OUR SERVICES
ENTERPRISE RISK MANAGEMENT
Why Enterprise Risk Management?
Enterprise Risk Management (ERM) is often perceived as a complex, inaccessible and annoying requirement imposed on organisations by regulators, to be kept up to date just to pacify auditors. This is contrary to the intent of ERM, where if properly designed and applied, can support organisations in building the cultures they desire and remain nimble enough to find the opportunities in the most uncertain of environments.
Users of ERM often have different drivers. This confuses the requirements of those who are actually managing the risks and imposes a bureaucratic burden on already busy people. The challenge therefore is to make Enterprise Risk Management simple enough so that it can be used throughout an organisation.
Different drivers for doing Risk Management:
Bottom up:
-
Keep people safe – health and safety driver
-
Maximise production
-
Environmental and Social (ESIA)
-
Deliver projects on time
Future:
-
Requirement from top for more information, of better quality, faster
-
Ability to balance risks
-
Move to integrated, Enterprise-wide risk management
Top down:
-
Reporting requirements
-
Compliance
-
(Traditionally) dominated by financial risk reporting
-
Balancing of portfolio risk
Future:
-
Anticipate larger focus on ESG
-
Clear stating of risk appetite and tolerance + longer term viability
-
Expectation by shareholders for faster reporting / awareness
-
Move to integrated, Enterprise-wide risk management
What is Enterprise Risk Management?
Simple, integrated, enterprise-wide risk management provides the mechanism through which all risks can be understood and balanced. Over the past 6 years, Satarla has utilised a simple 4-step risk management process to act as the translation tool between different risk management disciplines and through the different layers of organisational management including core employees and third party stakeholders.
This 4-step risk management process allows users to pose the question: “given the context in which I am operating and objectives I am trying to achieve, the risks I face and my ability to manage them, is it even possible for me to achieve my objectives?”. This simple question is the heart of risk management as it rapidly allows the user to move from the identification of risk to the management of risk.
Diagram of the 4-step Risk Management process
The iterative tool also enables users to make decisions rapidly and also better define the more detailed risk assessment tools, such as Extended Enterprise Network, Toolbox, Bowties, Risk Appetite and Tolerance and so on. These then help them fully understand the risks that they face and enable informed risk based decision making.
In summary, a simple integrated risk-based decision making approach to risk management is at the core of our offering. This can be used at all levels in an organisation to identify and manage risks. It can also be scaled up, easily and quickly, in complexity to reflect the true enterprise interlinkages between risks and controls, and the impact of changes (real or modelled) in the environment to those risks.
Read some of case studies to find out how Satarla delivered integrated enterprise risk management training and consultancy, enabling organisations to make risk based decisions to achieve their goals and objectives.
