Chapter 3 ERM at Mars and University of California Paper Chapter 3 presented the approach Mars, Incorporated used to implement ERM, and chapter 5 presented

Chapter 3 ERM at Mars and University of California Paper Chapter 3 presented the approach Mars, Incorporated used to implement ERM, and chapter 5 presented the University of California Health System’s ERM development. In what ways are the two organization’s approaches to ERM similar? How do they differ? Choose one aspect of each ERM implementation from which the other organization would benefit and explain why.

To complete this assignment, you must do the following:

A) As indicated above, describe in what ways the two organization’s approaches to ERM are similar. Also, explain how they differ. Choose one aspect of each ERM implementation from which the other organization would benefit and explain why.

250 – 300 words ENTERPRISE RISK
MANAGEMENT
The Robert W. Kolb Series in Finance provides a comprehensive view of the field
of finance in all of its variety and complexity. The series is projected to include
approximately 65 volumes covering all major topics and specializations in finance,
ranging from investments, to corporate finance, to financial institutions. Each volume in the Kolb Series in Finance consists of new articles especially written for the
volume.
Each Kolb Series volume is edited by a specialist in a particular area of finance, who
develops the volume outline and commissions articles by the world’s experts in
that particular field of finance. Each volume includes an editor’s introduction and
approximately thirty articles to fully describe the current state of financial research
and practice in a particular area of finance.
The essays in each volume are intended for practicing finance professionals, graduate students, and advanced undergraduate students. The goal of each volume is
to encapsulate the current state of knowledge in a particular area of finance so that
the reader can quickly achieve a mastery of that special area of finance.
ENTERPRISE RISK
MANAGEMENT
John Fraser
Betty J. Simkins
The Robert W. Kolb Series in Finance
John Wiley & Sons, Inc.
c 2010 by John Wiley & Sons, Inc. All rights reserved.
Copyright
Published by John Wiley & Sons, Inc., Hoboken, New Jersey.
Published simultaneously in Canada.
No part of this publication may be reproduced, stored in a retrieval system, or
transmitted in any form or by any means, electronic, mechanical, photocopying,
recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the
1976 United States Copyright Act, without either the prior written permission of the
Publisher, or authorization through payment of the appropriate per-copy fee to the
Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923,
(978) 750-8400, fax (978) 750-4470, or on the web at www.copyright.com. Requests
to the Publisher for permission should be addressed to the Permissions Department,
John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011,
fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: While the publisher and author have used
their best efforts in preparing this book, they make no representations or warranties with
respect to the accuracy or completeness of the contents of this book and specifically
disclaim any implied warranties of merchantability or fitness for a particular purpose. No
warranty may be created or extended by sales representatives or written sales materials.
The advice and strategies contained herein may not be suitable for your situation. You
should consult with a professional where appropriate. Neither the publisher nor author
shall be liable for any loss of profit or any other commercial damages, including but not
limited to special, incidental, consequential, or other damages.
For general information on our other products and services or for technical support,
please contact our Customer Care Department within the United States at (800) 762-2974,
outside the United States at (317) 572-3993 or fax (317) 572-4002.
Wiley also publishes its books in a variety of electronic formats. Some content that
appears in print may not be available in electronic books. For more information about
Wiley products, visit our web site at www.wiley.com.
Library of Congress Cataloging-in-Publication Data:
Fraser, John, 1946–
Enterprise risk management : today’s leading research and best practices for
tomorrow’s executives / John Fraser, Betty J. Simkins
p. cm. – (The Robert W. Kolb series in finance)
Includes index.
ISBN 978-0-470-49908-5 (cloth)
1. Risk management. I. Simkins, Betty J., 1957– II. Title.
HD61.F74 2010
658.15–dc22
Printed in the United States of America
10 9 8 7 6 5 4 3 2 1
Contents
Foreword by Robert S. Kaplan
PART I Overview
1
2
Enterprise Risk Management: An Introduction
and Overview
xix
1
3
What Is Enterprise Risk Management?
