Too Much Logic

Someone recently told RISKVIEWS that before a company could start a project to revitalize their risk governance structures they MUST update their Risk Appetite and Tolerance.  Because everything in an ERM program flows from Risk Appetite and Tolerance.  That suggestion is likely to be too much logic to succeed.

What many organizations have found is that if they are not ready to update their Risk Appetite and Tolerance, there are two likely outcomes of an update project:

  1. The update project will never be completed.
  2. The update project will be completed but the organization will ignore the updated Risk Appetite and Tolerance.

An organization will make a change when the pain of continuing on the existing course exceeds the pain of change.  (paraphrased from Edgar Shein)

So if an organization is not yet thoroughly dissatisfied with their current Risk Appetite and Tolerance, then they are not likely to change.

So you can think of the ERM program as the combination of several subsystems:

  • Governance – the people who have ERM responsibilities and their organizational positions – all the way up to the board.
  • Measurement – the models and other methods used to measure risk
  • Selection, Mitigation and Control – the processes that make up the every day activities of ERM
  • Capital Management – the processes that control aggregate risk including the ORSA.
  • Risk Reward Management – the processes that relate risk to prices and profits

When management of an organization is dissatisfied enough with any one of these sub systems, then they should undertake to revise/replace/improve those sub systems.

These sub systems are highly interconnected, so an improvement to one sub system is likely to increase dissatisfaction with another sub system.

For example, if the Governance sub system is not working.  People are not fulfilling their ERM related responsibilities which they may not really understand.  When this subsystem is set right,  people are aware of their ERM responsibilities and then they find out that some of the other sub systems do not provide sufficient support for them.  They get dissatisfied and urge an upgrade to another sub system.  And so on.

This might well result in a very different order for updating an ERM program than the logical order.

However, if the update follows the wave of dissatisfaction, the changes are much more likely to be fully adopted into ongoing company practice and to be effective.

WaveBy Malene Thyssen – Own work, CC BY-SA 3.0,https://commons.wikimedia.org/w/index.php?curid=651071
Advertisements
Explore posts in the same categories: Change Risk, Enterprise Risk Management, Risk Appetite

Tags: ,

You can comment below, or link to this permanent URL from your own site.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


%d bloggers like this: