Then they should question hot ERM is supposed to help that, and the answer is that it should provide actionable information about what might happen so they can make the intelligent and informed decisions necessary for success.
Evolution is…
