پارسی   English   العربیه

Strategy and Risk Management: An Integrated Practical Approach


Employees make dozens of day-to-day decisions--and any one of them could come back to haunt you, even when the decision does not seem to have hidden or unknown ramifications. That is why your organisation must have a protocol in place for identifying and mitigating all major business risks long before it is needed.

At the strategic level, risk management and strategic management are intertwined. Using this book, learn how to apply powerful tools and approaches to make your planning processes more effective and flexible and build a set of decision-making processes based on plain language. Author, Ron Rael, uses quality concepts/language (TQM & Six Sigma) to define the Enterprise Risk Management (ERM) process and value of prevention, while showing how these elements are both necessary and highly desired in an organisation’s strategic decision-making.

ERM extends to your everyday business decisions because employees take actions and make daily choices that could have a detrimental effect on your profits and business’s longevity and future. This book will

  • provide a best practices view on the latest developments in ERM
  • deliver how-to guidance on developing ERM processes at the enterprise and department levels
  • facilitate enterprise-wide ERM participation via practical information and examples
  • deliver cross-functional management and implementation of ERM

Ron Rael, CPA, CGMA, is a thought leader for the CPA profession on leadership and CFO/Controllership topics. He is the CEO of the High Road Institute, a leadership development organization. Ron has authored content on topics such as budgeting, accountability, governance, risk management, and strategic planning. He has coached more than 10,000 accounting professionals in organizations and leadership teams throughout the United States and Canada. Ron’s industry experience comes from working in two large corporations, as well as from leading accounting teams in numerous closely held businesses.

Introduction xi

Chapter 1 Introduction to Enterprise Risk Management 1

Who This Book Is for 1

Success Requires Commitment to Risk Management 2

Risk Management Defi ned 3

Stewardship and Risk Management 3

Cost and Risk Management 4

The Cost of Success 5

The Cost of Failure 5

Summary of Risk Management-Watching for the Potholes 6

Your Action Plan 6

Chapter 2 The WHAT of Risk Management 7

What Risk Management Is 7

The Born (Entrepreneur) Incident 7

What Risk Management Is Not 8

Risk Taking Versus Risk Management 8

Risk Taking Is Necessary for Survival 9

Risk Management Is Necessary for Success and Growth 9

What Risk Is 11

Risk Can Be Seen from Two Views 11

Risk Can Be Unpredictable 12

Your Personal Risk Appetite 12

Risk Management Tool One-Personal Risk Spectrum 12

What a Risk Management Programme Is 14

You Already Manage Risk 14

Preview of a Risk Management Structure 15

Cost of a Risk Management Programme 17

Cost-Awareness That Risk Exists 18

Cost-Finding Appropriate Balance 19

Cost-Measuring Your Exposure 19

Cost-Setting Appropriate Goals 20

Cost-Willingness to Alter Your Plans 20

Cost-Embracing the Pains of Change 20

The Catch-22 Syndrome of Risk Management 20

Catch 1 21

Catch 2 21

Risk Taking Is a Paradox 21

Back to PJI 22

Onward 23

Your Action Plan 23

Chapter 3 WHY Is Risk Management Important to Us? 25

Reasons Why Formal Risk Management Is Vital to Success 25

Reason 1 25

Reason 2 25

Reasons to Care about Formal Risk Management 26

Not Just Risk Avoidance 26

It’s a Small (Appliance) World 26

Why Peril Awareness Is a Group E ort 28

Why Risk Management Is a Leadership Responsibility 29

Desire for Innovation and Creativity 30

Need for Fraud Prevention and Detection or Proper Governance 30

Need Adequate Checks and Balances 30

Desire to Maximise Profi ts 31

Need for Good Stewardship of Corporate Assets 31

Ten Ways ERM Can Make an Impact 31

Onward 32

Your Action Plan 33

Chapter 4 WHICH Risk s Do We Need to Be Concerned about? 35

Enterprise Risk Management Step One-Obtain Consensus on Allowable Risk 36

Risk Management Tool Two: Process for Gaining Consensus on What Risk Looks Like 36

Why Defining Risk Is Necessary in Enterprise Risk Management 38

Evaluating Risk 39

Immediacy of Risk 39

Size of Risk 40

Impact of Risk 41

Scope of Risk 41

Back to PJI 42

How to Make an Internal Strategic Risk Assessment 42

Risk Management Tool Three-Strategic Risk Assessment 42

What Strategic Risk Management Is 43

Three Examples of Tools to Assess Risk 44

Risk Management Tool Four-Risk Tolerance Questionnaire 44

Risk Management Tool Five-Critical Risk Questionnaire 44

Risk Management Tool Six-Critical Risk Path 45

Three Case Studies 45

Case Study: The Risk in Giving Incentives to Certain Employees 45

Case Study: The Risk of Doing Business in a Third-World Country 47

Case Study: The Risk of New Technology 48

Onward 50

Your Action Plan 50

Chapter 5 WHEN Is It A ppropriate to Plan for Risk ? 51

Plan for Risk before It Happens 51

Mark’s Failure to Anticipate Risk 51

Mark’s Pitfall 52

Back to PJI 52

ERM Step Two-Seek Out the Global Sources of Risk 53

Strategic Objectives and ERM 54

Relationship of Strategic Planning and Risk Management 55

Assessing Your Strategic Risk 57

Operational Objectives and ERM 58

Operational Risk 58

Mitigating Operational Risk 59

When to Apply Risk Management 60

Daily, Monthly and Annual Goals 60

New Initiatives 60

Everyday Business Decisions 60

Opportunities and Threats 61

Risk Assessing When Scenario Planning 62

Tool for Measuring Risk 64

Risk Management Tool Seven-Risk and Opportunity Measurement and Management Strategy Grid 64

