8028231276?profile=originalThe Risk and Insurance Management Society (RIMS) has released two executive reports, “Why a Mature ERM Effort is Worth the Investment” and “Testing Value Creation through ERM Maturity.” Together, these reports look at recent findings that detail the benefits of investing in enterprise risk management.

Despite evidence that mature ERM programs add significant value, manyorganizations remain hesitant when it comes to adopting a software and streamlining their ERM processes.

Below, we have outlined the five most common reasons these companies may be wary of implementing ERM software. We have provided a response to each concern, working to illustrate the true value of investing in an improved enterprise risk management program.

          1. “There’s no return on investment when purchasing ERM software.”

The RIMS report ‘Why a Mature ERM Effort is Worth the Investment,’ cites an independent study conducted by Queen’s University Management School and University of Edinburgh Business School in an effort to answer the question many executives ask – “is improving our ERM program worth the investment?”

The answer? Yes. Or as they wrote, there is “a highly significant premium of 25% for firms that had been classified as having ‘mature ERM’ according to the RIMS Risk Maturity Model.” This fact – that an organization’s value can increase 25% through improving its ERM program – is one that should catch the attention of executives, board members, and risk professionals alike.

          2. “We already have an ERM program.”

This is another very common objection, and one that seems to hold value at first glance. If the organization’s risk management program has spent years storing data in Microsoft Excel and conducting risk assessments in Word, what’s the issue?

An ERM program consisting of spreadsheets and PDFs is not dynamic. For example, the relationship between a certain risk and the board’s strategic goals is difficult to document in Excel, and essentially impossible to monitor as the organization evolves. Relationships exist between risks, controls, metrics, and resources, and it takes a robust ERM software to manage these links and provide insight to risk managers.

As Farrell and Gallagher’s findings indicate, it isn’t just organizations with very young or undeveloped enterprise risk management programs that stand to benefit. All organizations, even those with already Repeatable and Managed programs, see increased firm value as ERM maturity progresses. Rather than settling, a company with a robust and established ERM program has significant reason to pursue the Leadership level of ERM maturity by adopting a software to support their processes.

          3. “It would add work to our day-to-day operations, plus we don’t have resources to adopt a new system.”

This is a concern typically voiced by risk managers or CROs. By nature, risk management is a very demanding and time consuming field; many risk professionals think an ERM software would take up the free time they already don’t have.

In truth, ERM software provides a centralized platform for all the activities you’re already doing. It can act as the centralized hub for your entire enterprise risk program. The risk assessments you send out, the mitigation activities you carry out and document, and the reports you’re working to create are all housed in a single platform. ERM software isn’t simply a database where you document processes and store your data; it serves as a vehicle for you to make these processes more efficient and gain insight into the data you’ve been collecting.

          4. “Exposing risk forces us to spend time and money on things we don’t have to worry about today.”

This concern – that companies shouldn’t uncover risk that they’re better off not knowing about – is clearly outdated. But it likely still exists in the minds of executives and risk professionals worldwide. There is the idea that “ignorance is bliss” and “what we don’t know can’t hurt us.”

These sayings have no place in risk management, and regulatory agencies would agree. Major regulatory bodies such as the SEC and FINRA have adopted a new approach coming out of the recent recession. Claiming ignorance – or not knowing about a risk – is now equally punishable (and as heavily penalized) as negligence. The investment in ERM software can even mitigate penalties that may result from a negative examination, as evidenced by the regulatory penalties paid by companies over the last several years.

          5. “ERM software is a want, not a need.”

The notion that ERM software is more of a luxury than a necessity seems to encompass the previous four reasons. Board members may have the misconception that investing in enterprise risk management doesn’t help a company financially. Executives often believe it would add work, and isn’t absolutely necessary to their program. And CROs may recognize the range of software solutions already utilized by the company, asking “Why add one more?”

As we have outlined, enterprise risk management software serves the exact opposite purpose. It reduces wasted resources by consolidating things like risk management, compliance, and audit onto a single platform. ERM streamlines existing activities and data by adopting a universal, risk based methodology. Finally, ERM software is no longer a luxury item. Heavy fines for negligence continue being handed down to organizations with outdated processes.

 

If your organization is committed to improving its ERM program and adopting ERM software, refer to our article on how to choose the right solution or download our eBook on the ROI of ERM. For additional information on LogicManager and our software, please request a demo of our solution or reach out to us at (617) 530-1210.

Votes: 0
E-mail me when people leave their comments –

Steven Minsky, CEO and Founder of LogicManager, is a recognized thought leader in risk management. Steven is well known for his precinct abilities to guide organizations through future risk events. Steven is a frequent speaker in the Energy, Financial Services and Cyber industries. While the first wave of COVID-19 caught many organizations by surprise, Steven predicted the pandemic impacts in January of 2020 and swiftly published action plans to help organizations prepare.

You need to be a member of Global Risk Community to add comments!

Join Global Risk Community

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!

lead