Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
ARiMI	
  –	
  Asia	
  Risk	
  Management	
  Ins0tute	
  
By MARC RONEZ
Chief Risk Strategist & Master Coach
Asia Risk Mana...
Agenda	
  for	
  this	
  Session	
  
Explore and discuss the ‘business case’ for integrating Business
Continuity Managemen...
3
Risks	
  &	
  Crises..	
  BCM	
  or	
  ERM	
  issues?	
  
Terrorism Diseases
Earthquake
Pollution
Bank run
SubprimeExplo...
Conflicts between ERM & BCM	
  
VS ERMBCM
­  SEPARATE often COMPETING Functions in Organizations
­  OVERLAPPING area of R...
Different Origins for ERM & BCM	
  
VS ERMBCM
≠
IT departments,
with the IT Disaster
Recovery program
Insurance
Buying / Ha...
66
Financial & Hazard
Expanding	
  the	
  scope	
  of	
  ERM	
  
Finance Losses
Operational Strategic
Protect & Sustain
Op...
BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 7
ERM
Manage Risks & Opportunities
Effectively to Ensure Achievement of
C...
RISK	
  	
  MANAGEMENT	
  
IT	
  DISASTER	
  RECOVERY	
  
FACILITIES	
  	
  MANAGEMENT	
  
SUPPLY	
  CHAIN	
  	
  MANAGEME...
BCM…
MAINTAIN KEY Business Operations
during challenging times
BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 9
CATALYST	
  for	
  the	
  ERM	
  &	
  BCM	
  ‘Explosion’!	
  
A continuous and constant stream of crises and corporate
fai...
1111
The	
  ERM	
  &	
  BCM	
  Explosion!	
  
Failures in managing risks effectively have triggered all
over the world, ef...
ERM	
  &	
  BCM	
  Best	
  Prac9ces	
  &	
  Standards	
  
BCM Standards
þ  ISO 22301:2012 - Societal
security – Business ...
 ERM	
  vs	
  BCM	
  Area	
  of	
  Focus	
  &	
  Objec9ves	
  
13
- +
Target
Performance
Expected
Potential
Losses
Expecte...
 ERM	
  vs	
  BCM	
  Area	
  of	
  Focus	
  &	
  Objec9ves	
  
14
- +
Target
Performance
Expected
Potential
Losses
Expecte...
BCM	
  perspec9ve:	
  How	
  to	
  Define	
  Business	
  
Con9nuity?	
  
¤ Business Continuity is defined in British Stand...
Components	
  of	
  BS	
  25999	
  Defini9on	
  of	
  Business	
  
Con9nuity	
  
Key components in the definition:
①  CAPAB...
Components	
  of	
  BS	
  25999	
  Defini9on	
  of	
  Business	
  
Con9nuity	
  
Key components in the definition:
①  CAPAB...
What	
  is	
  Business	
  Con9nuity	
  Management	
  then.	
  
¤ British Standard for BCM (BS 25999:2006) defines it as:
...
BCM	
  –	
  Business	
  Con9nuity	
  Management	
  Process...	
  
BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 19
1 - ...
BCM	
  process	
  –	
  Underlying	
  Focus	
  
1 – Key Activities & FUNCTIONS
4 – Identify & Assess THREATS
The
Trash
Bin
...
ERM	
  Perspec9ve:	
  How	
  to	
  Define	
  RISK?	
  
¤  Risk is defined in ISO 31000: 2009 as:
“.. the effect of uncerta...
Components	
  of	
  ISO	
  31000	
  Defini9on	
  of	
  Risk	
  
Key components in the definition:
①  OBJECTIVES
②  UNCERTAI...
Components	
  of	
  ISO	
  31000	
  Defini9on	
  of	
  Risk	
  
Key components in the definition:
①  OBJECTIVES
➜  Somethin...
ISO	
  31	
  000	
  Guide	
  -­‐	
  Risk	
  Management	
  Process	
  
