We adopt a practical 3-step approach in the implementation of Enterprise Risk Management.
The main objective of this step is to create management’s awareness and obtain their support for the project. Some of our key activities here include:
- Assist the setting up of an ERM Team to champion this project. This ERM Team should preferably comprise the Company’s HODs or Senior Management Staff who will later on be facilitating the ERM implementation process in their respective functions. They will be trained on the ERM framework and methodology.
- Training staff and establishing practical understanding of the BRM Framework and Methodology so that ERM works at all levels in the company.
- Identifying the company’s strategic goals, value drivers and processes for the integration of ERM and obtaining management’s approval of the overall processes.
- Derive the Organization’s Risk Profile Looking at your Business Risk Universe “BRU” is a practical way for us to understand the company’s risks in all areas and levels of the business. A survey will be conducted to identify the key business risks from which the company’s risk profile is derived.
- Risk Evaluation, Response and Control Once the risk profile is obtained, risk evaluation is performed together with management in facilitated workshops to establish the severity and likelihood of impact before appropriate response and controls are decided and agreed upon.
- Implement ERM Management will then take ownership of the ERM framework and methodology for scheduled implementation organization-wide. This process can be facilitated as well as audited to check for effectiveness.
Communication and Implementation
When the Enterprise Risk Management is ready for implementation, management will communicate this to all staff. Periodic audits will also be put in place to provide a means for management to check the effectiveness of the ERM action plans. Continuous monitoring and improvement are also standard features that will be developed for you.