SlideShare une entreprise Scribd logo

Deloitte The Risk Intelligent Board Viewing The World Through Risk Coloured Glasses 12 Pgs 2008

S
sean_coady

A Deloitte publication that Board members have found useful to educate themselves around risk management requirements

BusinessÉconomie & finance
1  sur  12
Télécharger pour lire hors ligne
Risk Intelligence Series Issue No. 12 The Risk Intelligent Board Viewing the World through Risk-Colored Glasses
The Risk Intelligent Board Viewing the World through Risk-Colored Glasses This paper originally appeared in the Winter 2008 issue of Deloitte Review, a semiannual magazine published by Deloitte LLP. For more information, please visit www.deloittereview.com. Disclaimer These materials and the information contained herein are provided by Deloitte Touche Tohmatsu and are intended to provide general information on a particular subject or subjects and are not an exhaustive treatment of such subject(s). Accordingly, the information in these materials is not intended to constitute accounting, tax, legal, investment, consulting, or other professional advice or services. The information is not intended to be relied upon as the sole basis for any decision which may affect you or your business. Before making any decision or taking any action that might affect your personal finances or business, you should consult a qualified professional adviser. These materials and the information contained therein are provided as is, and Deloitte Touche Tohmatsu makes no express or implied representations or warranties regarding these materials or the information contained therein. Without limiting the foregoing, Deloitte Touche Tohmatsu does not warrant that the materials or information contained therein will be error-free or will meet any particular criteria of performance or quality. Deloitte Touche Tohmatsu expressly disclaims all implied warranties, including, without limitation, warranties of merchantability, title, fitness for a particular purpose, noninfringement, compatibility, security, and accuracy. Your use of these materials and information contained therein is at your own risk, and you assume full responsibility and risk of loss resulting from the use thereof. Deloitte Touche Tohmatsu will not be liable for any special, indirect, incidental, consequential, or punitive damages or any other damages whatsoever, whether in an action of contract, statute, tort (including, without limitation, negligence), or otherwise, relating to the use of these materials or the information contained therein. As used in this document, quot;Deloittequot; means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its If any of the subsidiaries. foregoing is not fully enforceable for any reason, the remainder shall nonetheless continue to apply.
Table of Contents The Risk Intelligent Board 1 Viewing the World through Risk-Colored Glasses The Buck Stops...Where? 2 The Risk Intelligent Board 3 Can We Talk? 4 Actions for the Risk Intelligent Board 5 Contacts � Endnotes � iii
The Risk Intelligent Board Viewing the World through Risk-Colored Glasses
The Risk Intelligent Board Viewing the World through Risk-Colored Glasses The Risk Intelligent Board Viewing the World through Risk-Colored Glasses By Stephen Wagner and Maureen Errity Recently, a colleague told us two offbeat and seemingly unrelated wisdom. Yet despite this extraordinary diversity of viewpoints, we stories: believe that every member of the board should don a pair of risk- colored glasses. He said he just had his septic system repaired. Out in the yard, inspecting the work in progress, his contractor pointed to the walls of We expect this tinted eyewear to become increasingly popular. These the freshly excavated pit. “That is some beautiful soil down there,” the days, you can’t even sit on a public company board without giving contractor said. at least cursory attention to risk. The New York Stock Exchange requires the audit committee of all listed companies to annually He then recounted an experience at a recent medical exam. While discuss the company’s financial risk exposures and understand how drawing his blood, the nurse nodded toward his bare forearm. “Those management addresses such risks. Several shareholder ratings services are truly impressive veins you’ve got there,” she said. and institutional investors now include risk management in their corporate evaluations. And, of course, the potential for out-of-pocket We must admit, this coworker had us curious. What could possibly be settlements paid by board members or costly shareholder suits against the point of these strange recollections? the company have driven home the point in boardrooms across the “The point is,” our colleague quickly told us, “that everybody has a land — risk has become personal. view of the world that is shaped by their knowledge and experience. I looked down in that hole and saw rocks and dirt. He looked in and But an annual chat (and perhaps a panicked wallet clutch) does not saw hydraulic gradients and soil permeability. I looked at my arm and constitute what we consider a risk intelligent approach by the board. saw a purplish line. She saw a protuberant median cubital vein with To meet their fiduciary responsibilities, directors must share a common high productivity potential.” vision of risk and adopt a framework to support their risk oversight activities. Unfortunately, today, these elements are lacking at many Ah, we were starting to get it now. Two people can look at precisely companies. the same thing and see something entirely different? This is not to imply that boards are negligent when it comes to risk. “Exactly!” he said. “And that same lesson applies to business. The Quite the contrary; most board members make careful deliberations perspective that you bring to an issue will influence your response to and bring to bear their best judgment. They summon the chief risk, that issue. Your view of the world will profoundly affect your business strategy, and audit executives, along with the external auditor and decisions.” others who manage exposures to risk and related policies, to appear “OK,” we said gamely, knowing we were being set up. “And exactly before the board. They listen to presentations, ask tough questions, how do you look at business issues?” and review reports. “I look at all business issues through the same lens,” he said. “The Laudable but, unfortunately, insufficient. What is lacking is a context lens of risk.” for understanding the issues. The board has nothing to benchmark against; directors have no process or framework in place to allow them to take an independent, objective view. As a result, they are left grappling with risk on an almost intuitive level, an ad hoc approach Analyze the demographics of most corporate boards and you’ll find that allows issues to slip through the cracks. And, as has been a heterogeneous collection of exceptional talent. The skills members demonstrated countless times, when risks are not managed properly, bring to the table reflect a wealth of experience, knowledge, and bad things almost inevitably happen. 1
The Risk Intelligent Board Viewing the World through Risk-Colored Glasses The Buck Stops …Where? Boards are under pressure — regulatory, legal, fiduciary, stakeholder risk burdens, but rather makes sure these groups attend to their risk — to oversee the risk management activities of the company. But responsibilities by providing a coordinating and harmonizing function. many board members are unsure how to approach their risk-related When the risk management structure is optimized, every board responsibilities. They are uncertain about roles and delineation of committee will have risk on its agenda. Financial risk falls within the responsibility. They wonder where to start and how to bring all the domain of the audit committee; compensation risks, the compensation disparate pieces together. committee; and succession risk, the nominating committee. (Note, In fact, many options are open to companies as they develop a however, that overall succession planning responsibility usually framework for managing risk. One of the earliest questions that must rests with the full board, with the nominating committee often be addressed: Where does risk oversight belong at the board level? taking a lead role in beginning the diligence process.) Each of these Companies have tried myriad approaches, each of which offers pluses committees, in turn, reports back to the full board, which processes and minuses: the information to develop a full-spectrum picture of risk. And, finally, the loop is closed when the full board addresses risk issues with 1. Keep risk responsibilities at the full board level. This approach management on a regular basis. gives risk issues a broad and thorough airing for the entire board membership. However, it can also be unwieldy and inefficient to get Thus, in companies large and small, the buck stops with the full board. into detailed risk considerations with the full body. But the currency can pass through many hands along the way. 2. Delegate overall risk responsibilities to the audit committee. This is a seemingly logical choice. But in the Sarbanes-Oxley era, the audit “...many board members are unsure how to approach their risk-related responsibilities. They are uncertain about roles and deline- ation of responsibility. They wonder where to start and how to bring all the disparate pieces together.” committee may be the most overworked of all board committees. Financial risk is already on its agenda, as is the less-clear-cut financial risk oversight required by NYSE listing standards. Piling on operational, strategic, and enterprise-wide risks may present an undue burden that could result in insufficient oversight. 3. Create a risk management committee. This option represents a good choice for many companies (including our parent organization, Deloitte LLP, which recently created a risk committee of its own). Many financial services companies maintain dedicated risk committees; they are less common, but not unheard of, in other industries. Full boards with large memberships are more likely to spin off separate risk committees; smaller boards tend to retain risk oversight within their own ranks. Of course, creating a risk committee is no panacea. In fact, it can be counterproductive if other board committees get the notion that their risk problems are solved because the risk committee is on the job. The risk committee does not relieve other board committees of their 2