3	
  –	
  Risk	
  Assessment	
  
2	
  -­‐	
  Establi...
ISO	
  31000	
  –	
  GUIDE	
  for	
  Managing	
  Risk	
  
Principles Framework Process
2"–"Design"of"framework""
for"manag...
ERM	
  process	
  –	
  Underlying	
  Focus	
  
4 – Identify & Assess THREATS
Based on Likelihood & Impact
1 – Corporate OB...
27
In	
  SUMMARY:	
  Comparing	
  BCM	
  and	
  ERM	
  
BCM ERM
Primary Focus Key Functions (Processes &
resources)
Key Co...
Nega9ve consequences of the lack of
integration between ERM & BCM activities	
  
­ Unhealthy Competition for Management A...
BCM	
  is	
  a	
  NATURAL	
  part	
  of	
  an	
  ERM	
  framework..	
  
BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 2...
Pressure
Time
Potential Emerging Current Recovering
Life-­‐cycle	
  from	
  a	
  Risk	
  issue	
  to	
  a	
  Crisis	
  –	
...
Example: BP oil spill, Gulf of Mexico 2010
­ The catastrophe resulted in a loss of:
–  Direct Cost to BP: Over $20 billio...
Pressure
Time
Potential Emerging Current Recovering
From	
  Risk	
  issue	
  to	
  Crisis:	
  BP	
  Gulf	
  of	
  Mexico	
...
Impact	
  on	
  BP	
  share	
  price	
  /	
  market	
  capitaliza9on	
  
Gulf of
Mexico
Disaster
MTBE
Contamination
lawsui...
Pressure
Time
Potential Emerging Current Recovering
Life-­‐cycle	
  from	
  a	
  Risk	
  issue	
  to	
  a	
  Crisis	
  
Si...
Road	
  Map	
  to	
  Managing	
  Risk	
  &	
  Crisis:	
  The	
  steps	
  
35BCM vs ERM – Marc Ronez - Copyright @ ARiMI 20...
36
Pressure
Time
Potential Emerging Current Recovering
Road	
  Map	
  to	
  Managing	
  Risk,	
  Crisis	
  &	
  Change
Sig...
 Cover	
  all	
  the	
  bases!	
  
3
7
- +
Target
Performance
Expected
Potential
Losses
Expected
Potential
Opportunities
U...
Road	
  Map	
  to	
  Managing	
  Risk	
  &	
  Crisis:	
  The	
  Solu9ons	
  
BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2...
How	
  ERM	
  &	
  BCM	
  can	
  add	
  value	
  to	
  each	
  other?	
  
BCM can provide ERM with:
þ  A better understan...
What	
  is	
  preven9ng	
  effec9ve	
  coordina9on	
  &	
  
integra9on	
  between	
  ERM	
  &	
  BCM?	
  
­ Obstacle type ...
In	
  conclusion:	
  Three	
  Models	
  for	
  ERM	
  and	
  BCM	
  in	
  a	
  
organiza9on	
  
There are three different ...
Marc	
  Ronez	
  -­‐	
  Chief	
  Risk	
  Strategist	
  &	
  
Knowledge	
  Leader	
  at	
  ARiMI	
  -­‐	
  Asia	
  Risk	
  ...
Risk	
  Management	
  is	
  a	
  con/nuous	
  journey,	
  not	
  a	
  
des/na/on!	
  
BCM vs ERM – Marc Ronez - Copyright ...
 ARiMI	
  –	
  Asia	
  Risk	
  Management	
  Ins9tute	
  
BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 44
ARiMI	
  is	
  an	
  applied	
  research	
  and	
  business	
  studies	
  ins0tute	
  that	
  
was	
  set	
  up	
  in	
  2...
 	
  	
  ARiMI	
  -­‐	
  Focus	
  and	
  Exper9se	
  
● Crisis management &
Business Continuity
● Leadership risk decision...
47
For more information on ARiMI,
check our website at:
www.arimi.org
BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013
Important Note: Please note that that this presentation and its
contents, is the intellectual property of the Asia Risk Ma...
Upcoming SlideShare
Loading in …5
×

BCM vs ERM: The Business Case for Integration..

