what are the four reasons that often drive the need to implement ERM? Briefly de
ID: 350437 • Letter: W
Question
what are the four reasons that often drive the need to implement ERM? Briefly describe each one. Using the brief Jetblue case study in the text, which of the above four reasons should have driven them to improve their approach to risk? Be specific and support your answer. Referring to the GM case study, which of the above four reasons did they fail to consider that led them into the situation they now faced? Be specific and support your answer. According to the text, ERM has contributed seven factors to better manage risk. Briefly describe each one and how it brings value to the risk management effort. By Day 7 Submit your 2- to 4-page paper (not including the title and reference pages). Be sure to adhere to APA guidelines for font type and size and spacing within the paper.
Explanation / Answer
Enterprise risk management assists management with the alignment of risk appetite and corporate strategy, improves the process for risk identification, measurement and management, enhances the ability to seize opportunities, and improves the deployment of capital.
There are many good answers to the first question including: Improved regulator, investor and rating agency confidence
· Enhanced corporate governance: ERM and Governance, Risk
· and Compliance (GRC) are inextricably linked Improved ability to respond to changing business demands
· Ability to evaluate the likelihood and impact of major risks
· Provides an integrated as opposed to silo approach
· Promotes an open, positive, risk-aware culture
Obtain Board and Senior Management Support and Involvement The tone for the company’s risk culture is set by the board of directors (board) and senior management whose buy-in, involvement and ongoing support is critical to the success or the ERM effort.
The board and senior management should:
Determine overall business strategy and objectives
· Make resources available
· Establish target dates
· Communicate their support for and importance of the ERM effort
· And their desire for enhanced risk awareness throughout the company
Appoint a Strong ERM Leader
Although ultimate responsibility for risk management resides with the board, it is essential to identify a strong leader to head the initial ERM project to ensure its requirements are being executed and to ensure the acceptance and success of the initiative.
It is usually best to appoint an internal person such as the Chief Risk Officer. If such a role does not exist then another typical choice is the Chief Audit Officer or Chief Financial Officer. The chosen leader may not be the person to head ERM in the long term, but will be responsible for laying the foundation, garnering involvement and acceptance, and moving the initiative to the next level.
It is essential for the ERM leader to have sufficient stature and authority, be a member of senior management with an understanding of the company’s structure and risks, and to be viewed as a peer by fellow senior managers.
Typical qualities of an ERM leader include:
Broad understanding of the business and its core strategies
· Strong working relationships with the board, executive management and senior management
· Broad understanding of the company’s business and its core strategies
· Knowledge of the company’s risks
· Credibility and respect across the company
Establish a Risk Committee
The committee should be comprised not only of “C-suite” executives but also key business line managers and representatives to ensure that:
There is visible top-down support from senior management and bottom-up buy-in from the
· Business lines risk management efforts are being embedded into the company’s core business activities
· Objectives, risks and controls are discussed from multiple perspectives to increase awareness
· And understanding of their impact on the company (e.g. something that is thought of as a high risk to a line manager might only be considered a medium or low risk from an overall company perspective) several sought-after benefits and mile-stones are defined to help evaluate each step of the
Process
Risk Identification and Classification The company’s overall business strategy should be broken down into its components and each one examined to identify exposures to each major risk category (e.g. Credit, Market, Operational, Legal, Financial, IT). An assessment of existing risk mitigation techniques or monitoring activities should also be performed at this stage. The data required for this part of the exercise can be obtained through:
Risk Committee meetings
· Facilitated Workshops
· Interviews
· Surveys
With the JetBlue Airways experience, passengers enjoyed free amenities such as watching live satellite TV, listening to XM satellite radio, brand name snacks, coffee and drink. Passengers can also experience paperless ticketing, assigned seating with more legroom. These experiences have helped to streamline JetBlue’s business strategy as being the best customer service in the airline industry.
A basic problem was JetBlue’s communication system. The ice storm had left a large portion of the airline’s pilots and flight attendants far from where they needed to be to operate the planes, and JetBlue lacked the trained staff that was needed to find them and tell them where to go. Another problem was the reservation system; the system was so overwhelmed that customers were unable to get through to human agents to check on a flight.
Capital allocation routines following the introduction of a new risk management system, enterprise risk management (ERM). Based on an institutional framework and empirical evidence from multiple sources in a large UK insurance company, we evaluated the extent and nature of organisational change. ERM was seen as an external driver to the change in the existing routines, which in turn led to internal changes in new capital allocation routines. The change was extreme, which signifies that existing capital allocation routines were not strong enough to deal with ERM as a key driver of change.
Risks can impact an organisation in the short, medium and long term. These risks are related to operations, tactics and strategy, respectively. Strategy sets out the long-term aims of the organisation, and the strategic planning horizon for an organisation will typically be 3, 5 or more years. Tactics define how an organisation intends to achieve change. Therefore, tactical risks are typically associated with projects, mergers, acquisitions and product developments. Operations are the routine activities of the organization
Once the new hardware and software has been installed, the system will be vulnerable to operational risks, including computer breakdown, loss of data, virus attacks and operator errors. These operational risks may be very significant, and correct procedures will need to be designed and implemented to minimise potential disruption.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.