The Risk Intelligent Board Viewing the World through Risk-Colored Glasses The Risk Intelligent Board influence analysts’ assessments of cash flows, impact ratings, and, ultimately, affect shareholder value. Thus, he made the radical decision to sell off his mature-but-still-profitable divisions and search for new businesses that were complementary but had greater growth potential. “...an annual chat (and perhaps a panicked wallet clutch) does not constitute what we consider a risk-intelligent approach by the board. To meet their fiduciary responsibilities, directors must share a common vision of risk and need a framework to support their risk oversight activities.” Of course, the CEO had to convince the board of the wisdom of What is the most important function of the board? Many board the strategy, which proved a hard sell. Like many, this board was a members and board watchers would contend it is overseeing the conservative group whose view of risk was limited to the protection development of corporate strategy. Indeed, no other activity — except of existing assets, not intelligent risk-taking for reward. Ultimately, the possibly the selection of the chief executive — exerts such a potentially CEO presented a persuasive case and the board agreed to the move. profound impact on the long-term fortunes of the company. Both the board and the executive took some heat from shareholders Case in point: We are acquainted with the CEO of a large financial and analysts, but they proved prescient over the long haul. Jettisoning publisher consisting of a parent company and several divisions. When several demonstrated “golden geese” and replacing them with an he was hired several years back, he took over a solid company that unproven flock had the potential to lay an egg. The strategy worked, had enjoyed many successive quarters in the black. He could have just reenergizing stock value and doubling the company’s share price ridden out the wave for a few more years and, chances are, his board over a several-year period. With its board educated on the merits of and shareholders would have been just fine with that. intelligent risk-taking for reward, the company avoided a likely period But this CEO knew that standing pat was risky in itself. He evaluated of slow decline and instead ushered in an era of sustainable growth. the long-term growth potential of the company and determined that Unfortunately, many boards have not yet attained this enlightened many of its divisions were mature and incapable of sustaining double- perspective. Historically, if the board considered risk at all, it was of digit growth rates. He also knew that a growth slowdown would the value-protection variety, manifested in insurance policies, currency hedges, futures contracts, and the like. There is nothing wrong with this focus; it is a critical function of the board. But it represents a “half “...creating a risk committee is no panacea. a loaf” approach. Done properly, risk management oversight includes In fact, it can be counterproductive if other addressing risks to the achievement of long-term strategy. And for any company that hopes to compete and grow, long-term strategy involves board committees get the notion that their risk-taking for reward. risk problems are solved because the risk The active pursuit of risk is essential — calculated risk-taking is a committee is on the job.” fundamental precept of capitalism. Without risk-taking, the prospect of innovation diminishes, competitive advantage evaporates, and, with it, shareholder value. The board must be involved. 3
The Risk Intelligent Board Viewing the World through Risk-Colored Glasses Can We Talk? One way the board can get involved is quite simple — talk it up. Merely putting risk on the agenda for discussion starts a process that will spur creative thinking and generate illuminating discourse. Whether the initial conversation takes place at a committee level, at the full board level, or both is not as important as getting the discussion started. The topic of risk should be placed on the full board meeting agenda on a regular basis, perhaps several times per year. And it will play an important role in board strategy retreats. (Obviously, risk will show up with greater frequency on the committee agendas.) By broaching the risk discussion at the board level, one pervasive problem is immediately confronted — the tendency for risk management activities to take place in “silos.” Most companies spread risk management across the organization. Treasury manages credit risk; IT oversees technology and information risk; facilities handles real property risk. This level of specialization is essential to effective risk management. But problems can arise if these risk specialists remain in isolation, never venturing from their bunkers. Among the potential concerns: the “big picture” remains out of focus; disparities arise in the terminology used to talk about risk and the metrics used to measure it; and risks in combination and cascading risk scenarios don’t enter into the discussion. To combat these problems, the board can act as a catalyst to bridge the silos. By bringing various risk managers into the same room to present their perspectives and strategies on risk, the board is creating an environment that will jump-start a collaborative and synchronized approach to risk management. 4
The Risk Intelligent Board Viewing the World through Risk-Colored Glasses Actions for the Risk Intelligent Board Here are several additional steps you and your board can take along 4. Think about your risk framework. Don’t address risk in an ad hoc the path to Risk Intelligence: manner. Make sure there is an appropriate framework over which the risk governance activities occur. Tools that may prove helpful 1. Broaden your view of risk. Don’t limit your deliberations to fraud are the COSO ERM framework2 and Deloitte’s Risk Intelligence prevention, inventory protection, IT security, and the like. These Framework. are all important items, to be sure, but they are more related to “survive” than to “thrive.” Embrace the concept of Risk Intelligence 5. Line up with management. Work in synch, not at odds. Make sure to attain a proper balance between value protection and value that management is aligned and coordinated with the board’s point creation. Read our foundational whitepaper on the topic: “The Risk of view on risk. Require of management the legwork necessary to Intelligent Enterprise™: ERM Done Right1.” support the board’s desire for the highest and most practical level of risk governance achievable3. 2. Take a hard look at the board. Evaluate the risk governance structure within the board and its committees. Determine to what 6. Assess risk performance. Assure there are periodic, independent extent risk oversight is occurring. Assess whether the board’s assessments to evaluate the effectiveness of the full risk approach is practical and responsive to the challenge. Bring in management program. It is the board’s duty to determine whether internal audit or an outside party to assist with the assessment. risk processes are as rigorous as they can be. After all, you don’t want to first learn of shortcomings when the mother of all risks 3. Don’t underestimate the challenge. Your work as a board member lands on your doorstep and you didn’t see it coming. does not begin and end with the risk report. Rather, it requires a commitment of your time and intellect to understand the issues Finally, as an aid to “seeing it coming,” don’t forget that essential and activities that underlie the report. Your board should engage in fashion accessory. Get yourself a pair of risk-colored glasses — and a meaningful dialogue around risk overstatement and understatement few extra pairs for your fellow board members. — that is, consider if your company is overly risk averse — and at the same time, determine if you have sufficient coverage in the areas of risk exposure. 5
The Risk Intelligent Board Viewing the World through Risk-Colored Glasses Contacts Endnotes Stephen Wagner 1. This and other risk-related titles may be downloaded at no charge at Managing Partner www.deloitte.com/RiskIntelligence. U.S. Center for Corporate Governance 2. “Enterprise Risk Management — Integrated Framework,” Deloitte & Touche LLP The Committee of Sponsoring Organizations of the Treadway +1 617 437 2200 Commission, www.coso.org. swagner@deloitte.com 3. For more information, see our Risk Intelligence title focused on Maureen Errity the chief information officer and the chief audit executive at Director www.deloitte.com/RiskIntelligence. U.S. Center for Corporate Governance Deloitte LLP +1 212 492 3997 merrity@deloitte.com 6
The Risk Intelligent Board Viewing the World through Risk-Colored Glasses
#8222 About Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu and its member firms. © 2008 Deloitte Touche Tohmatsu. All rights reserved.