8,717 views

Published on

Marc explores and discusses the ‘business case’ for integrating Business Continuity Management (BCM) & Enterprise Risk Management (ERM).

Published in: Business

BCM vs ERM: The Business Case for Integration..

  1. 1. ARiMI  –  Asia  Risk  Management  Ins0tute   By MARC RONEZ Chief Risk Strategist & Master Coach Asia Risk Management Institute NOTES   BCM  vs  ERM The  Business  Case  for  Integra9ng  Business  Con9nuity  &   Enterprise  Risk  Management Business Continuity Management Award 2013, 24 January 2013
  2. 2. Agenda  for  this  Session   Explore and discuss the ‘business case’ for integrating Business Continuity Management (BCM) & Enterprise Risk Management (ERM). þ  Conflicts & Competition between ERM & BCM functions þ  Comparing the ERM & BCM Frameworks, Process & Practices þ  Convergence of the ERM of BCM agendas þ  Understanding the life-cycle from Risk Issues to Business Disruptions & Crises þ  Strengthening Value Creation & Sustainability by Integrating BCM & ERM BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 2
  3. 3. 3 Risks  &  Crises..  BCM  or  ERM  issues?   Terrorism Diseases Earthquake Pollution Bank run SubprimeExplosion NGO Attack Lawsuits BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013
  4. 4. Conflicts between ERM & BCM   VS ERMBCM ­  SEPARATE often COMPETING Functions in Organizations ­  OVERLAPPING area of Responsibilities ­  Different OBJECTIVES, Focus & METHODOLOGICAL Approaches BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 4
  5. 5. Different Origins for ERM & BCM   VS ERMBCM ≠ IT departments, with the IT Disaster Recovery program Insurance Buying / Hazard Risk Mgt Both ERM & BCM have seen Tremendous SCOPE expansion and methodological development BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 5
  6. 6. 66 Financial & Hazard Expanding  the  scope  of  ERM   Finance Losses Operational Strategic Protect & Sustain Operations Create Value with effective Risk-taking & ManagementScope increase ➜  From Value PROTECTION to Value CREATION expanding to all risk domains BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013
  7. 7. BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 7 ERM Manage Risks & Opportunities Effectively to Ensure Achievement of Corporate Objectives
  8. 8. RISK    MANAGEMENT   IT  DISASTER  RECOVERY   FACILITIES    MANAGEMENT   SUPPLY  CHAIN    MANAGEMENT   QUALITY    MANAGEMENT   HEALTH  &  SAFETY   KNOWLEDGE    MANAGEMENT   EMERGENCY    MANAGEMENT   SECURITY   CRISIS  COMMUNICATIONS  &  PR   BCM - Business Continuity Management Expanding  the  scope  of  BCM   BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 8 ➜  From RECOVERY to CONTINUITY and from IT Processes to ALL Operations & Business processes
  9. 9. BCM… MAINTAIN KEY Business Operations during challenging times BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 9
  10. 10. CATALYST  for  the  ERM  &  BCM  ‘Explosion’!   A continuous and constant stream of crises and corporate failures over the past 10-15 years have created a strong momentum for Risk, Crisis & Business management concepts. 9/11 Fukushima BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 10
  11. 11. 1111 The  ERM  &  BCM  Explosion!   Failures in managing risks effectively have triggered all over the world, efforts by: ¤ regulators, ¤ rating agencies, ¤ stock exchanges, ¤ institutional investors ¤ and corporate governance oversight bodies … insist that company senior management take greater responsibility for managing proactively risks and critical disruption on an enterprise-wide scale. BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013
  12. 12. ERM  &  BCM  Best  Prac9ces  &  Standards   BCM Standards þ  ISO 22301:2012 - Societal security – Business continuity management systems (International) þ  BS 25999:2007 - Business Continuity Management (BSI/ UK) 1 Code of Practice & 2 Specification þ  SS540:2008 - BCM Framework & Technical Reference (Singapore) þ  NFPA1600 - Standard on Disaster/Emergency Management and Business Continuity Programs (ANSI/ US) BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 12 ERM Standards þ  ISO 31000:2009 - Risk Management Guideline (International) þ  COSO:2004 - Integrated ERM Framework (US) þ  AS/NZS 4360:2004 - Risk Management Standard (Australia/NZ) þ  HM Treasury’s Orange Book: 2004 – Management of Risk (UK) þ  Rating Agencies Frameworks (S&P, Moodys)
