You are previewing Implementing Enterprise Risk Management: Case Studies and Best Practices.
O'Reilly logo
Implementing Enterprise Risk Management: Case Studies and Best Practices

Book Description

Overcome ERM implementation challenges by taking cues from leading global organizations

Implementing Enterprise Risk Management is a practical guide to establishing an effective ERM system by applying best practices at a granular level. Case studies of leading organizations including Mars, Statoil, LEGO, British Columbia Lottery Corporation, and Astro illustrate the real-world implementation of ERM on a macro level, while also addressing how ERM informs the response to specific incidents. Readers will learn how top companies are effectively constructing ERM systems to positively drive financial growth and manage operational and outside risk factors. By addressing the challenges of adopting ERM in large organizations with different functioning silos and well-established processes, this guide provides expert insight into fitting the new framework into cultures resistant to change.

Enterprise risk management covers accidental losses as well as financial, strategic, operational, and other risks. Recent economic and financial market volatility has fueled a heightened interest in ERM, and regulators and investors have begun to scrutinize companies' risk-management policies and procedures. Implementing Enterprise Risk Management provides clear, demonstrative instruction on establishing a strong, effective system. Readers will learn to:

  • Put the right people in the right places to build a strong ERM framework

  • Establish an ERM system in the face of cultural, logistical, and historical challenges

  • Create a common language and reporting system for communicating key risk indicators

  • Create a risk-aware culture without discouraging beneficial risk-taking behaviors

  • ERM is a complex endeavor, requiring expert planning, organization, and leadership, with the goal of steering a company's activities in a direction that minimizes the effects of risk on financial value and performance. Corporate boards are increasingly required to review and report on the adequacy of ERM in the organizations they administer, and Implementing Enterprise Risk Management offers operative guidance for creating a program that will pass muster.

