Arnold, Gerald 2011 Associated Financial Group: Manage your operational, strategic and financial risks with an enterprise risk management approach

Done well, enterprise risk management (ERM) is a holistic approach to understanding and managing risk throughout an organization.

"Almost any business, but especially those that have the potential for large losses, can benefit from ERM," says Gerald Arnold, vice president and director of sales, Associated Financial Group. "To develop an effective ERM program, organizations must first identify their risks, assess their current situation and come up with solutions. Those solutions must then be integrated throughout the organization, because controlling risks in one department won't protect the business if another area is vulnerable."

A risk management assessment is the first step to creating an ERM program. The benefits can be far-reaching.

Reviewing the advantages

A risk management assessment can do more than simply identify preventable and insurable hazards. The assessment can help your organization:

  • Craft a cohesive policy that takes into account its strategic goals and objectives.
  • Enhance its disaster recovery policies and procedures.
  • Reduce operational losses.
  • Emphasize prevention.
  • Discover risks outside the organization that could have an impact.
  • Reduce costs through elimination of unnecessary or redundant insurance coverage.

"Effective assessment may even help an organization seize new opportunities," Arnold says. "For example, a snack food company may identify as a potential risk that customers are turning to lower-fat products. The company can apply that knowledge to developing a new product that could appeal to more health-conscious consumers."

Identifying risks

Major areas of risk include:

  • Operational risk. This involves the people, processes and technology needed to achieve the organization's goals. For example, a company that manages sensitive database information, such as customers' account numbers, should assess its ability to protect confidential data and the consequences of a leak. A nursing home must consider safety issues and the consequences to residents and employees of unsafe practices.
  • Strategic risk. This risk is related to the organization's goals, competitive environment, reputation and ability to adapt. An example could be damage to the company's brand due to product failure, service issues or even unwarranted, malicious attacks in social media.
  • Financial risk. This risk involves the allocation of an organization's resources and its exposure to risk. This can be related to poor investment choices, too much dept or the potential for lawsuits.

"These risks often overlap," Arnold explains. For example, damage to a company's brand caused by negative publicity — part of strategic risk — can result in a drop in sales, a financial risk. There are risks that may be specific to a particular organization, such as environmental risk at a chemical plant. In addition, there is the risk that future legislation could affect how an organization provides products and services."

A comprehensive risk assessment may uncover risks that your organization is unaware of. "For example, a business may be insured for occurrences at its own facility, yet unwittingly take on risks through its vendors and suppliers," Arnold says. "A manufacturer may have exposure through a negative environmental impact caused by a supplier's raw materials."

Once the assessment is complete, take action to mitigate risks and insure those that are insurable. "It's not a one-time thing," Arnold adds. "Depending on your situation, you may want to revisit your ERM program semi-annually or annually. If there are changes in the business or marketplace, or legislation is enacted that may affect your organization, contact a consultant right away to reassess."

Supporting ERM efforts

Two potential obstacles to an effective ERM program are employee and/or management resistance and the tendency for different departments to "silo" their risks rather than view them in light of the entire organization. "Certainly every department should be involved in the risk assessment and solicited for recommendations," Arnold says. "It is helpful to have a risk management officer, or at least a coordinator who can set up safety committees and work with employees, supervisors and management to get buy-in. The terminology — enterprise risk management — is designed to emphasize the need for a coordinated effort.

Finally, setting up an ERM program doesn't have to be expensive. You can optimize your risk management dollars by employing a consultant through the company brokering your insurance.

To learn more about risk management assessments, contact Associated Financial Group at or call 800-258-3190.

Associated Financial Group's eLine newsletters are intended to educate and assist our clients, partners and other valid business contacts. Our publications are limited to these contacts, and AFG reserves the right to exclude competitors from subscribing. Registrants must have a valid corporate email address (non-Hotmail, Gmail, or Yahoo) and provide complete registration profile information.

Insurance products are offered by licensed agents of Associated Financial Group, LLC. (“AFG”). • Insurance products offered are NOT deposits or obligations of, insured by the FDIC or any agency of the United States. • AFG is an affiliate of Associated Banc-Corp (“AB-C”). • AB-C and its affiliates do not provide tax, legal or accounting advice. Please consult with your tax, legal or accounting advisors regarding your individual situation. This material is for information solely and should not be construed as tax, legal or accounting advice. Copyright © 2013 by Associated Financial Group, LLC. All rights reserved.