Recommandé

6th Securitylitigation Dpt
6th Securitylitigation Dpt6th Securitylitigation Dpt
6th Securitylitigation DptDhaval Thakur
 
2007 FPA Symposium
2007 FPA Symposium2007 FPA Symposium
2007 FPA SymposiumPreethi Parmar
 
Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Enterprising Non-Profits
 
IRM Risk Leaders Conference
IRM Risk Leaders ConferenceIRM Risk Leaders Conference
IRM Risk Leaders Conferencemurray3675
 
Sf 2009 Agenda
Sf 2009 AgendaSf 2009 Agenda
Sf 2009 Agendajeewayk
 
Due Diligence And Liability For Non Executive Board Members
Due Diligence And Liability For Non Executive Board MembersDue Diligence And Liability For Non Executive Board Members
Due Diligence And Liability For Non Executive Board MembersCyril Soeri
 
Deepwater: Business Ethics Simulation
Deepwater: Business Ethics SimulationDeepwater: Business Ethics Simulation
Deepwater: Business Ethics Simulationwaynebuck
 
Managing Human Risk
Managing Human RiskManaging Human Risk
Managing Human RiskMuschara Error Management Consulting, LLC
 

Recommandé

6th Securitylitigation Dpt
6th Securitylitigation Dpt6th Securitylitigation Dpt
6th Securitylitigation DptDhaval Thakur
 
2007 FPA Symposium
2007 FPA Symposium2007 FPA Symposium
2007 FPA SymposiumPreethi Parmar
 
Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Enterprising Non-Profits
 
IRM Risk Leaders Conference
IRM Risk Leaders ConferenceIRM Risk Leaders Conference
IRM Risk Leaders Conferencemurray3675
 
Sf 2009 Agenda
Sf 2009 AgendaSf 2009 Agenda
Sf 2009 Agendajeewayk
 
Due Diligence And Liability For Non Executive Board Members
Due Diligence And Liability For Non Executive Board MembersDue Diligence And Liability For Non Executive Board Members
Due Diligence And Liability For Non Executive Board MembersCyril Soeri
 
