7

THE ILLUSION OF PERFECTION

INTRODUCTION

So far our models have been prepared with a view to establishing best practice in managing business risk. As each component of the models has been developed, we have been able to apply a benchmark to what organizations should be doing. This chapter is different in that the model used here is designed to demonstrate what should not be done, as opposed to what is good practice. There is a growing army of commentators who feel the emphasis on risk management and ERM is misplaced (i.e., it is creating a society where risks are seen in every dark corner and people start to become nervous about going to the stores). Some organizations start to play the risk game, in which they pretend their risk management arrangements create a perfect entity, where everything can be locked down and controlled. Meanwhile, other organizations simply ignore this risk industry and carry on as usual in the hope that, if anything goes wrong, someone else will take the blame. It has been jokingly suggested that there are people employed by some companies who are loosely referred to as “director in charge of going to jail” (i.e., someone who can take the fall, where there are significant problems).

Some CEOs invent hundreds of boxes that can be checked by various people in the organization in the hope that this evidence of good ERM can be used in their defense if the need arises. ...