The document advocates for the transition to an Enterprise Risk Management (ERM) model to enhance organizational value and performance amidst challenges such as regulatory pressures and evolving customer needs. It outlines the components of ERM, benefits including improved financial performance and competitive advantage, and emphasizes the importance of a proactive risk management approach. It concludes that implementing ERM requires a focus on strategic planning and the correct use of enabling tools rather than relying solely on software solutions.

1. Justifying the transition to an Enterprise
Risk Management (ERM) Model
for Senior Management

2. Introduction
• Enterprise Risk Management Overview
• Current Organizational Challenges
• Risk Restructuring / Future Vision
• Benefits of Change

3. Let’s talk Enterprise Risk Management (ERM)
• The underlying premise of ERM is that every entity exists to
provide value for its stakeholders.
• All entities face uncertainty and uncertainty presents both risk
and opportunity, with the potential to erode or enhance value.
• ERM enables management to effectively deal with uncertainty
and associated risk and opportunity, enhancing the capacity to
build value.

4. ERM is a Strategy, Tool & Culture
• Value is maximized when management sets strategy and
objectives to strike an optimal balance between growth and
return goals and related risks, and efficiently and effectively
deploys resources in pursuit of the entity’s objectives.
• ERM encompasses
• Aligning risk appetite and strategy
• Enhancing risk response decisions
• Reducing operational surprises and losses
• Identifying and managing multiple and cross-enterprise risks
• Seizing opportunities
• Improving deployment of capital

5. ERM Management Components
• ERM Management Components:
• Internal Environment
• Objective Setting
• Event Identification
• Risk Assessment
• Risk Response
• Control Activities
• Information and Communication
• Monitoring
• A coordinated and normalized ERM approach is geared towards achieving
improvement in the following areas:
• Strategic
• Operations
• Reporting
• Compliance

6. Changing Business Environment
• The ERM model supports changing business environments and
adapts to the following:
• Consolidation of legacy systems, data and operations.
• Increased Client & Customer needs.
• Increased regulations
• Cost pressure
• New digital and mobile channels have put demands on
businesses to adapt quickly and cheaply.
• Media highlighting operational failures and potential
exposures.

7. ERM Research
• Research on ERM mainly focused on the financial industry has
found the following:
• Better risk data management and reporting can increase a
firm’s ability to meet strategic goals while reducing earning
volatility and ultimately lead to improved profitability.1
• Firms with more mature risk management practices
outperform their peers financially.2
• Firms with mature risk management practices generate the
highest growth in revenue giving them a clear competitive
advantage.2
1 Harner, Michelle, Potential Cost and Value of ERM, The Conference Board, March 2013.
2 Ernst & Young, “Turning Risk into Results: How Leading Companies Use Risk Management to Fuel Better Performance,” February 2012.

8. ERM Research
• Firms with mature risk management generate the highest growth
in revenue among peers.
Figure. Ernst & Young, “Turning Risk into Results: How Leading Companies Use Risk Management to Fuel Better Performance,” February 2012. *2011 YTD reported as of
November 18, 2011.
EBITDA = Revenue – Expenses (excluding tax, interest, depreciation and amortization).
16.8%
20.3%
4.1%
8.3%
9.5%
2.5%
10.6%
7.4%
2.1%
Revenue
EBITDA
EBITDA/EV
Compound Annual Growth Rates 2004-2011* by Risk
Maturity Level
Top 20% Middle 60% Bottom 20%

9. Benefits of ERM
• Better financial performance among peers.
• Increased competitive advantage.
• Cost savings via risk reduction and improved decision making.
• Improved operational insights for Management into operational
risks and exposures.
• Improved risk management measures via consolidation, metrics,
administration and compliance.

10. Current Organizational Challenges
• Inconsistent approach to capture and assess risk across the
organization.
• Multiple and manual risk management processes.
• Risk related operations seems to be “reactive” not “proactive”.
• Inability to produce a consolidated risk portfolio for the
organization.
• Lack of centralization.
• No driving committee/coordinated effort to consolidate Risk
based operations.
• Lack of confidence that all risks are being identified and
maintained accordingly.

11. Sample of Risk Operations Consolidation & Restructuring

12. Future Vision – Risk Based Performance

13. Summary
• The move to an ERM model should be framed around improving
organizational performance, with a focus on strategic planning
and decision making.
• ERM can increase the scope or volume of data to be captured
maintained and analyzed as part a risk management program. A
value assessment should be done to ensure that data of value is
being captured for your objectives and duplication or non-valued
data eliminated.
• Always start with defining the program focusing on process,
procedures and people.
• Software is not a solution, it is an enabler and should only be
used where there is a clearly defined program that requires
support.

14. Contact Information
• Prepared by:
• ThinkGRC
• ThinkGRC.com
• thinkgrc@thinkgrc.com