3 Ways to Up-Level Your ERM Strategy

The Resilient Enterprise | The riskmethods Blog
buoy-lifesaver-life-preserver-float-boat-ocean

Enterprise risk management is an emerging field, and something that many organizations—even large organizations—are still trying to get a grip on. Whether ERM duties roll up to the CEO, CFO, CRO (Chief Risk Officer) or an external consultant, here are 3 top ways you can improve your company’s ERM efforts.

by Heiko Schwarz

#1: Be Proactive Instead of Reactive

Make your ERM strategies proactive instead of reactive. Risk management processes shouldn't just include identifying risk when it occurs—they should also include using predictive insights to understand what types of indicators might suggest that a risk event is going to occur in the first place.

Let's take a look at financial risk. Admittedly, no company is going to call you in advance to give you a heads-up that they’re about to declare bankruptcy...but this doesn't mean it's impossible to predict. It just means that you have to do your own homework, and you have to know what to look for. In our experience at riskmethods, we’ve found that there’s a combination of signals that often occurs before a company files for bankruptcy. For example, is a CFO stepping down? Is a major shift in the structure of the company occurring? Are shareholders selling or transferring shares? Are there employee strikes or product recalls? These kinds of things don’t happen for no reason. So if you get news that this kind of change is in the works, here’s my advice: Take notice, and understand what ramifications it might have on your own company if this partner becomes financially unstable.

action-plan-notebook

#2: Move Beyond Descriptive Approaches to Risk

One of the biggest problems with ERM programs is that they’re mostly descriptive, and therefore don’t provide actionable operational guidance and workflow to support stakeholders in actively mitigating risk. It's not enough to know what your risk is and what its impact is; you have to make sure that you have a plan in place to address it. In the case of supplier risk, for example, an action plan might identify an alternative source of supply and define the stakeholders responsible for securing it.

In addition to having the plans in the first place, you also have to make sure they're documented and accessible by the relevant parties. If your action plans exist but no one knows where they are or who's involved in them, they're not going to do any good. This is where a centralized, automated system becomes important. With the right foresight and the right tools, it's possible to create effective action plans and then clearly document these plans so that everyone knows what should be done and who should be doing it when a risk event occurs.

#3: Harness Technology to Identify Risk and Automate Action

If you’re paying attention, you should be asking yourself two questions right now: “All well and good, but how am I supposed to identify predictive insights? And what's the most efficient way make sure stakeholders have centralized access to risk action plans?”

Glad you asked. The answer to both questions is the same: Technology.

No, it’s obviously not realistic to manually monitor everything that's going on in all your business partners' companies. And it's not efficient to have uncoordinated approaches to risk that don't define actions and stakeholders. This is where technology comes in. With the right tools in place—artificial intelligence trained to suss out predictive insights, tools specifically designed to document risk action plans—the job becomes not just realistic, but automatic.

Predictive insights. Documented mitigation plans. Technology. If you take these steps, you’re well on your way to reducing your total cost of risk.

heiko-schwarz-profil

Heiko Schwarz

Co-Founder and Managing Director

Heiko is the co-founder and managing director of riskmethods. Got questions about how supply chain risk is threatening your business? Drop us a line at om@riskmethods.net.

See How Supply Chain Risk Maps to the Risk Management Lifecycle

Identify, assess, mitigate. Learn how supply chain risk is incorporated into each phase of the risk management lifecycle.
Fill out form to download whitepaper

More from The Resilient Enterprise Blog

Get tips and tricks right in your inbox

Back to top