Drivers of Enterprise Risk Management
Summary of the Book Chapters
Overview
ERM Management, Culture, and Control
ERM Tools and Techniques
Types of Risks
Survey Evidence and Academic Research
Special Topics and Case Studies
Future of ERM and Unresolved Issues
Notes
About the Editors
3
4
5
5
6
8
10
12
13
15
16
16
A Brief History of Risk Management
19
Introduction
Risk Management in Antiquity
After the Middle Ages
The Past 100 Years
Notes
About the Author
19
19
20
21
28
29
3 ERM and Its Role in Strategic Planning
and Strategy Execution
Rising Expectations for Strategic Risk Management
ERM Positioned as Value-Adding
Board Demands for More Strategic Risk Management
Integrating Risk into Strategic Planning
Recognizing Strategic Business Risk
Evaluating Strategic Business Risk
31
32
33
34
34
35
36
v
vi
Contents
11 Tenets of the Return Driven Framework
Using a Framework to Build a Strategic Risk Management Mindset
Creating a Strategic Risk Mindset and Culture
A Strategic Risk Management Mindset
Recognizing Value of Strategic Risk Management at High-Performance
Companies
Building a Strategic Risk Assessment Process
Strategic Risk Management Processes
Focus on Genuine Assets at Risk
Strategic Risk Management and Performance Measurement
Critical Steps for Value-Added Strategic Risk Management
Conclusion
Notes
About the Authors
4 The Role of the Board of Directors and Senior
Management in Enterprise Risk Management
Introduction
Governance Expectations for Board Oversight of Risk Management
Delegation of Risk Oversight to Board Committees
Formalizing Risk Management Processes
Senior Executive Leadership in Risk Management
The Role of the Internal Audit Function in ERM
External Audit as an Independent Source of Key Risk Identification
ERM Implementation Strategies
Role of the Audit Committee
Role of the Board
Training
Board Composition
Reporting
Compliance
Culture
Conclusion
Notes
37
39
40
40
42
42
43
44
45
47
48
48
50
51
51
52
58
58
60
61
61
62
62
63
64
64
65
66
66
66
67
PART II ERM Management, Culture, and Control
69
5 Becoming the Lamp Bearer: The Emerging Roles
of the Chief Risk Officer
71
The Origins of the CRO
The CRO as Compliance Champion
The CRO as Modeling Expert
The CRO as Strategic Controller
The CRO as Strategic Advisor
Which CRO Role to Play?
Conclusion
Notes
72
75
76
77
78
79
81
82
CONTENTS
6
7
vii
References
Acknowledgments
About the Author
82
85
85
Creating a Risk-Aware Culture
87
The Importance of Culture
Defining Culture
The Goals of Culture
The Importance of Culture
When the Chips Are Down
Culture Can Discourage Good Risk Taking
Elements of a Risk-Aware Culture
Behavioral Elements
Process Elements
How to Create a Risk-Aware Culture
Defining the Elements
Measuring and Monitoring
Involvement and Buy-In
Openness
Tone from the Top
Alignment of Incentives and Rewards—Walking the Talk
What Does Risk Management Have to Do?
Conclusion
References
About the Author
87
87
87
88
88
90
91
91
91
91
91
92
93
93
93
93
94
95
95
95
ERM Frameworks
97
Introduction
Introduction to the ISO Risk Management Framework
Principles of Risk Management and Excellence in Risk Management
Elements of an ERM Framework
ERM Framework: Concept and Elements
Risk Management Process (RMP)
Risk Management Process: Context
Risk Management Process: Risk Assessment
Risk Management Process: Risk Treatment
Risk Management Process: Monitoring and Review
Risk Management Process: Communication and Consultation
Risk Management Process: Recording the Risk Management Process
Mandate and Commitment to the ERM Framework
Rationale for Commitment to ERM
Gap Analysis for ERM
Context for ERM Framework
Design, Decision, and Implementation of the ERM Framework
Risk Management Policy
Policies for the ERM Framework
Policies for Risk Management Decisions
Review of Policies
97
97
99
100
100
102
105
106
109
109
109
110
110
111
111
112
112
113
113
113
117
viii
Contents
Integration of Risk Management and Resources for ERM
Communications, Consultation, and Reporting
Accountability
Continuous Improvement
Conclusion
References
About the Author
8 Identifying and Communicating Key Risk Indicators
Introduction
What Is a Key Risk Indicator?
Definition
Examples of KRIs
Differentiation from Key Performance Indicators
Practical Applications
Validate Organizational Planning and Monitor Performance
Enhance Operational Efficiency and Effectiveness
Clarify Risk-Taking Expectations
Monitor Risk Exposures
Measure Risk
Value of KRIs to Risk Management
Design Principles
Keep the Stakeholders and Objectives in Mind
Leverage Management Insight and Existing Metrics
Have a Good Basic Understanding of the Risks
Limit Indicators to Those That Are Most Representative
Ensure Clarity in What Is Being Measured
Focus More on Objective Measures
Consider the Wider Set of KRIs
Consider the Relative Importance of KRIs
Monitor for Continual Usefulness
Think Longer Term
Implementation Considerations
Obtaining Buy-In
Lack of Resources and Skills
Data and Technology Challenges
Integration with Business Activities
Sustainability of the KRI Framework
Conclusion
Note
Acknowledgment
About the Author
118
119
120
121
122
122
123
125
125
126
126
126
128
129
129
130
131
132
133
134
135
135
135
135
136
136
136
136
136
137
137
137
138
138
138
139
139
139
139
140
140
PART III ERM Tools and Techniques
141
9 How to Create and Use Corporate Risk Tolerance
143
Introduction
What Is Risk Tolerance?
