Linking Corporate Strategy to Risk Management

Communicating corporate objectives and the strategic plan is a key consideration in the governance of an organization. Promoting effective communication throughout the organization is essential as it establishes a “Tone from the Top” that is consistent with good governance.

Communicating corporate objectives is easily facilitated through enterprise risk management processes. Most companies have a succinct statement of corporate strategy that includes a statement of objectives. Objectives emanate from or are included within a statement of mission (the company purpose) and/or a statement of vision (where the organization wants to be within one to five years). When risk management embraces corporate objectives, the objectives themselves become a starting point for the determination of risk. No matter what level of the company where risks are contemplated, once objectives are defined it is a natural follow-on to think in terms of what are the risks to meeting each objective in terms of an employee’s role and level within the company. 

When risks are aligned with corporate objectives, organizations ensure that each risk (along with its treatment costs and related process costs) is in line with corporate revenue and profit expectations. It also ensures that no risk or related treatment activity is in opposition to corporate strategy and therefore that no risk is in opposition to revenue and profit expectations.

The benefits of linking corporate strategy to risk management include:

  • The costs of risk treatments (whether mitigated, transferred, accepted or avoided) are always in alignment with revenue and profit expectations.
  • The cost of risks and risk exposure is measured and compared in a way that supports the strategic plan.
  • The communication of corporate strategy is inherent in the risk management process and serves to enhance the maturity of corporate governance. 
  • Each level of the company that participates in risk management thinks in terms of how their processes and risks align with corporate objectives. 
  • The risk assessment and analysis process addresses operational and compliance considerations (and their associated risks) to ensure alignment with corporate strategy.
  • Determining risks is often easier when first considering an objective, such as “What are the risks that will prevent me from achieving [fill in the blank]?”

When the risk determination process starts with company objectives and is associated with operational risks and compliance risks, risk determination is naturally aligned with corporate strategy. Once defined, all risks are assured to be associated with a corporate objective and therefore all risk treatment plans and associated costs are directly measurable to corporate strategic planning and revenue and profit expectations.

Linking corporate strategy to risk management is simple: Create an assessment that captures corporate objectives in your risk management software system, and then link it to the associated risks. For more information on how Cura Software can help you connect corporate strategy to risk management, click here to contact us.

Posted by Steve Money, Professional Services, Cura Software

Views: 161


You need to be a member of GlobalRisk community to add comments!

Join GlobalRisk community

Our Sponsors

Would you like to reach over 90,000 + Risk Professionals? 



Current Partners Include:





Join GRC Inner Circle - Get Top Risk Resources, Member Support PLUS become our patron

Business Exchange

If your organization delivers products and services that bring value to our members, you are welcome to join our partnership program.

Companies are welcome to setup a business profile page in our Multimedia Business Directory. You will get full control of the page and can include cutting edge possibilities – videos, adverts, presentations, white papers, job offers, Press Releases, product information, company blog, news feeds and more.


Our Knowledge Partners

Request our MEDIA KIT

Our Twitter feed

© 2020   Created by Boris Agranovich.   Powered by

Badges  |  Report an Issue  |  Terms of Service