How ERM Integration Creates Efficiencies

8028228089?profile=originalLack of transparency makes risk, performance and compliance information hard to discover, collect and maintain. Within every organization, governance areas are conducting activities, each based on different assumptions with different standards, all of which contain a risk component.

While these are typically not thought of as risk activities, when the responsibilities of each governance area are compared to a risk based process – identifying & assessing, mitigating, and monitoring – you find that the activities within vendor management, business continuity, financial reporting compliance, etc. are actually exercises in risk management.

An example of risk intelligence that collected in these silos are the Business Impact Assessments (BIAs) and Vendor Assessments conducted by the Business Continuity and Vendor Management departments within your organization.

These activities often necessitate overlap, especially when BCP/DR is tasked with identifying the key vendors that must be utilized in a disaster recovery scenario. Both groups might take on the exercise in identifying vendor relationships to core business processes, with a vastly different set of assumptions, without ever leveraging the expertise of the other business area.

When risk activities (like Business Impact Assessments and vendor due diligence) are carried out on the same standards and assumptions and thought of as a common framework, they can be compared and utilized cross-functionally. Business Continuity Managers and Vendor Management will have a common language to use when identifying critical vendors to the disaster recovery process.  Since these activities are already taking place anyway, no new work is added, the standardization in language has allowed both groups to be more efficient and utilize the expertise and insight of the other business silo.

Few organizations operate in this manner because functions track their data in their own spreadsheets with standards they’ve developed for their specific business silo. Knowing which vendors are considered critical by business continuity makes vendor managers better at their job, and likewise in the opposite direction. It also decreases time spent on tactical activities, freeing these groups up to focus on the strategic elements of their profession that make them most effective.

To learn more on how to develop an ERM framework, check out the complimentary webinar titled '5 Key Principles for an Actionable ERM Framework.'

Votes: 0
E-mail me when people leave their comments –

Steven Minsky, CEO and Founder of LogicManager, is a recognized thought leader in risk management. Steven is well known for his precinct abilities to guide organizations through future risk events. Steven is a frequent speaker in the Energy, Financial Services and Cyber industries. While the first wave of COVID-19 caught many organizations by surprise, Steven predicted the pandemic impacts in January of 2020 and swiftly published action plans to help organizations prepare.

You need to be a member of Global Risk Community to add comments!

Join Global Risk Community

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!