An enterprise-wide view of the risks companies face is a strategic imperative that most companies currently neglect, says Merle van Eeden, short term insurance specialist at Computer Sciences Corporation`s South African operations and an executive committee member of the Institute of Risk Management South Africa .
"Too many companies address risk issues in operational silos," Van Eeden says. "This is short-sighted because the danger may be in the blind spots caused by the lack of an integrated view of operational activities or in areas not considered to be at risk."
Enterprise Risk Management (ERM) - which is a comprehensive, integrated approach to addressing corporate risk - is essential in identifying critical strategic and operational risks that affect enterprise value.
Van Eeden says ERM enables companies to take a holistic view of strategic, financial, operational and external risks and manage them. ERM espouses the view that risk has an upside as well as a downside. When the upside of risks is incorporated into the strategic assessment of a company, the benefits of an enterprise-wide approach to risk become clearer.
"Having a disciplined, integrated approach to identifying, evaluating and managing risks across the corporation is essential if management is to be assured that nothing has been overlooked. The involvement of employees in each part of the organisation will ensure that the less obvious risks are addressed."
Effective ERM is a process that applies across the enterprise, interwoven into existing management responsibilities. It responds to every conceivable type of risk that an organisation may face. Its ultimate goal is to maintain the profitability of an organisation for the benefit of all stakeholders.
The short-sighted view of corporate risk is that it involves only risks associated with accidental losses. Van Eeden says risks associated with customer loyalty, competitive threats and operational failures are high on the executive`s worry list, which is why a holistic view is essential. Often, reputation risk is overlooked and companies fail to manage their exposures by ignoring the effects of poor customer service and lack of quality control.
Regulatory bodies and investors are taking their responsibilities more seriously and are scrutinising companies` risk-management policies and procedures. In an increasing number of industries, boards of directors are required to review and report on the adequacy of risk-management processes in the organisations they administer.
Financial institutions, because they focus on the business of risk, are good examples of companies that can benefit from effective ERM. Their success depends on striking a balance between enhancing profits and managing risk, and potentially exploiting their security profile for competitive advantage. Van Eeden says the trend towards the effective practice of ERM is growing and there is an increasing awareness of its positive impact on the achievement of organisational objectives.
There is an understanding that ERM should form the link between an organisation`s operational activities and strategic objectives and that its techniques can enhance decisions made in the general management of the business.
To do this, companies need to establish an ERM framework and implementation plan encompassing the fundamentals, such as the objectives and scope of their ERM programme, the organisation`s overall objectives and the tools needed to manage the risk. The Code of Practice of the Institute of Risk Management provides guidance on how this may be done.
Van Eeden stresses that there is no `one-fits-all` framework to managing enterprise-wide risk. Risks that affect an enterprise`s value vary by industry and from company to company. Each company must understand its specific risk profile and develop a strategy to manage that. The deciding factor is often the risk appetite of the board.
To effectively manage risk, executives must have a comprehensive view of their company`s risk profile and allocate resources accordingly. With clear goals, a defined strategy and recognised improvement opportunities, companies can address these risks.
"Implementing ERM helps organisations align risk appetite and organisational strategy, and links growth, risk and return. It should be seen as a tool that enhances decisions made in the risk management process.
"But, best of all, it helps reduce operational surprises and helps provide integrated responses to multiple risks," Van Eeden says.
Share
CSC offers the South African market a wide range of services, including systems integration, application and infrastructure outsourcing, and business process outsourcing, as well as customer relationship management (CRM) and healthcare and financial services solutions.
In South Africa, CSC also provides Business Process Outsourcing (BPO) services to manage the policy processing and administration for its U.S. and UK financial services customers, which include life and pensions providers, short-term insurance and banking.
A leading IT services provider, CSC adds value through its collaborative approach to delivering fast, reliable and flexible solutions. CSC opened its doors in South Africa in November 1999 and today has offices in Johannesburg, Cape Town and Richards Bay. For more information, contact (021) 529 6500 or (011) 686 5400.
CSC
Founded in 1959, Computer Sciences Corporation is a leading global IT services company. CSC`s mission is to provide customers in industry and government with solutions crafted to meet their specific challenges and enable them to profit from the advanced use of technology.
With approximately 91 000 employees, CSC provides innovative solutions for customers around the world by applying leading technologies and CSC`s own advanced capabilities. These include systems design and integration; IT and business process outsourcing; applications software development; Web and application hosting; and management consulting. Headquartered in El Segundo, Calif., CSC reported revenue of $15.3 billion for the 12 months ended Oct. 1, 2004. For more information, visit the company`s Web site at www.csc.com.
Editorial contacts