Deepwater: Business Ethics Simulation
Deepwater: Business Ethics SimulationDeepwater: Business Ethics Simulation
Deepwater: Business Ethics Simulationwaynebuck
 
Managing Human Risk
Managing Human RiskManaging Human Risk
Managing Human RiskMuschara Error Management Consulting, LLC
 
Risck intelligence in the energy and resources industry
Risck intelligence in the energy and resources industry Risck intelligence in the energy and resources industry
Risck intelligence in the energy and resources industry Franco Ferrario
 
Tackling the Corporate Governance Debacle & Institutionalising BUsiness Ethic...
Tackling the Corporate Governance Debacle & Institutionalising BUsiness Ethic...Tackling the Corporate Governance Debacle & Institutionalising BUsiness Ethic...
Tackling the Corporate Governance Debacle & Institutionalising BUsiness Ethic...ThistlePraxis Consulting Limited
 
FSI_Third Party Risk Management_Deloitte PoV
FSI_Third Party Risk Management_Deloitte PoVFSI_Third Party Risk Management_Deloitte PoV
FSI_Third Party Risk Management_Deloitte PoVFrederic Girardeau-Montaut
 
Deloitte_Risk Sensing
Deloitte_Risk SensingDeloitte_Risk Sensing
Deloitte_Risk SensingFrederic Girardeau-Montaut
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk Managementfrancjohn
 
deloitte-nl-risk-cyber-value-at-Risk-in-the-Netherlands
deloitte-nl-risk-cyber-value-at-Risk-in-the-Netherlandsdeloitte-nl-risk-cyber-value-at-Risk-in-the-Netherlands
deloitte-nl-risk-cyber-value-at-Risk-in-the-NetherlandsDominika Rusek
 
Risk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarRisk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarAviva Spectrum™
 
Operational Risk Management
Operational Risk ManagementOperational Risk Management
Operational Risk Managementarsqureshi
 
ISO 27005 Risk Assessment
ISO 27005 Risk AssessmentISO 27005 Risk Assessment
ISO 27005 Risk AssessmentSmart Assessment
 
Risk assessment principles and guidelines
Risk assessment principles and guidelinesRisk assessment principles and guidelines
Risk assessment principles and guidelinesHaris Tahir
 
Risk Management Framework
Risk Management FrameworkRisk Management Framework
Risk Management FrameworkAnand Subramaniam
 
A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)
A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)
A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)NAFCU Services Corporation
 
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas FinalBehavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Finalksteadman
 
Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...
Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...
Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...Resolver Inc.
 
Risk Dashboard
Risk Dashboard Risk Dashboard
Risk Dashboard Michel Rochette
 
Fact Newsletter September 2011
Fact Newsletter September 2011Fact Newsletter September 2011
Fact Newsletter September 2011syosko
 
Irm Risk Appetite
Irm Risk AppetiteIrm Risk Appetite
Irm Risk AppetiteHassan Zaitoun
 
Guiding Principles for Cyber Risk Governance
Guiding Principles for Cyber Risk GovernanceGuiding Principles for Cyber Risk Governance
Guiding Principles for Cyber Risk GovernanceDavid X Martin
 
Managing Risk in Uncertain times
Managing Risk in Uncertain timesManaging Risk in Uncertain times
Managing Risk in Uncertain timesChris Fletcher
 
LEVICK Weekly - Mar 22
LEVICK Weekly - Mar 22LEVICK Weekly - Mar 22
LEVICK Weekly - Mar 22LEVICK
 
Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Enterprising Non-Profits
 
Risk Forum For Attendees
Risk Forum For AttendeesRisk Forum For Attendees
Risk Forum For AttendeesRichard Anderson
 

Contenu connexe

En vedette

Risck intelligence in the energy and resources industry
Risck intelligence in the energy and resources industry Risck intelligence in the energy and resources industry
Risck intelligence in the energy and resources industry Franco Ferrario
 
Tackling the Corporate Governance Debacle & Institutionalising BUsiness Ethic...
Tackling the Corporate Governance Debacle & Institutionalising BUsiness Ethic...Tackling the Corporate Governance Debacle & Institutionalising BUsiness Ethic...
Tackling the Corporate Governance Debacle & Institutionalising BUsiness Ethic...ThistlePraxis Consulting Limited
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk Managementfrancjohn
 
deloitte-nl-risk-cyber-value-at-Risk-in-the-Netherlands
deloitte-nl-risk-cyber-value-at-Risk-in-the-Netherlandsdeloitte-nl-risk-cyber-value-at-Risk-in-the-Netherlands
deloitte-nl-risk-cyber-value-at-Risk-in-the-NetherlandsDominika Rusek
 
Risk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarRisk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarAviva Spectrum™
 
Operational Risk Management
Operational Risk ManagementOperational Risk Management
Operational Risk Managementarsqureshi
 
Risk assessment principles and guidelines
Risk assessment principles and guidelinesRisk assessment principles and guidelines
Risk assessment principles and guidelinesHaris Tahir
 

En vedette (11)

Risck intelligence in the energy and resources industry
Risck intelligence in the energy and resources industry Risck intelligence in the energy and resources industry
Risck intelligence in the energy and resources industry
 
Tackling the Corporate Governance Debacle & Institutionalising BUsiness Ethic...
Tackling the Corporate Governance Debacle & Institutionalising BUsiness Ethic...Tackling the Corporate Governance Debacle & Institutionalising BUsiness Ethic...
Tackling the Corporate Governance Debacle & Institutionalising BUsiness Ethic...
 
