Chapter Eleven - Fifty Key Principles of Enterprise-Wide Risk Management
Published online by Cambridge University Press: 18 February 2020
Summary
Whereas Chapter 9 provided a methodology for the identification, interpretation and intervention of risk, this chapter will look at the critical success factors in the structuring and managing of an enterprise-wide risk management programme.
Quite clearly, a company needs more than just a consistent methodology to make risk management work. Risk management is after all a management function and requires a management framework in order to succeed. The 50 principles outlined here are grouped according to management activity, and create the context for an enterprise-wide risk management programme.
Most of the principles have been explained and explored in the previous sections in some form and will by now be familiar concepts. Some of the principles therefore will require little or no further explanation. Many of them are selfexplanatory. The commentary provided for each principle is by no means exhaustive on the subject ± just a few pertinent issues are raised.
A company that is committed to risk management will typically take 18±36 months to satisfy all the requirements offered in these 50 principles. A company that succeeds in integrating all of these principles has truly achieved the implementation of enterprise-wide risk management.
Strategic issues
Principle 1: One balance sheet, one risk strategy
There is one risk management strategy for the enterprise. Different risk management functions align their goals within the framework of one cohesive structured programme.
Because the enterprise has one balance sheet and one business strategy there should be one cohesive approach to managing risk. Although the differing functions of risk management often have to perform their functions discretely, the overarching business strategy should dictate the focus and theme of each function's risk strategy.
A strategic approach to risk should be assumed. Not only does the strategy of the enterprise bring with it a given risk profile, but also the assumption that risk can be used to gain strategic competitive advantage.
A strategic approach is needed because of the influence of change on an enterprise. Change affects all dimensions of an enterprise. The speed of business is accelerating, bringing with it new risk exposures. The influence of customer demand for quality has a profound effect on the exposures to the brand and reputation of the enterprise.
- Type
- Chapter
- Information
- A New Language of RiskA foundation for enterprise-wide risk management, pp. 215 - 238Publisher: University of South AfricaPrint publication year: 2002