Case Study: The Opportunity to Invest 69

Case Study: The Risk of Losing Qualifi ed Talent 70

Case Study: Avoiding Termination Blowback 70

Lessons from the Case Studies 70

Onward 70

Action Plan 71

Chapter 6 WHERE Do Our Efforts Need to Be? 73

Sources of Jeopardy 73

Harry 74

Holistic Approach 75

ERM Step Three-Analyse the Ability of Your Organisation to Handle Risk 75

Risk Management Tool Eight-Culture Assessment 76

Embedded in the Cultural Fabric 76

What Is Culture? 77

How a Culture Story Is Developed 78

Visible Clues about Risk in Your Cultural Norms 78

Culture Must Never Be Downplayed 79

Determining Your Culture’s View of Risk Taking 80

Risk Management Tool Nine-Assessment of a Balanced Culture 81

Barriers to ERM Implementation 82

Obstacle One: Perceived Cost in Dollars and Time 82

Obstacle Two: Denial That ERM Is Necessary 82

Obstacle Three: Leaders’ Resistance 83

Obstacle Four: Employee Attitudes 83

Ways to Integrate ERM into Your Culture 84

Bring Your People Resources Together 84

Ensure Employee Acceptance through Training 84

Build Enthusiasm 85

Make it a Bottom-Line Issue 85

Risk Management Tool Ten-Responsibility Statement 86

Teach Managers about Risk Management 86

Five ERM Actions for Immediate Implementation 87

Risk Management Tool Eleven-SLOT Analysis 88

SLOT Versus SWOT 89

Your External Threats and Risk Management 89

Your Opportunities and Risk Management 89

Onward 90

Your Action Plan 90

Chapter 7 WHO Needs to Be Involved? 93

Risk Management Is a Team E ort 95

CRO 96

Risk Management Team 97

Board of Directors 98

Oversight Group in Small Organisations 98

Finance’s Role in ERM 100

Insurance’s Role in Risk Management 101

Insurance Does Not Always Reduce Exposure 102

Insurance’s Inadequacy 102

ERM Step Four: Minimise Exposure to Risk 103

Look for Risk during Times of Success 104

Look for Risk in Your Vulnerable and Hidden Areas 104

Look for Risk in Your Timelines 105

Integrate ERM Goals into Existing Infrastructure 105

Budgeting Process 105

Reporting and Feedback Process 105

Goals and Measurements System 106

Prioritisation Process 106

Project Development and Funding Process 106

Minimise Internal Risk of Unethical Employee Behaviour 106

Risk and POLR 107

Setting the Expectation for Ethical Behaviours 107

Unreasonable Policies Increase Ethics Risk108

Unreasonable Expectations Increase Ethics Risk 108

Incentives Increase Ethics Risk 109

Internal Pressures Increase Ethics Risk 110

Risk from Fraud and Employee Abuses 110

Two Tools to Analyse and Reduce Exposure to Ethics Risk 112

Risk Management Tool Twelve-The Five Whys 112

Risk Management Tool Thirteen-Establish Contingency Funds 115

Back to PJI 115

Onward 116

Your Action Plan 116

Chapter 8 HOW Do We Conduct Enterprise Risk Management? 117

Process for the Leadership Body to Implement Risk Management 119

Checklist for Implementing Risk Management 119

Minimum Elements to Establish Risk Awareness 122

Starting to Implement ERM 123

ERM Step Five: Recover Quickly from the Negative Impacts of the Risk 124

Empower Employees to Act 125

Match Authority with Responsibility 126

Five Tools to Help Clarify Accountability and Empower Employees to Act 128

Risk Management Tool Fourteen-Risk Authority and Responsibility Chart 128

Risk Management Tool Fifteen-Formalised Action Plan 130

Risk Management Tool Sixteen-Formalised Action Plan Summary 133

Risk Management Tool Seventeen-Pitfall Analysis 135

Risk Management Tool Eighteen-Controllable, Negotiable and Given Analysis 137

Onward 140

Your Action Plan 140

Chapter 9 What Happens NEXT? 143

Reconciling Dierent Views of Risk 143

Teri and Kris 143

Risk Management Tool Nineteen-Criteria Checkerboard 145

ERM Step Five and One-Half: Learn Something (So You Can Accept Even More Risk with Confidence) 148

Evaluating Your ERM Eorts 149

Interpreting Results 150

Tracking Process Output Versus Reality 150

Scenario Planning Again 151

Learning Lessons 151

Risk Management Tool Twenty-Plus/Delta Analysis 151

The Risk Audit 153

Ongoing Protection 155

Lessons Learned 155

Onward 156

End of the Line 156

Five and One-Half Myths of ERM 157

ERM Tool Kit 157

Your Action Plan 157

Chapter 10 Epilogue 159

Justin 159

Paul 159

PJI International 159

The Future Is Bright 160

You and Your Organisation 160

Case Study: The Hornet’s Nest 161

Onward 163

Appendix A High Road Institute’s Process for Implementing an Effective Risk Management Programme 165

Appendix B What Happened in 2007? 199

Appendix C Enterprise Risk Management 211