Many ERM discussions presume that some basic risk management is already taking place. That is not always so. The risk manager needs to work without presumptions.
There are six things that the risk manager needs to check on:
1. Risks need to be diversified. There is no enterprise risk management if a firm is just taking one big bet.
2. Firm needs to be sure of the quality of the risks that they take. This implies that multiple ways of evaluating risks are needed to maintain quality, or to be aware of changes in quality. There is no single source of information about quality that is adequate.
3. A control cycle is needed regarding the amount of risk taken. This implies measurements, appetites, limits, treatment actions, reporting, feedback
4. The pricing of the risks needs to be adequate. If you are in the risk business like insurers, for risks that are traded. For risks that are not traded, the benefit of the risk needs to exceed the cost in terms of potential losses.
5. The firm needs to manage its portfolio of risks so that it can take advantage of the opportunities that are often associated with its risks. This involves risk reward management.
6. The firm needs to provision for its retained risks appropriately, in terms of set asides (reserves) for expected losses and capital for excess losses.
MORE . . .http://wp.me/pevO4-Lz