  13. 13.  ERM  vs  BCM  Area  of  Focus  &  Objec9ves   13 - + Target Performance Expected Potential Losses Expected Potential Opportunities Unexpected Catastrophic Losses Transformational Blue swans BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 Catastrophic Losses Black swans Unexpected Opportunities LOSS GAIN Risk Can Lead to either Negative or Positive impact depending how it is managed..
  14. 14.  ERM  vs  BCM  Area  of  Focus  &  Objec9ves   14 - + Target Performance Expected Potential Losses Expected Potential Opportunities Unexpected Catastrophic Losses Transformational Blue swans BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 Catastrophic Losses Black swans Unexpected Opportunities ERM  –  Create  Shared  Sustainable  Value   BCM  –  Ensure  Business   Con9nuity  &  Societal   Security     LOSS GAIN
  15. 15. BCM  perspec9ve:  How  to  Define  Business   Con9nuity?   ¤ Business Continuity is defined in British Standard for BCM (BS 25999:2006) as: “.. The capability of an organization to plan for and respond to business interruptions in order to continue business operations at an acceptable pre-defined level”. How to understand this definition? BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 15
  16. 16. Components  of  BS  25999  Defini9on  of  Business   Con9nuity   Key components in the definition: ①  CAPABILITY to PLAN & RESPOND ②  To BUSINESS INTERRUPTION Events ③  To MAINTAIN KEY Business Operations BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 16
  17. 17. Components  of  BS  25999  Defini9on  of  Business   Con9nuity   Key components in the definition: ①  CAPABILITY to PLAN & RESPOND ➜  Planning & building readiness is essential ②  To BUSINESS INTERRUPTION Events ➜  Focus on severe to critical threats ③  To MAINTAIN KEY Business Operations ➜  Focus on key processes and resources BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 17
  18. 18. What  is  Business  Con9nuity  Management  then.   ¤ British Standard for BCM (BS 25999:2006) defines it as: An “holistic management process that identifies potential threats to an organization and the impacts to business operations those threats, if realized, might cause, and which provides a framework for building organizational resilience with the capability for an effective response that safeguards the interests of its key stakeholders, reputation, brand and value-creating activities.” BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 18
  19. 19. BCM  –  Business  Con9nuity  Management  Process...   BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 19 1 - BCM Program Management 3 – DETERMINING BCM STRATEGIES 4 – DEVELOP & IMPLEMENT BCM RESPONSE 5 – EXERCISE, MAINTAIN & REVIEW Delivering better RESULTS 2 – UNDERSTAND THE ORGANIZATION
  20. 20. BCM  process  –  Underlying  Focus   1 – Key Activities & FUNCTIONS 4 – Identify & Assess THREATS The Trash Bin 3 – SCREEN based On CRITICALITY Not critical? 6 – EXERCISING, Maintenance & Audit BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 20 5 – Design & Implement BCM Response 2 – Business IMPACT Analysis
  21. 21. ERM  Perspec9ve:  How  to  Define  RISK?   ¤  Risk is defined in ISO 31000: 2009 as: “.. the effect of uncertainty on objectives”. How to analyse this definition? BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 21
  22. 22. Components  of  ISO  31000  Defini9on  of  Risk   Key components in the definition: ①  OBJECTIVES ②  UNCERTAINTY EFFECTS ③  EXPOSURE to Uncertainty BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 22
  23. 23. Components  of  ISO  31000  Defini9on  of  Risk   Key components in the definition: ①  OBJECTIVES ➜  Something important you want to achieve ②  UNCERTAINTY EFFECTS ➜  Threats, Opportunities & Volatility. Can be the result of our actions and others internal/external factors ③  EXPOSURE to Uncertainty ➜  (Your objectives and the processes and resources that support them) BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 23
