BRYAN'S BLOG

Stratriskising

Thank you, thank you, thank you to everyone who responded to my survey last week on the topics of most interest to you for me to blog about and the type of training you may be seeking. You can give your feedback here (which I would appreciate as the interest is broad and I am keen on firming up the front runners).

Today I’m starting from the top. The topic requested was “How to build an enterprise risk management strategy.” After all, it all flows from there. Building an enterprise risk management strategy, stratriskising ☺, is something I am increasingly being asked to help with. Who am I working with? The Executive Leadership Team (ELT) with the blessing of the CRO or Head of Risk. There is your first clue, a successful ERM Strategy must have the firm endorsement and support of the ELT. Every one of them!

My approach is to review the current state of affairs and interview the ELT, Chair of Board, Chair of Audit and/or Risk Committee and ask them about the value the current program is delivering personally for them and what they would like from a revamped strategy.

I then run a stratriskising workshop. I paint the ELT a picture of what ERM (done well) will deliver for them and ask them if they see any gaps. Clue number two. The ELT must be able to envision the mission and understand that the gaps will need to be traversed.

Next, based on my years of experience and listening to the views of so many of you that have participated in many of my webinars or attended the RMIA ERM course I run monthly, I put options to the ELT on how the end-goal could be achieved. I’ll talk about the core options for the model to be implemented such as the Three Lines Model, Risk Champions Model or a Tri-Partite Model. We’ll discuss where the function is positioned in the organisation, the level of resources required, systems and the all-important risk reporting options.

Clue number three, I let the ELT choose based on the pros and cons of each. At the end of the workshop you have your strategy which requires documenting and the development of an implementation plan. Simple!