    Table of Contents

    1. Foreword
    2. Chapter 1: Enterprise Risk Management Case Studies: An Introduction and Overview
      1. The Evolution of Enterprise Risk Management
      2. Why the Need for a Book with ERM Case Studies?
      3. Summary of the Book Chapters
      4. Part I: Overview and Insights for Teaching ERM
      5. Part II: ERM Implementation at Leading Organizations
      6. Part III: Linking ERM to Strategy and Strategic Risk Management
      7. Part IV: Specialized Aspects of Risk Management
      8. Part V: Mini-Cases on ERM and Risk
      9. Part VI: Other Case Studies
      10. Conclusion
      11. Notes
      12. References
      13. About the Editors
    3. Part I: Overview and Insights for Teaching ERM
      1. Chapter 2: An Innovative Method to Teaching Enterprise Risk Management: A Learner-Centered Teaching Approach
        1. Learner-Centered Teaching: The <i xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:svg="http://www.w3.org/2000/svg">WHY</i>
        2. Five Key Changes to Practice the <i xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:svg="http://www.w3.org/2000/svg">WHAT</i>
        3. Conclusion
        4. Questions
        5. Appendix: LCT ERM Examples from the <i xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:svg="http://www.w3.org/2000/svg">HOW</i>
        6. References
        7. About the Contributors
    4. Part II: ERM Implementation at Leading Organizations
      1. Chapter 3: ERM at Mars, Incorporated: ERM for Strategy and Operations
        1. Mars' ERM History
        2. Phase 2—Success
        3. Global Rollout
        4. Reporting
        5. 2007 Operating Plan Workshops
        6. Technology
        7. Aggregation
        8. Template Evolution
        9. Special Situations
        10. Major Acquisition
        11. Conclusion
        12. Questions
        13. Note
        14. About the Contributor
      2. Chapter 4: Value and Risk: Enterprise Risk Management at Statoil
        1. ERM at Statoil: A Brief History
        2. ERM Foundations
        3. ERM Processes in Statoil Today
        4. Optimizing Total Risk
        5. Total Risk Optimization: Lessons Learned
        6. Risk Aggregation
        7. The Frontiers
        8. Conclusion
        9. Questions
        10. Notes
        11. References
        12. About the Contributors
      3. Chapter 5: ERM in Practice at the University of California Health System
        1. The Enterprise Risk Management Program
        2. Premium Rebate Program
        3. Erm and the Center for Health Quality and Innovation
        4. Protected Health Information Value Estimator (PHIve)
        5. Questions
        6. Notes
        7. About the Contributor
      4. Chapter 6: Strategic Risk Management at the LEGO Group: Integrating Strategy and Risk Management
        1. About the LEGO Group
        2. The LEGO Group Strategy
        3. LEGO Strategic Risk Management
        4. Enterprise Risk Management (Step 1)
        5. Monte Carlo Simulation (Step 2)
        6. AROP: Active Risk Assessment of Business Projects (Step 3)
        7. Preparing for Uncertainty: Defining and Testing Strategies (Step 4)
        8. The PAPA Model
        9. Stategic Risk Management Return on Investment
        10. Conclusion
        11. Questions
        12. Notes
        13. References
        14. About the Contributors
      5. Chapter 7: Turning the Organizational Pyramid Upside Down: Ten Years of Evolution in Enterprise Risk Management at United Grain Growers
        1. Background—Operating Environment
        2. Governance
        3. ERM Credit Financing Outcomes
        4. Agricore United
        5. Harvesting Value
        6. Conclusion
        7. Questions
        8. Acknowledgments
        9. Notes
        10. About the Contributor
      6. Chapter 8: Housing Association Case Study of ERM in a Changing Marketplace
        1. Background
        2. Sector Issues
        3. Charitable Status
        4. Some Useful Methodology
        5. Four Associations
        6. Association A: London & Quadrant
        7. Association B: RCT Homes
        8. Association C: Ability Housing Association
        9. Association D: GreenSquare
        10. Questions
        11. Notes
        12. References
        13. About the Contributor
      7. Chapter 9: Lessons from the Academy: ERM Implementation in the University Setting
        1. The Higher Education Environment
        2. Emergence of ERM in Higher Education
        3. Adopting and Implementing ERM in Colleges and Universities
        4. The University of Washington: A Journey of Discovery
        5. Evolution of ERM at UW
        6. ERM Structure at UW
        7. UW's ERM Model
        8. Outcomes and Lessons Learned
        9. What Next?: Current Priorities and Future Direction
        10. Conclusion
        11. Questions
        12. Notes
        13. References
        14. About the Contributor
      8. Chapter 10: Developing Accountability in Risk Management: The British Columbia Lottery Corporation Case Study
        1. Background
        2. The Beginnings of the Risk Management Journey
        3. Learning from the First ERM Initiative
        4. Restarting the Program―2006–2008
        5. Key Steps in the Development of the ERM Program
        6. Revitalizing the ERM Program—2009–2010
        7. Strengthening the Program—2010–2013
        8. Building the Risk Profile
        9. The Role of Risk Managers, Champions, and Committees