  24. 24. ISO  31  000  Guide  -­‐  Risk  Management  Process   3  –  Risk  Assessment   2  -­‐  Establish  the  Context   3.2  Risk  Analysis   5  –  Monitoring  &     Review   1  –     Communica9on   &  Consulta9on   3.1  Risk  Iden9fica9on   4  -­‐  Risk  Treatment   3.3  Risk  Evalua9on   Managers can optimize the tradeoff between Risk and Return.. while consistently and systematically, and ensuring the timely communication of risk related information across the enterprise in a transparent manner. …by identifying, assessing and assigning ownership, taking actions to mitigate or anticipate risks, and monitoring & reviewing progress BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 24
  25. 25. ISO  31000  –  GUIDE  for  Managing  Risk   Principles Framework Process 2"–"Design"of"framework"" for"managing" •  Understanding+organiza.on+ •  Risk+Management+policy+ •  Integra.on+into+organiza.on+ •  Accountability+ •  Resources+ •  Establish+Internal/External+ Context+ 1"–"Mandate"&" Commitment" 5"–"Con8nual"improvement" of"the"framework" 3"–"Implemen8ng"Risk" Management" •  Implemen.ng+the+Framework+ •  Implemen.ng+the+Risk+ Management+Process+ 4"–"Monitoring"&"Review"of"the" Framework" 3"–"Risk"Assessment" 2"."Establish"the"Context" 3.2"Risk"Analysis" 5"–"Monitoring"&"" Review" 1"–"" CommunicaCon" &"ConsultaCon" 3.1"Risk"IdenCficaCon" 4"."Risk"Treatment" 3.3"Risk"EvaluaCon" ! 1)!creates!value.! 2)!is!an!integral!part!of!organiza6onal! processes.!! 3)!is!part!of!decision!making.!! 4)!explicitly!addresses!uncertainty.!! 5)!is!systema6c,!structured!and!6mely.!! 6)!is!based!on!the!best!available! informa6on.!! 7)!is!tailored.!! 8)!takes!human!and!cultural!factors!into! account.!! 9)!is!transparent!and!inclusive.!! 10)!is!dynamic,!itera6ve!and!responsive! to!change.!! 11)!facilitates!con6nual!improvement!and! enhancement!of!the!organiza6on.!! ! ERM is the System, Methodology & processes used by organizations to takes risk in a controlled manner so that the business is viable for a longer term (SUSTAINABILITY) while meeting the expectations of the stakeholders by CREATING SHARED VALUE in line with Corporate OBJECTIVES. BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 25
  26. 26. ERM  process  –  Underlying  Focus   4 – Identify & Assess THREATS Based on Likelihood & Impact 1 – Corporate OBJECTIVES & Risk APPETITE The Trash Bin 3 – SCREEN based on LIKELIHOOD × IMPACT Low Priority 9 - Review & MONITORING (KRIs) BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 26 8 – Design & Implement ERM Controls
  27. 27. 27 In  SUMMARY:  Comparing  BCM  and  ERM   BCM ERM Primary Focus Key Functions (Processes & resources) Key Corporate Objectives & Risk Appetite Protected Areas Balance sheet & reputation P&L, Cash flows & Market Capitalization Operational Objectives Ensure Crisis & Business Continuity preparedness (Exercising, testing) Risk awareness & cost of risk control. Continuous process improvement, effective risk decision-making Time Horizon of Assessment Medium to long-term Short to Medium Critical Dimension of Risk focus The Business IMPACT The LIKELIHOOD Type of Loss Exposure under watch Severe to Catastrophic (High Impact) with medium to low frequency business interruptions Expected Losses: High to medium frequency loss events with medium to severe impact Strategic Objectives Ensure Continuity of Critical Operations Ensure Achievement of Corporate Objectives BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013
  28. 28. Nega9ve consequences of the lack of integration between ERM & BCM activities   ­ Unhealthy Competition for Management Attention & Resources ­ Double works & Uncoordinated/independent efforts to deal with the same risk issues ­ Resulting in waste and inefficiencies (increased expenses, both programs are expensive & wrong focus) ­ Increasing risk of critical failure to management risk and ensure business sustainability BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 28
