Implementing Enterprise Risk Management
Enterprise risk management (ERM) is a complex yet critical issue that all companies must deal with in the twenty-first century. Failure to properly manage risk continues to plague corporations around the world. ERM empowers risk professionals to balance risks with rewards and balance people with processes.
But to master the numerous aspects of enterprise risk management, you must integrate it into the culture and operations of the business. No one knows this better than risk management expert James Lam, and now, with Enterprise Risk Management: From Methods to Applications, he distills more than thirty years' worth of experience in the field to give risk professionals a clear understanding of how to implement an enterprise risk management program for every business.
- Offers valuable insights on solving real-world business problems using ERM
- Effectively addresses how to develop specific ERM tools
- Contains a significant number of case studies to help with practical implementation of an ERM program
While Enterprise Risk Management: From Incentives to Controls, Second Edition focuses on the 'what' of ERM, Enterprise Risk Management: From Methods to Applications will help you focus on the 'how.' Together, these two resources can help you meet the enterprise-wide risk management challenge head on-and succeed.
JAMES LAM is president of James Lam & Associates, a risk management consulting firm. He serves on the board of directors of E*TRADE Financial and chairs the Risk Oversight Committee. An NACD Board Leadership Fellow, he is author of the bestselling risk management title, Enterprise Risk Management.
Implementing Enterprise Risk Management
Confucius said: "I hear and I forget. I see and I remember. I do and I understand."
Indeed, the value of knowledge is not in its acquisition but in its application. I am grateful that I have had opportunities to apply risk management in a wide range of roles throughout my 30-year career in risk management. As a consultant, I've worked with clients with different requirements based on their size, complexity, and industry. As a risk manager, I've implemented enterprise risk management (ERM) programs while overcoming data, technical, and cultural challenges. As a founder of a technology start-up, I've worked with customers to leverage advanced analytics to improve their risk quantification and reporting. In the past four years, as a board member and risk committee chair, I've worked with my board colleagues to provide independent risk oversight while respecting the operating role of management.
These experiences have taught me that knowledge of ERM best practices is insufficient. Value can be created only if these practices are integrated into the decision-making processes of an organization. The purpose of this book is to help my fellow risk practitioners to bridge the gap between knowledge and practical applications.
In my first book, Enterprise Risk Management-From Incentives to Controls (Wiley, 1st edition 2003, 2nd edition 2014), the focus was on the what questions related to ERM:
- What is enterprise risk management?
- What are the key components of an ERM framework?
- What are best practices and useful case studies?
- What are the functional requirements for credit, market, and operational risks?
- What are the industry requirements for financial institutions, energy firms, and non-financial corporations?
In this companion book, the focus is on the how questions:
- How to implement an ERM program?
- How to overcome common implementation issues and cultural barriers?
- How to leverage ERM in all three lines of defense: business and operational units, risk and compliance, and the board and internal audit?
- How to develop and implement specific ERM processes and tools?
- How to enhance business decisions and create value with ERM?
The publication of my first ERM book was one of the most gratifying professional experiences of my career. The book has been translated into Chinese, Japanese, Korean, and Indonesian. It has been adopted by leading professional associations and university programs around the world. On Amazon.com, it has ranked #1 best-selling among 25,000 risk management titles. In a 2007 survey of ERM practitioners in the United States and Canada conducted by the Conference Board of Canada, the book was ranked among the top-10 in ERM books and research papers. In addition, the book has brought me countless consulting and speaking opportunities internationally.
In my travels, risk professionals most often request practical approaches and case studies, as well as best-practice templates and examples that can assist them in their ERM programs. Based on this feedback, I have structured this book to focus on effective implementation of ERM.OVERVIEW OF THE BOOK
This book is organized into seven parts. Part One provides the overall context for the current state and future vision of ERM:
- Chapter 1 introduces the notion that risk is a bell curve. It also lays out the fundamental concepts and definitions for enterprise risk management. We also discuss the business case for, and current state of, the practice of ERM.
- Chapter 2 reviews the key trends and developments in ERM since the 2008 financial crisis, including lessons learned and major changes since that time.
- In Chapter 3, a new performance-based continuous model for ERM is introduced. This new model i