        10. Developing a More Sophisticated Approach to Risk Analysis and Evaluation
        11. Conclusion
        12. Questions
        13. Notes
        14. References
        15. About the Contributor
      9. Chapter 11: Starting from Scratch: The Evolution of ERM at the Workers' Compensation Fund
        1. Toward ERM Program Initiation
        2. Initial Actions
        3. Maturing: Years 1 and 2
        4. The Future
        5. Questions
        6. Notes
        7. About the Contributor
      10. Chapter 12: Measuring Performance at Intuit: A Value-Added Component in ERM Programs
        1. Intuit's ERM Journey
        2. ERM Maturity Model
        3. Benefits of Measuring Performance in ERM Programs
        4. ERM Performance Measurement and Reporting at Intuit
        5. Conclusion
        6. Questions
        7. About the Contributor
      11. Chapter 13: TD Bank's Approach to an Enterprise Risk Management Program
        1. Background
        2. Conclusion
        3. Questions
        4. References
        5. About the Contributors
    5. Part III: Linking ERM to Strategy and Strategic Risk Management
      1. Chapter 14: A Strategic Approach to Enterprise Risk Management at Zurich Insurance Group
        1. Enterprise Risk Management at Zurich
        2. Zurich Group's Enterprise Risk Management Framework
        3. Role of the Chief Risk Officer and Group Risk Management at Zurich
        4. Working with External Stakeholders
        5. Zurich's Proprietary Tools Used in ERM Framework
        6. Categorizing Various Risks at Zurich
        7. Capital Management
        8. Zurich's Business Resilience Tools
        9. How Zurich Uses Its ERM Tools to Create New Value
        10. Conclusion
        11. Appendix
        12. About the Contributors
        13. Questions
        14. References
      2. Chapter 15: Embedding ERM into Strategic Planning at the City of Edmonton
        1. Context—City of Edmonton
        2. ERM Development in the Past
        3. Current Overall ERM Development
        4. Links to Strategic Plan and to Other Strategic Tools
        5. Selecting and Testing a Strategic Risk Management Model
        6. Selecting an ERM Framework
        7. Recommended Strategic ERM Model
        8. Lessons Learned
        9. Conclusion
        10. Appendix: Summary of <i xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:svg="http://www.w3.org/2000/svg">THE WAY AHEAD</i>, Edmonton's Strategic Plan, Edmonton's Strategic Plan
        11. Questions
        12. Notes
        13. About the Contributor
      3. Chapter 16: Leveraging ERM to Practice Strategic Risk Management
        1. ERM: A Reexamination of Purpose
        2. Regulatory Environment
        3. Leveraging ERM to Practice Strategic Risk Management
        4. Managing and Measuring Value Creation
        5. Risk Management Fault Line
        6. Value Maps
        7. Additional Tools and Techniques
        8. Conclusion
        9. Questions
        10. Notes
        11. About the Contributors
    6. Part IV: Specialized Aspects of Risk Management
      1. Chapter 17: Developing a Strategic Risk Plan for the Hope City Police Service
        1. The Context
        2. Some Background on the Hope City Police Service
        3. What the Consultant Heard
        4. Community Views on Police Issues
        5. Questions
        6. Notes
        7. About the Contributor
      2. Chapter 18: Blue Wood Chocolates
        1. Background
        2. The Company
        3. Market Overview
        4. Blue Wood Financial Performance
        5. Conclusion
        6. Appendix I: Blue Wood Chocolates
        7. Appendix II: The Hershey Company
        8. Appendix III: Rocky Mountain Chocolate Factory, Inc.
        9. Questions
        10. Notes
        11. About the Contributors
      3. Chapter 19: Kilgore Custom Milling
        1. Background
        2. Kilgore Custom Milling
        3. The Management Team
        4. The Company
        5. The New Contract
        6. The Financial Risk Management Meeting
        7. Questions
        8. About the Contributors
      4. Chapter 20: Implementing Risk Management within Middle Eastern Oil and Gas Companies
        1. Company Background
        2. Organization Culture
        3. Local Culture
        4. MECO Structure
        5. MECO Risk Management Background
        6. Risk Management Practices within MECO
        7. Corporate Risk Exercise
        8. Conclusion
        9. Notes
        10. Questions
        11. Notes
        12. About the Contributor
      5. Chapter 21: The Role of Root Cause Analysis in Public Safety ERM Programs
        1. Policing and Risk
        2. Five Whys Analysis
        3. Cause and Effect Analysis
        4. Failure Mode, Effects, and Criticality Analysis
        5. Force Field Analysis
        6. Influence Diagrams
        7. Concept Fans
        8. Case Study Example: Tackling Violent Crime
        9. The FMECA Process
        10. Conclusion
        11. Questions
        12. Notes
        13. References
        14. About the Contributor
      6. Chapter 22: JAA Inc.—A Case Study in Creating Value from Uncertainty: Best Practices in Managing Risk
        1. Setting the Context
        2. Introduction of ISO 31000 and HB 436 to the Company
        3. Appendix A: JAA Inc. Financial Statements
        4. Appendix B: Risk Management Policy
        5. Part A – Questions
        6. Part B – Questions