  29. 29. BCM  is  a  NATURAL  part  of  an  ERM  framework..   BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 29 You  could  see  Business  Con9nuity  Management   (BCM)  as…       Part  of  the  management  RESPONSE  to  an  important   risk  issue…      taking  its  place  during  the  Treatment  phase  alongside   with  risk  Preven9on  &  Transfer.  
  30. 30. Pressure Time Potential Emerging Current Recovering Life-­‐cycle  from  a  Risk  issue  to  a  Crisis  –  4  phases   Media Coverage & amplification Signal CRISIS Incident OR Signal Issues Signal BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 30
  31. 31. Example: BP oil spill, Gulf of Mexico 2010 ­ The catastrophe resulted in a loss of: –  Direct Cost to BP: Over $20 billion –  Market capitalization loss. i.e. cost to shareholders: $87 billion ¤ BP explosion and oil spill could have been prevented with additional spending of $7 - $12 million on safety controls BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 31
  32. 32. Pressure Time Potential Emerging Current Recovering From  Risk  issue  to  Crisis:  BP  Gulf  of  Mexico  2010   Media Coverage & amplification Signal CRISIS Issues Signal Opportunity to influence Difficult to influence Maintenance equipment Reports Problems Drop from news Enormous cost & damage to reputation Incident OR Signal Explosion Stop the leak & cleaning BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 32 Emergency evacuation & protection Media onslaught
  33. 33. Impact  on  BP  share  price  /  market  capitaliza9on   Gulf of Mexico Disaster MTBE Contamination lawsuits $243 Billions $90 Billions Enormous Shareholder Value Loss BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 33
  34. 34. Pressure Time Potential Emerging Current Recovering Life-­‐cycle  from  a  Risk  issue  to  a  Crisis   Signal CRISIS Incident OR Signal Issues Signal Opportunity to influence Difficult to influence BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 34 Time for ACTION REACTION Too Late!
  35. 35. Road  Map  to  Managing  Risk  &  Crisis:  The  steps   35BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013
  36. 36. 36 Pressure Time Potential Emerging Current Recovering Road  Map  to  Managing  Risk,  Crisis  &  Change Signal CRISIS Incident OR Signal Issues Signal Opportunity to influence Difficult to influence Media Coverage & amplification BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013
  37. 37.  Cover  all  the  bases!   3 7 - + Target Performance Expected Potential Losses Expected Potential Opportunities Unexpected Catastrophic Losses Transformational Blue swans BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 Catastrophic Losses Black swans Unexpected Opportunities LOSS GAIN Shareholders  and   Management  are  typically   concerned  with  variability   below  &  above  the  target   You  should  also    be   looking  out  for   cri9cal  NEW   Changes  in  the  Biz   environment   Organisa9ons  should   also    be  concerned  with   catastrophic  risks  &  the   risk  of  Insolvency  
  38. 38. Road  Map  to  Managing  Risk  &  Crisis:  The  Solu9ons   BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 38
  39. 39. How  ERM  &  BCM  can  add  value  to  each  other?   BCM can provide ERM with: þ  A better understanding of the critical activities (processes) and the infrastructure & resources that support these with the BIA þ  A stronger focus on exercising and testing the risk mitigation framework þ  Promotes a better understanding communication dependency between critical functions ERM can provide BCM with: þ  A broader view of risk issues þ  A better definition of Corporate Objectives & understanding of Risk Appetite þ  Systematic approach of consistently and continuously monitoring and managing risk þ  A better view of any emerging threats and promotes cross functional communication of key threats BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 39
  40. 40. What  is  preven9ng  effec9ve  coordina9on  &   integra9on  between  ERM  &  BCM?   ­ Obstacle type 1: Resisting because of a cognitive difference of opinion about BCM & ERM mission, objectives, methodology & tools. ­ Obstacle type 2: Resistance due to emotional issues (Fears, ego, etc) ­ Obstacle type 3: Resistance due to Political or Personal issues ( Animosity, red tape, etc) BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 40
