One of the most difficult tasks for insurers in establishing an effective enterprise risk management (ERM) program is embedding ERM principles and practices throughout the organization. As challenging as it may be for chief risk officers and risk committees to master the key concepts and strategies of ERM, it can be even more difficult to explain them to “novice” business people in the rest of the organization.
It is critical to the success of an ERM program, however, that companies instill ERM practices at every level in the company. ERM should be a day-to-day, simmering concern within business departments, rather than just a once-a-quarter fire drill by a small core risk-management team.
Some issues affected human resources. Some impacted interest rates and investment activity. Others were indicators of potential asset or property risk. But most importantly, they were concrete examples of real-world events that helped employees better envision potential loss or threats to their own business, which may cut across functional departments and have even greater impact on the entity as a whole. This helped emphasize the need for, and benefit of, company-wide risk management.
Other variations of a “real world” exercise can be built into ERM training in a number of ways. For example, take a closer look at cell phones, and the risks a company faces when issuing employees mobile phones. In the “old world” before ERM, companies may have done a cost/benefit analysis of issuing cell phones by looking at the total cost of the actual phone and any monthly charges, and weighing that against the benefit of having employees available to talk to colleagues and clients while travelling or otherwise away from the office, and at odd hours of the day.