143
144
CONTENTS
Why Is Setting Risk Tolerance Important?
What Are the Factors to Consider in Setting Risk Tolerance?
Attitude About Risk
Goals
Capability to Manage Risk
Capacity to Take Risk
Cost/Benefit of Managing Risk
How Can Your Organization Make Risk Tolerance Useful
in Managing Risk?
Conclusion
Notes
About the Authors
10
11
ix
144
145
146
146
147
149
150
150
152
153
154
How to Plan and Run a Risk Management Workshop
155
Introduction
What Is a Risk Workshop?
Why Use Workshops?
How to Conduct a Risk Workshop
Preparation
Identify the Sponsor
Set the Objectives of the Workshop
Set the Scope
Assemble Reference Materials
Set the Agenda
Decide on Attendees
Arrange Venue
Execution
Facilitate the Workshop
Record the Results
Prepare the Final Report
Techniques for Planning and Facilitating Effective
Risk Workshops
“Anonymous” Voting
Useful Facilitation Tips
Tough Spots
Conclusion
About the Author
155
155
156
156
156
157
158
159
160
162
164
164
165
165
167
167
How to Prepare a Risk Profile
171
Introduction
Definition and Uses of a Corporate Risk Profile
Common Types of Corporate Risk Profiles
The “Top 10” List
The Risk Map
The Heat Map
Advantages and Disadvantages of Information-Gathering
Methodologies
168
168
169
169
170
170
171
171
173
173
173
174
176
x
Contents
How to Prepare a “Top 10” Risk Profile—Hydro One’s Experience
Step 1: Schedule Interviews and Gather Background Information
Step 2: Prepare the Interview Tools
Step 3: Summarize the Interview Findings
Step 4: Summarize the Risk Ratings and Trends
Step 5: Draft the Top 10 Risk Profile
Step 6: Review the Draft Risk Profile
Step 7: Communicate the Risk Profile with the Board
or Board Committee
Step 8: Track the Results
Conclusion
Notes
References
About the Author
12 How to Allocate Resources Based on Risk
Introduction
Risk Policy and a Center of Excellence for Risk Management
Key Policy Elements
Center of Excellence
Translating Strategic Objectives into Risk-Based Concepts
The Consequence Domain
The Probability Domain
The Integration of Business Objectives/Risk Events/Risk Concepts
Risk-Based Business Processes and Organizational Considerations
Risk-Based Business Processes
Organizational Considerations
Concepts, Methods, and Models Enabling Risk Identification,
Evaluation, Mitigation, Prioritization, and Management
The Concept of Evaluation Time Frames
Methods and Models to Quantify the Impact of Risk Events
Prioritization of Investment Proposals
Management of the Portfolio of Preferred Investment Proposals
Information Requirements and Challenges
Operational Risk Assessment Information
Strategic Risk Assessments
Measures of Effectiveness for Continuous Improvement
Conclusion
Notes
About the Author
Appendix 12.A
13 Quantitative Risk Assessment in ERM
Introduction
Risk Assessment: Four Alternative Approaches
Method 1: Active Management of the Largest Risks
Method 2: “High/Medium/Low” Classification of Risks:
The Two-Dimensional Risk Map
176
177
178
181
182
182
184
185
186
186
186
187
188
189
189
191
191
192
192
193
197
198
200
200
204
206
206
207
209
211
211
212
212
213
213
214
216
216
219
219
222
222
224
CONTENTS
Method 3: Risk Assessment Using Refined Classifications:
Refining the Classification
Method 4: Statistical Analysis
Aggregating Probabilities and Impacts
Total Corporate Risk: An Illustration
Incorporating Risk Quantification in the Business Planning Process
Sensitivities and Scenarios
Conclusion
Notes
References
About the Author
PART IV Types of Risk
14
Market Risk Management and Common Elements
with Credit Risk Management
Introduction to Credit Risk and Market Risk
A Taxonomy of Market and Credit Risk
Credit and Market Risk in an ERM Framework
Responding to Credit and Market Risk
The Case for Actively Managing Market Risk
The Case for Not Actively Managing Market Risk
Natural Market Risk Management
Measuring Market Risk
The Markets as Risk Indicators
Measuring Potential Impact
Earnings at Risk
Market Risk Management with Forward-Type Products
Market Risk Management with Option-Type Products
Trade-Offs Between Option Strategies and Forward Strategies
Operational Issues of Using Derivatives
Governance and Oversight of Market Risk Management
Conclusion
Notes
References
About the Author
15
xi
225
229
230
232
233
233
234
235
235
235
237
239
239
240
241
242
243
244
245
246
247
248
249
250
253
255
256
257
259
259
260
260
Credit Risk Management
261
Credit Risk Analysis
Fundamental Analysis of Credit Default Risk (Probability of Default)
Market-Based Analysis of Credit Default Probability
Statistical-Based Models of Credit Risk
Credit Risk Mitigation
An Analysis of the Credit Crisis
Conclusion
Notes
261
263
266
268
269
272
277
277
xii
Contents
References
About the Author
16 Operational Risk Management
Introduction
What Is Operational Risk and Why Should You Care About It?