FSI_Third Party Risk Management_Deloitte PoV
FSI_Third Party Risk Management_Deloitte PoVFSI_Third Party Risk Management_Deloitte PoV
FSI_Third Party Risk Management_Deloitte PoV
 
Deloitte_Risk Sensing
Deloitte_Risk SensingDeloitte_Risk Sensing
Deloitte_Risk Sensing
 
Project Risk Management
Project Risk ManagementProject Risk Management
Project Risk Management
 
deloitte-nl-risk-cyber-value-at-Risk-in-the-Netherlands
deloitte-nl-risk-cyber-value-at-Risk-in-the-Netherlandsdeloitte-nl-risk-cyber-value-at-Risk-in-the-Netherlands
deloitte-nl-risk-cyber-value-at-Risk-in-the-Netherlands
 
Risk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches WebinarRisk Assessments Best Practice and Practical Approaches Webinar
Risk Assessments Best Practice and Practical Approaches Webinar
 
Operational Risk Management
Operational Risk ManagementOperational Risk Management
Operational Risk Management
 
ISO 27005 Risk Assessment
ISO 27005 Risk AssessmentISO 27005 Risk Assessment
ISO 27005 Risk Assessment
 
Risk assessment principles and guidelines
Risk assessment principles and guidelinesRisk assessment principles and guidelines
Risk assessment principles and guidelines
 
Risk Management Framework
Risk Management FrameworkRisk Management Framework
Risk Management Framework
 

Similaire à Deloitte The Risk Intelligent Board Viewing The World Through Risk Coloured Glasses 12 Pgs 2008

A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)
A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)
A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)NAFCU Services Corporation
 
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas FinalBehavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Finalksteadman
 
Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...
Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...
Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...Resolver Inc.
 
Fact Newsletter September 2011
Fact Newsletter September 2011Fact Newsletter September 2011
Fact Newsletter September 2011syosko
 
Guiding Principles for Cyber Risk Governance
Guiding Principles for Cyber Risk GovernanceGuiding Principles for Cyber Risk Governance
Guiding Principles for Cyber Risk GovernanceDavid X Martin
 
Managing Risk in Uncertain times
Managing Risk in Uncertain timesManaging Risk in Uncertain times
Managing Risk in Uncertain timesChris Fletcher
 
LEVICK Weekly - Mar 22
LEVICK Weekly - Mar 22LEVICK Weekly - Mar 22
LEVICK Weekly - Mar 22LEVICK
 
Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Enterprising Non-Profits
 
Risk Governance Conference - Board Governance and Emerging Risks in the 21st ...
Risk Governance Conference - Board Governance and Emerging Risks in the 21st ...Risk Governance Conference - Board Governance and Emerging Risks in the 21st ...
Risk Governance Conference - Board Governance and Emerging Risks in the 21st ...FERMA
 
The Imperatives of Investment Suitability
The Imperatives of Investment SuitabilityThe Imperatives of Investment Suitability
The Imperatives of Investment Suitabilityfinametrica
 
Extended Enterprise : Managing risk in complex 21st century organisations IRM...
Extended Enterprise : Managing risk in complex 21st century organisations IRM...Extended Enterprise : Managing risk in complex 21st century organisations IRM...
Extended Enterprise : Managing risk in complex 21st century organisations IRM...IRM India Affiliate
 
Thoughts on Direction of Ops Risk Management -V4 0
Thoughts on Direction of Ops Risk Management -V4 0Thoughts on Direction of Ops Risk Management -V4 0
Thoughts on Direction of Ops Risk Management -V4 0Amrut Joshi
 
Sap 2009 06 02 Risk Management
Sap 2009 06 02 Risk ManagementSap 2009 06 02 Risk Management
Sap 2009 06 02 Risk ManagementPierre Harboun
 
Managingintoughtimes
ManagingintoughtimesManagingintoughtimes
ManagingintoughtimesVoscur Staff
 

Similaire à Deloitte The Risk Intelligent Board Viewing The World Through Risk Coloured Glasses 12 Pgs 2008 (20)

A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)
A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)
A Bridge Too Far? Risk Appetite, Governance and Corporate Strategy (Whitepaper)
 
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas FinalBehavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
Behavioral Economics At Work Nunnally, Steadman, Baxter Las Vegas Final
 
Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...
Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...
Risk Reimagined! Series- The Importance of People and Culture to Effective Ri...
 
Risk Dashboard
Risk Dashboard Risk Dashboard
Risk Dashboard
 
Fact Newsletter September 2011
Fact Newsletter September 2011Fact Newsletter September 2011
Fact Newsletter September 2011
 
Irm Risk Appetite
Irm Risk AppetiteIrm Risk Appetite
Irm Risk Appetite
 
Guiding Principles for Cyber Risk Governance
Guiding Principles for Cyber Risk GovernanceGuiding Principles for Cyber Risk Governance
Guiding Principles for Cyber Risk Governance
 
Managing Risk in Uncertain times
Managing Risk in Uncertain timesManaging Risk in Uncertain times
Managing Risk in Uncertain times
 
LEVICK Weekly - Mar 22
LEVICK Weekly - Mar 22LEVICK Weekly - Mar 22
LEVICK Weekly - Mar 22
 
Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)Social Enterprise Learning Toolkit (Risk Management Module)
Social Enterprise Learning Toolkit (Risk Management Module)
 
Risk Forum For Attendees
Risk Forum For AttendeesRisk Forum For Attendees
Risk Forum For Attendees
 
Geoff hoad
Geoff hoadGeoff hoad
Geoff hoad
 
Risk Governance Conference - Board Governance and Emerging Risks in the 21st ...
Risk Governance Conference - Board Governance and Emerging Risks in the 21st ...Risk Governance Conference - Board Governance and Emerging Risks in the 21st ...
Risk Governance Conference - Board Governance and Emerging Risks in the 21st ...
 