  41. 41. In  conclusion:  Three  Models  for  ERM  and  BCM  in  a   organiza9on   There are three different models for ERM & BCM in Organization: ­  STATUS QUO - is to maintain separate silos for both disciplines with different teams, reporting lines, methodologies, etc. þ  COORDINATION – by having a central management unit/ function coordinating for both BCM and ERM activities. þ  INTEGRATION – by integrating BCM functionally & methodologically into the ERM framework. ­  Unfortunately, the STATUS QUO model is what many organizations are doing today. It is more than time for change! BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 41
  42. 42. Marc  Ronez  -­‐  Chief  Risk  Strategist  &   Knowledge  Leader  at  ARiMI  -­‐  Asia  Risk   Management  Ins9tute   An ERM & Governance expert with 20 years of experience both as a practitioner & trainer for large MNCs, Governments & Charities. Marc has an MBA from the University of Chicago GSB, an MSc in Insurance & a LLM from the University of La Sorbonne What do I do? Help managers & leaders to use Risk Management to: þ  Resolve difficult operational and business challenges þ  Take & manage risks effectively to build sustainable & profitable growth models BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 Marc’s specific areas of expertise include ERM, risk decision-making processes, corporate governance, Business Ethics, Social Responsibility, risk-aware culture, risk communication and crisis management, business model/Strategy Risk Management, corporate learning systems development. 42
  43. 43. Risk  Management  is  a  con/nuous  journey,  not  a   des/na/on!   BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 Marc Ronez is on Linked in & WordPress You can find his profile & read his blogs at: P: sg.linkedin.com/pub/marc-ronez/1/3b6/465/ B: theriskmanagementparadox.com B: riskmanagementdemystified.com 43
  44. 44.  ARiMI  –  Asia  Risk  Management  Ins9tute   BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 44
  45. 45. ARiMI  is  an  applied  research  and  business  studies  ins0tute  that   was  set  up  in  2003  (in  partnership  with  NUS)  and  has  established   itself  as  the  Ins0tute  of  Reference  for  Enterprise  Risk  Management   studies  in  Singapore  and  in  the  region.       We  FOCUS  on  programs:     1.  For  Decision-­‐Makers  (Middle  to  Top  Management):   Developing  PRACTICAL  Knowledge  &  Skills  in  Risk  &  Crisis   Management   2.  For  Organiza9ons:  Building  CAPABILITIES  for  Sustainable   and  Profitable  Growth  by  EMBEDDING  Risk  Aware  &  Crisis   Readiness  Culture   ARiMI,  Asia  Risk  Management  Ins9tute     BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 45
  46. 46.      ARiMI  -­‐  Focus  and  Exper9se   ● Crisis management & Business Continuity ● Leadership risk decision- making and Social Capital ● Reputational Risk & stakeholders management ● Corporate governance & business ethics Research ● Professional Designation Programs CERM (Certified Enterprise Risk Manager), CPRM (Certified Professional Risk Manager), ARM (Associate in Risk Management), FSRM (Fellow in Strategic Risk Management) ● Public Seminars and Workshops ● Corporate Training & learning Programs Education ● Risks & Opportunities Assessment & Mapping ● Crisis & Business Continuity Mgt ● Reputation Risk Mgt & CSR (Corporate Social Responsibility) ● Fraud Risk Mgt ● Risk Appetite & Risk Aware Culture Readiness ● Project risk management ● Risk Champions MasterClass Expertise BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013 46
  47. 47. 47 For more information on ARiMI, check our website at: www.arimi.org BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013
  48. 48. Important Note: Please note that that this presentation and its contents, is the intellectual property of the Asia Risk Management Institute Pte Ltd. It has been prepared for this BCM Award session and it cannot be used for any other purposes without the specific written consent of the Asia Risk Management Institute. 48BCM vs ERM – Marc Ronez - Copyright @ ARiMI 2013

×