This article looks at the decade ahead and the outlook for enterprise risk management.
PA Consulting Group’s Ed Moorby gives his view on how companies can identify areas in which their programmes are lacking. Ed comments: “When firms come to examine the gaps in the ERM framework they will see common mistakes, such as the absence of a common database, a lack of reporting and executives who do not subject the risk information to a proper review.”
Ed describes reporting as too often the “Achilles heel” of an ERM framework, whereas it needs to be dynamic and free of any set format to deliver the flexibility needed.
Commenting on maturity models Ed says: “An assessment is carried out across all of the business units at least once a year, and you set the level of maturity appropriate to the organisation. Results on the company’s maturity of risk management are now reported at board level and pressure from the board to achieve targets helps to embed the process.”
Ed goes on to comment on the impact of the economic crisis on enterprise risk management, saying that stakeholders “have had their eyes opened by the crisis. The impetus behind ERM means that companies will invest, although they are likely to focus investment on areas that are of greatest concern” he suggests. “So they will priorities and strengthen their ERM framework over time, although it will be some years before we can expect to arrive at any ‘ERM’ nirvana’.”