The Imperatives of Investment Suitability
The Imperatives of Investment SuitabilityThe Imperatives of Investment Suitability
The Imperatives of Investment Suitability
 
#Kdk At εεχμτ 2010 12 03 V10
#Kdk At εεχμτ 2010 12 03 V10#Kdk At εεχμτ 2010 12 03 V10
#Kdk At εεχμτ 2010 12 03 V10
 
Risk govjuly2012
Risk govjuly2012Risk govjuly2012
Risk govjuly2012
 
Extended Enterprise : Managing risk in complex 21st century organisations IRM...
Extended Enterprise : Managing risk in complex 21st century organisations IRM...Extended Enterprise : Managing risk in complex 21st century organisations IRM...
Extended Enterprise : Managing risk in complex 21st century organisations IRM...
 
Thoughts on Direction of Ops Risk Management -V4 0
Thoughts on Direction of Ops Risk Management -V4 0Thoughts on Direction of Ops Risk Management -V4 0
Thoughts on Direction of Ops Risk Management -V4 0
 
Sap 2009 06 02 Risk Management
Sap 2009 06 02 Risk ManagementSap 2009 06 02 Risk Management
Sap 2009 06 02 Risk Management
 
Managingintoughtimes
ManagingintoughtimesManagingintoughtimes
Managingintoughtimes
 

Dernier

Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...lizamodels9
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...ictsugar
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppelCorporation
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionMintel Group
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadAyesha Khan
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Timedelhimodelshub1
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Riya Pathan
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckHajeJanKamps
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCRashishs7044
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis UsageNeil Kimberley
 
International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...ssuserf63bd7
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCRashishs7044
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy Verified Accounts
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Servicecallgirls2057
 

Dernier (20)

Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Perera
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted Version
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Time
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage
 
International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...International Business Environments and Operations 16th Global Edition test b...
International Business Environments and Operations 16th Global Edition test b...
 
Corporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyCorporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information Technology
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
8447779800, Low rate Call girls in Uttam Nagar Delhi NCR
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail Accounts
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
 

Deloitte The Risk Intelligent Board Viewing The World Through Risk Coloured Glasses 12 Pgs 2008

