The development of an enterprise-wide risk management framework in an organisation / Adinda Louw

• Main Author: Louw, Adinda
• Published: North-West University 2009
• Online Access: http://hdl.handle.net/10394/1429

Enterprise-wide risk management (ERM) has over the past few years emerged as a widespread practice in organisations. It has been increasingly included in regulatory, corporate governance and organisational management blueprints. Making sense of all these developments is a big challenge. Contributing to this difficulty is today's challenging global economy, business opportunities and risks that are constantly changing. There is a constant need for identifying, assessing, managing and monitoring the organisation's business opportunities and risks in order for organisations to succeed. Risk management is a well-established philosophy; however, organisations are struggling to implement, embed and sustain a pragmatic ERM solution that is robust, adds value and creates a balance between cost and reward. In surveys done it was noted that ninety percent of executives are building or want to build an enterprise risk management process into their organisations, but only eleven percent report they have completed the implementation successfully. The question raised is thus, if ERM is widely known and executives are eager to build an ERM process into their organisations, why is ERM not successfully implemented, embedded and monitored in order to give the assurance to senior executives and all other stakeholders that all potentially significant business risks are identified and managed. In this study a practical nine-step ERM process is derived from various case studies and other information from publications, journals, arid articles. Key learnings from successful ERM implementations are also highlighted in order to assist other organisations to successfully implement, embed, and sustain a pragmatic and dynamic ERM process that enables better informed decisions, greater management consensus and increased management accountability. From all the case studies and other relevant information researched it is evident that every organisation follows different steps and phases to get to their ERM solution. No 'one size fits all' solution exists. A cookbook recipe for implementing ERM is not feasible as so much depends on the culture of the organisation and the change agents who lead the effort. The implementation of any new ERM process will have some or other disruptive effect due to the change management aspects. It is important to understand that the ERM process is a journey with no finite end. It is an interactive process and needs commitment from top management to succeed. All the organisations that have successfully implemented ERM had one common belief with regard to the implementation of ERM. They believed that ERM was creating, protecting and enhancing value by managing ERM. The key lessons learnt from the study are summarised in Key Success Factors (KSF) that are recommended for value adding ERM through effective implementation, embedding, monitoring and assurance over ERM. The successful implementation of ERM is not an easy task, but it is no longer a "nice to have". In today's challenging global economy, business opportunities and risks are constantly changing and therefore a dynamic and robust ERM process should be implemented to ensure effective management of risks. As proven the mismanagement of risks can carry an enormous price. === Thesis (M.B.A.)--North-West University, Vanderbijlpark Campus [i.e. Potchefstroom Campus], 2008.