Governance is a good starting point for enterprise risk management. In this column on Emerging Risk Strategies, we'll explore the drivers of ERM and offer a good example of how an ERM approach could help Chrysler Corp.
Executives are increasingly talking about the need to improve risk management across the entire organization. They are responding to multiple drivers, including:
Where to start?
ERM can begin anyplace, but three approaches seem to be emerging:
An organization can develop a successful ERM program from any of these points. In this article, let's deal with governance.
A director, CEO or other C-suite executive can raise the need for ERM. Board members and senior executives are likely to display immediate skepticism: "We are doing just fine." "We have been in business a long time." "We know what we are doing." These are typical responses.
Fortunately, a simple test exists to see if ERM is needed. A consultant or facilitator simply has to ask, "What are your seven to 10 most critical risks?" In many boardrooms, the question has produced an uncomfortable silence followed by a vigorous and maybe even rancorous discussion. Then boards realize more needs to be done to understand risk across the enterprise.
The first obstacle confronting executive leadership is risk identification and developing agreement on critical risks. A specific example can illustrate the scope of the problem.
Chrysler's critical risks
In September 2007, five teams of MBA candidates at Saint Peter's College were assigned to identify five to 10 critical risks facing Chrysler Corp. They learned that Cerberus acquired Chrysler after DaimlerChrysler could not turn it around. Cerberus brought in a controversial CEO--Robert Nardelli, formerly of General Electric Co.--who had attracted national attention for his management style when he was CEO of Home Depot. Several observations from their lists:
One interesting issue is the absence of cultural risk on any of the five lists. It does not seem reasonable to limit the leadership exposure to the style and skills of the new CEO. Aside from governance risks and subsequent strategies that a CEO might develop to address them, will the culture allow the execution needed to turn around the ailing company?
In this context, ERM argues that the upside of risk is opportunity. Mr. Nardelli succeeded at GE and struggled at Home Depot. His appointment may be the perfect risk to be accepted by Cerberus. Only time will tell. Whatever happens, risk identification and consensus on critical risks should be a starting point for ERM at the level of governance. If Chrysler focuses on the right exposures, it increases the odds to develop the strategies and pursue the performance needed to achieve its goals.
John J. Hampton is the KPMG Professor of Business and Dean of the School of Professional and Continuing Studies and Graduate Business Programs at St. Peter's College in New Jersey. He specializes in business ethics, legal liability and enterprise risk management. He is a former executive director of RIMS.