  • 1. Risk Intelligence Series Issue No. 12 The Risk Intelligent Board Viewing the World through Risk-Colored Glasses
  • 2. The Risk Intelligent Board Viewing the World through Risk-Colored Glasses This paper originally appeared in the Winter 2008 issue of Deloitte Review, a semiannual magazine published by Deloitte LLP. For more information, please visit www.deloittereview.com. Disclaimer These materials and the information contained herein are provided by Deloitte Touche Tohmatsu and are intended to provide general information on a particular subject or subjects and are not an exhaustive treatment of such subject(s). Accordingly, the information in these materials is not intended to constitute accounting, tax, legal, investment, consulting, or other professional advice or services. The information is not intended to be relied upon as the sole basis for any decision which may affect you or your business. Before making any decision or taking any action that might affect your personal finances or business, you should consult a qualified professional adviser. These materials and the information contained therein are provided as is, and Deloitte Touche Tohmatsu makes no express or implied representations or warranties regarding these materials or the information contained therein. Without limiting the foregoing, Deloitte Touche Tohmatsu does not warrant that the materials or information contained therein will be error-free or will meet any particular criteria of performance or quality. Deloitte Touche Tohmatsu expressly disclaims all implied warranties, including, without limitation, warranties of merchantability, title, fitness for a particular purpose, noninfringement, compatibility, security, and accuracy. Your use of these materials and information contained therein is at your own risk, and you assume full responsibility and risk of loss resulting from the use thereof. Deloitte Touche Tohmatsu will not be liable for any special, indirect, incidental, consequential, or punitive damages or any other damages whatsoever, whether in an action of contract, statute, tort (including, without limitation, negligence), or otherwise, relating to the use of these materials or the information contained therein. As used in this document, quot;Deloittequot; means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its If any of the subsidiaries. foregoing is not fully enforceable for any reason, the remainder shall nonetheless continue to apply.
  • 3. Table of Contents The Risk Intelligent Board 1 Viewing the World through Risk-Colored Glasses The Buck Stops...Where? 2 The Risk Intelligent Board 3 Can We Talk? 4 Actions for the Risk Intelligent Board 5 Contacts � Endnotes � iii
  • 4. The Risk Intelligent Board Viewing the World through Risk-Colored Glasses
  • 5. The Risk Intelligent Board Viewing the World through Risk-Colored Glasses The Risk Intelligent Board Viewing the World through Risk-Colored Glasses By Stephen Wagner and Maureen Errity Recently, a colleague told us two offbeat and seemingly unrelated wisdom. Yet despite this extraordinary diversity of viewpoints, we stories: believe that every member of the board should don a pair of risk- colored glasses. He said he just had his septic system repaired. Out in the yard, inspecting the work in progress, his contractor pointed to the walls of We expect this tinted eyewear to become increasingly popular. These the freshly excavated pit. “That is some beautiful soil down there,” the days, you can’t even sit on a public company board without giving contractor said. at least cursory attention to risk. The New York Stock Exchange requires the audit committee of all listed companies to annually He then recounted an experience at a recent medical exam. While discuss the company’s financial risk exposures and understand how drawing his blood, the nurse nodded toward his bare forearm. “Those management addresses such risks. Several shareholder ratings services are truly impressive veins you’ve got there,” she said. and institutional investors now include risk management in their corporate evaluations. And, of course, the potential for out-of-pocket We must admit, this coworker had us curious. What could possibly be settlements paid by board members or costly shareholder suits against the point of these strange recollections? the company have driven home the point in boardrooms across the “The point is,” our colleague quickly told us, “that everybody has a land — risk has become personal. view of the world that is shaped by their knowledge and experience. I looked down in that hole and saw rocks and dirt. He looked in and But an annual chat (and perhaps a panicked wallet clutch) does not saw hydraulic gradients and soil permeability. I looked at my arm and constitute what we consider a risk intelligent approach by the board. saw a purplish line. She saw a protuberant median cubital vein with To meet their fiduciary responsibilities, directors must share a common high productivity potential.” vision of risk and adopt a framework to support their risk oversight activities. Unfortunately, today, these elements are lacking at many Ah, we were starting to get it now. Two people can look at precisely companies. the same thing and see something entirely different? This is not to imply that boards are negligent when it comes to risk. “Exactly!” he said. “And that same lesson applies to business. The Quite the contrary; most board members make careful deliberations perspective that you bring to an issue will influence your response to and bring to bear their best judgment. They summon the chief risk, that issue. Your view of the world will profoundly affect your business strategy, and audit executives, along with the external auditor and decisions.” others who manage exposures to risk and related policies, to appear “OK,” we said gamely, knowing we were being set up. “And exactly before the board. They listen to presentations, ask tough questions, how do you look at business issues?” and review reports. “I look at all business issues through the same lens,” he said. “The Laudable but, unfortunately, insufficient. What is lacking is a context lens of risk.” for understanding the issues. The board has nothing to benchmark against; directors have no process or framework in place to allow them to take an independent, objective view. As a result, they are left grappling with risk on an almost intuitive level, an ad hoc approach Analyze the demographics of most corporate boards and you’ll find that allows issues to slip through the cracks. And, as has been a heterogeneous collection of exceptional talent. The skills members demonstrated countless times, when risks are not managed properly, bring to the table reflect a wealth of experience, knowledge, and bad things almost inevitably happen. 1
  • 6. The Risk Intelligent Board Viewing the World through Risk-Colored Glasses The Buck Stops …Where? Boards are under pressure — regulatory, legal, fiduciary, stakeholder risk burdens, but rather makes sure these groups attend to their risk — to oversee the risk management activities of the company. But responsibilities by providing a coordinating and harmonizing function. many board members are unsure how to approach their risk-related When the risk management structure is optimized, every board responsibilities. They are uncertain about roles and delineation of committee will have risk on its agenda. Financial risk falls within the responsibility. They wonder where to start and how to bring all the domain of the audit committee; compensation risks, the compensation disparate pieces together. committee; and succession risk, the nominating committee. (Note, In fact, many options are open to companies as they develop a however, that overall succession planning responsibility usually framework for managing risk. One of the earliest questions that must rests with the full board, with the nominating committee often be addressed: Where does risk oversight belong at the board level? taking a lead role in beginning the diligence process.) Each of these Companies have tried myriad approaches, each of which offers pluses committees, in turn, reports back to the full board, which processes and minuses: the information to develop a full-spectrum picture of risk. And, finally, the loop is closed when the full board addresses risk issues with 1. Keep risk responsibilities at the full board level. This approach management on a regular basis. gives risk issues a broad and thorough airing for the entire board membership. However, it can also be unwieldy and inefficient to get Thus, in companies large and small, the buck stops with the full board. into detailed risk considerations with the full body. But the currency can pass through many hands along the way. 2. Delegate overall risk responsibilities to the audit committee. This is a seemingly logical choice. But in the Sarbanes-Oxley era, the audit “...many board members are unsure how to approach their risk-related responsibilities. They are uncertain about roles and deline- ation of responsibility. They wonder where to start and how to bring all the disparate pieces together.” committee may be the most overworked of all board committees. Financial risk is already on its agenda, as is the less-clear-cut financial risk oversight required by NYSE listing standards. Piling on operational, strategic, and enterprise-wide risks may present an undue burden that could result in insufficient oversight. 3. Create a risk management committee. This option represents a good choice for many companies (including our parent organization, Deloitte LLP, which recently created a risk committee of its own). Many financial services companies maintain dedicated risk committees; they are less common, but not unheard of, in other industries. Full boards with large memberships are more likely to spin off separate risk committees; smaller boards tend to retain risk oversight within their own ranks. Of course, creating a risk committee is no panacea. In fact, it can be counterproductive if other board committees get the notion that their risk problems are solved because the risk committee is on the job. The risk committee does not relieve other board committees of their 2