        7. Notes
        8. References
        9. About the Contributors
      7. Chapter 23: Control Complacency: Rogue Trading at Société Générale
        1. Part One: Kerviel's Trial—A Media Circus
        2. Part Two: Outcome and Lessons Learned
        3. Questions
        4. References
        5. About the Contributor
      8. Chapter 24: The Role of VaR in Enterprise Risk Management: Calculating Value at Risk for Portfolios Held by the Vane Mallory Investment Bank
        1. Risk and Value at Risk Overview
        2. Your Task: Calculating Portfolio VAR for Vane Mallory
        3. Conclusion
        4. Questions
        5. Notes
        6. References
        7. About the Contributors
      9. Chapter 25: Uses of Efficient Frontier Analysis in Strategic Risk Management: A Technical Examination
        1. Strategic Risk Management Framework Examined
        2. Modern Portfolio Theory as a Foundation for Efficient Frontier Analysis
        3. Practical Applications of Risk Measurement for Insurance
        4. Sample Case Study
        5. Intended Uses for Our Approach
        6. Modern Portfolio Concerns Contained in the Framework
        7. Consideration of Behavioral Concerns in Structure
        8. Questions
        9. Acknowledgments
        10. Notes
        11. References
        12. About the Contributors
    7. Part V: Mini-Cases on ERM and Risk
      1. Chapter 26: Bim Consultants Inc.
        1. Questions
        2. About the Contributor
      2. Chapter 27: Nerds Galore
        1. Questions
        2. About the Contributor
      3. Chapter 28: The Reluctant General Counsel
        1. Questions
        2. About the Contributor
      4. Chapter 29: Transforming Risk Management at Akawini Copper
        1. The Acquisition and Due Diligence
        2. The Transformation Process
        3. Gaining Senior Management Ownership for Transformation
        4. The Transformation Plan
        5. Questions
        6. Notes
        7. Reference
        8. About the Contributor
      5. Chapter 30: Alleged Corruption at Chessfield: Corporate Governance and the Risk Oversight Role of the Board of Directors
        1. Chessfield Inc. and Its Board of Directors
        2. Whistle-Blower Complaint
        3. Message from the CEO Requesting to Meet the Author
        4. Governance Documents, Interviews, and On-Site Observation Requested by the Author
        5. CEO Compensation Issue
        6. Risk Management
        7. Self-Dealing Issue
        8. Chessfield Board Meeting to Discuss the Author's Recommendations
        9. Two Contentious Recommendations
        10. Conclusion
        11. Questions
        12. Notes
        13. References
        14. About the Contributor
      6. Chapter 31: Operational Risk Management Case Study: Bon Boulangerie
        1. QUESTIONS
        2. About the Contributor
    8. Part VI: Other Case Studies
      1. Chapter 32: Constructive Dialogue and ERM: Lessons from the Financial Crisis
        1. Constructive Dialogue: The Essential Difference between Firms That Navigated the Crisis and Those That Failed
        2. Successful Firms: JPMorgan Chase, Goldman Sachs, Wells Fargo, and TD Bank
        3. Firms That Failed to Navigate the Crisis
        4. JPMorgan Chase after the Crisis: The Perils of Hubris
        5. Conclusion
        6. Questions
        7. Notes
        8. About the Contributor
      2. Chapter 33: Challenges and Obstacles of ERM Implementation in Poland
        1. Methodology to Diagnose the Status of ERM Implementation
        2. Main Issues in Poland's ERM Implementation
        3. Board Perception of ERM: “We Have to Change the Way We Run the Business, Because Lack of ERM Creates Inefficient Management”
        4. Who Is Getting Management Buy-In for ERM?
        5. Specific Challenges and Obstacles Observed in Risk Management
        6. We Have to Build the Chief Risk Officer/Risk Manager Profession from Scratch
        7. What Numbers Say about ERM Maturity
        8. Risk Management Framework—Accountability
        9. Impact of the Risk Assessment Tools on the Performance of the Companies
        10. Capital Allocation: A Frequently Missed Part of the ERM Framework and Risk Treatment
        11. Conclusion
        12. Questions
        13. Notes
        14. References
        15. About the Contributors
      3. Chapter 34: Turning Crisis into Opportunity: Building an ERM Program at General Motors
        1. Background and Implementation
        2. General Motors' Approach to Enterprise Risk Management
        3. Game Theory
        4. Looking Forward
        5. Conclusion
        6. Questions
        7. Notes
        8. About the Contributors
      4. Chapter 35: ERM at Malaysia's Media Company Astro: Quickly Implementing ERM and Using It to Assess the Risk-Adjusted Performance of a Portfolio of Acquired Foreign Companies
        1. Malaysia
        2. Corporate Governance in Malaysia
        3. Enterprise Risk Management at Astro
        4. Astro Overseas Limited
        5. Evolution of ERM at AOL
        6. Role of ERM in the Acquisition Process
        7. Risk Profile: Risk Map and Action Plans
        8. The Investment Performance Dashboard
        9. Helping the Board Make Investment Decisions
        10. Conclusion
        11. Questions
        12. Notes
        13. References
        14. About the Contributors
    9. About the Editors
    10. Index
    11. End User License Agreement