While natural disasters and political upheaval could pose huge risks to a company, the risk management process is much more than guarding against these threats. In their risk assessment procedures, companies should also account for complying with all regulatory requirements, according to Industry Week.
Gerry Fay, chief global logistics and operations officer at Avnet, said the greatest risk companies face is an ineffective risk management strategy. This can include inadequate training of employees in following regulatory compliance of laws such as the Consumer Protection Act. Failure to follow these rules could lead to large fines, loss of business or damaged company reputation. Fay cited a survey by Deloitte that revealed 45 percent of respondents in the financial services industry said their risk management programs were "only somewhat effective" or "not effective at all."
The financial integrity of a business depends on its ability to reduce the chance of risk with an enterprise risk management (ERM) program.
How to avoid ERM pitfalls
For an ERM program to be successful, executives and boards need to have a clear understanding of how to confirm and monitor the risk assessment results, according to Smart Business.
"In many cases, ERM has consisted of creating a list of risks, prioritizing those risks and developing loose plans to mitigate them. The problem is that managers and executives often observe that the risks 'identified' had been known and adequately addressed," said Marc I. Dominus, ERM solutions leader at public accounting and consulting firm Crowe Horwath.
Executives and managers need to define the risks and update the criteria for assessing them on an ongoing basis. Firms should create and oversee risk management procedures and develop a treatment plan to avert or mitigate the risk. Companies should also be able to know how they should report the risks involved and who should receive information in assessing the risk.