  • 7. The Risk Intelligent Board Viewing the World through Risk-Colored Glasses The Risk Intelligent Board influence analysts’ assessments of cash flows, impact ratings, and, ultimately, affect shareholder value. Thus, he made the radical decision to sell off his mature-but-still-profitable divisions and search for new businesses that were complementary but had greater growth potential. “...an annual chat (and perhaps a panicked wallet clutch) does not constitute what we consider a risk-intelligent approach by the board. To meet their fiduciary responsibilities, directors must share a common vision of risk and need a framework to support their risk oversight activities.” Of course, the CEO had to convince the board of the wisdom of What is the most important function of the board? Many board the strategy, which proved a hard sell. Like many, this board was a members and board watchers would contend it is overseeing the conservative group whose view of risk was limited to the protection development of corporate strategy. Indeed, no other activity — except of existing assets, not intelligent risk-taking for reward. Ultimately, the possibly the selection of the chief executive — exerts such a potentially CEO presented a persuasive case and the board agreed to the move. profound impact on the long-term fortunes of the company. Both the board and the executive took some heat from shareholders Case in point: We are acquainted with the CEO of a large financial and analysts, but they proved prescient over the long haul. Jettisoning publisher consisting of a parent company and several divisions. When several demonstrated “golden geese” and replacing them with an he was hired several years back, he took over a solid company that unproven flock had the potential to lay an egg. The strategy worked, had enjoyed many successive quarters in the black. He could have just reenergizing stock value and doubling the company’s share price ridden out the wave for a few more years and, chances are, his board over a several-year period. With its board educated on the merits of and shareholders would have been just fine with that. intelligent risk-taking for reward, the company avoided a likely period But this CEO knew that standing pat was risky in itself. He evaluated of slow decline and instead ushered in an era of sustainable growth. the long-term growth potential of the company and determined that Unfortunately, many boards have not yet attained this enlightened many of its divisions were mature and incapable of sustaining double- perspective. Historically, if the board considered risk at all, it was of digit growth rates. He also knew that a growth slowdown would the value-protection variety, manifested in insurance policies, currency hedges, futures contracts, and the like. There is nothing wrong with this focus; it is a critical function of the board. But it represents a “half “...creating a risk committee is no panacea. a loaf” approach. Done properly, risk management oversight includes In fact, it can be counterproductive if other addressing risks to the achievement of long-term strategy. And for any company that hopes to compete and grow, long-term strategy involves board committees get the notion that their risk-taking for reward. risk problems are solved because the risk The active pursuit of risk is essential — calculated risk-taking is a committee is on the job.” fundamental precept of capitalism. Without risk-taking, the prospect of innovation diminishes, competitive advantage evaporates, and, with it, shareholder value. The board must be involved. 3
  • 8. The Risk Intelligent Board Viewing the World through Risk-Colored Glasses Can We Talk? One way the board can get involved is quite simple — talk it up. Merely putting risk on the agenda for discussion starts a process that will spur creative thinking and generate illuminating discourse. Whether the initial conversation takes place at a committee level, at the full board level, or both is not as important as getting the discussion started. The topic of risk should be placed on the full board meeting agenda on a regular basis, perhaps several times per year. And it will play an important role in board strategy retreats. (Obviously, risk will show up with greater frequency on the committee agendas.) By broaching the risk discussion at the board level, one pervasive problem is immediately confronted — the tendency for risk management activities to take place in “silos.” Most companies spread risk management across the organization. Treasury manages credit risk; IT oversees technology and information risk; facilities handles real property risk. This level of specialization is essential to effective risk management. But problems can arise if these risk specialists remain in isolation, never venturing from their bunkers. Among the potential concerns: the “big picture” remains out of focus; disparities arise in the terminology used to talk about risk and the metrics used to measure it; and risks in combination and cascading risk scenarios don’t enter into the discussion. To combat these problems, the board can act as a catalyst to bridge the silos. By bringing various risk managers into the same room to present their perspectives and strategies on risk, the board is creating an environment that will jump-start a collaborative and synchronized approach to risk management. 4
  • 9. The Risk Intelligent Board Viewing the World through Risk-Colored Glasses Actions for the Risk Intelligent Board Here are several additional steps you and your board can take along 4. Think about your risk framework. Don’t address risk in an ad hoc the path to Risk Intelligence: manner. Make sure there is an appropriate framework over which the risk governance activities occur. Tools that may prove helpful 1. Broaden your view of risk. Don’t limit your deliberations to fraud are the COSO ERM framework2 and Deloitte’s Risk Intelligence prevention, inventory protection, IT security, and the like. These Framework. are all important items, to be sure, but they are more related to “survive” than to “thrive.” Embrace the concept of Risk Intelligence 5. Line up with management. Work in synch, not at odds. Make sure to attain a proper balance between value protection and value that management is aligned and coordinated with the board’s point creation. Read our foundational whitepaper on the topic: “The Risk of view on risk. Require of management the legwork necessary to Intelligent Enterprise™: ERM Done Right1.” support the board’s desire for the highest and most practical level of risk governance achievable3. 2. Take a hard look at the board. Evaluate the risk governance structure within the board and its committees. Determine to what 6. Assess risk performance. Assure there are periodic, independent extent risk oversight is occurring. Assess whether the board’s assessments to evaluate the effectiveness of the full risk approach is practical and responsive to the challenge. Bring in management program. It is the board’s duty to determine whether internal audit or an outside party to assist with the assessment. risk processes are as rigorous as they can be. After all, you don’t want to first learn of shortcomings when the mother of all risks 3. Don’t underestimate the challenge. Your work as a board member lands on your doorstep and you didn’t see it coming. does not begin and end with the risk report. Rather, it requires a commitment of your time and intellect to understand the issues Finally, as an aid to “seeing it coming,” don’t forget that essential and activities that underlie the report. Your board should engage in fashion accessory. Get yourself a pair of risk-colored glasses — and a meaningful dialogue around risk overstatement and understatement few extra pairs for your fellow board members. — that is, consider if your company is overly risk averse — and at the same time, determine if you have sufficient coverage in the areas of risk exposure. 5
  • 10. The Risk Intelligent Board Viewing the World through Risk-Colored Glasses Contacts Endnotes Stephen Wagner 1. This and other risk-related titles may be downloaded at no charge at Managing Partner www.deloitte.com/RiskIntelligence. U.S. Center for Corporate Governance 2. “Enterprise Risk Management — Integrated Framework,” Deloitte & Touche LLP The Committee of Sponsoring Organizations of the Treadway +1 617 437 2200 Commission, www.coso.org. swagner@deloitte.com 3. For more information, see our Risk Intelligence title focused on Maureen Errity the chief information officer and the chief audit executive at Director www.deloitte.com/RiskIntelligence. U.S. Center for Corporate Governance Deloitte LLP +1 212 492 3997 merrity@deloitte.com 6
  • 11. The Risk Intelligent Board Viewing the World through Risk-Colored Glasses
  • 12. #8222 About Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu and its member firms. © 2008 Deloitte Touche Tohmatsu. All rights reserved.