With 2015 being the 200th anniversary of the Battle of Waterloo and having a man-crush on Napoleon B, I have taken this opportunity to revisit some of lessons we can learn (good & bad) from his 20 year reign as master of the universe.
Enterprise Compliance Today
- Not being Outcome focused
- Not using Risk base targeting
- Not Value Adding
- Not being timely
An effective Corporate Risk management system (or ERM) requires developing a detailed inventory of all the drivers and influences and how they affect the organisation. It requires a methodical and introspective commitment to fully understand what makes things tick, but as with most things, a bit of effort upfront produces a lifetime of benefits.
Why, with the number of fertile minds that exist in our field, is it still a case of an irresistible force meeting an immovable object. The paradox I believe, like our would-be entrepreneurs, is one of approach.
Return of Investment (ROI) does not come for automating a process but from using it to add value. Value adding comes from targeting time and resources, risk based thinking, and Business Intelligence where they can deliver the greatest benefit to achieving the organisation’s strategic goals.
Risk Appetite is such a simple concept that everyone thinks they know but invariably misunderstand. COSO and other regulatory requirements for boards to issue a Risk Appetite Statement has led to a belief a business has an overarching level of risk tolerance. Personally I don’t believe these Risk Appetite Statements add any value but regulators are regulators.
Corporate objectives are not the “bulls eye” of strategic planning they're just the dartboard. Boards are assessed by the quality of their Results not the quality of their Objectives.