Is Risk All Bad?
How Do You Assess Operational Risks, Particularly in a Dynamic
Business Environment?
Why You Need to Define Risk Tolerance for Aligned Decision Making
What Can You Do to Effectively Manage Operational Risk?
How Do You Encourage a Culture of Risk Management
at the Operational Level?
How Do You Align Operational Risk Management with Enterprise
Risk Management?
Conclusion
Notes
About the Author
17 Risk Management: Techniques in Search of a Strategy
Introduction
Current Situation
Risk Strategy Framework
Governance
New Directions
Enterprise Risk Management (ERM): The First Step
Enterprise Resilience (ER): The Next Step?
Conclusion
Notes
References
About the Author
18 Managing Financial Risk and Its Interaction
with Enterprise Risk Management
Introduction
What Is Financial Risk and How Is It Managed?
Case 1: Currency Price Risk: The Multinational Corporation
Case 2: Interest Rate Risk: The “Heavy-Debt” Firm
Case 3: Commodity Price Risk: The Firm with a Highly
Volatile Input Cost
Theoretical Underpinnings of Financial Hedging
and Empirical Findings
Hedging Reduces Expected Costs of Financial Distress
and Underinvestment
Hedging Creates More Debt Capacity
Hedging Reflects the Incentives of the Firm’s Management and Board
Does Hedging Affect Firm Value?
277
278
279
279
280
283
284
287
289
296
297
300
301
301
303
303
304
307
312
314
314
315
316
316
318
320
321
321
322
323
324
324
325
325
326
326
327
CONTENTS
Interaction of Financial Hedging with Other Types
of Risk Management
Credit Risk Management
Operational Risk Management
Strategic Risk Management
Reputation and Legal Risk Management
Financial Reporting and Disclosure Risk Management
What Can We Learn About ERM Given Our Knowledge
of Financial Hedging?
Notes
References
About the Author
19
20
21
Bank Capital Regulation and Enterprise
Risk Management
xiii
328
328
329
330
330
331
332
333
333
334
337
Introduction
The Evolution of Bank Capital Requirements
Overview of U.S. Capital Ratios
Basel I
Basel II
Enterprise Risk Management (ERM) and Economic Capital
Conclusion
Notes
References
About the Author
337
337
338
339
341
343
345
346
347
349
Legal Risk Post-SOX and the Subprime Fiasco:
Back to the Drawing Board
351
Introduction
The Legal Framework of Legal and Reputational Risk Management
The Federal Rules of Professional Responsibility for Attorneys
Whistle-Blower Protection Under Sox
Audit Reform
Codes of Conduct
An Assessment of the SOX Framework on Legal
and Reputational Risk
The Subprime Fiasco
The SOX Shortcomings
Toward Optimal Reputational and Legal Risk Management
Conclusion
Note
References
About the Author
351
352
355
357
358
358
Financial Reporting and Disclosure Risk Management
369
The Importance of Disclosure Management and ERM
Foundations in the United States
369
370
359
360
362
363
365
365
365
367
xiv
Contents
Disclosure and Sarbanes-Oxley
New Group for Reporting: Public Company Accounting
Oversight Board
Important SOX Sections
Section 404: Internal Controls and Compliance Management
Section 302: Who Is Responsible for Financial Reporting?
Other Financial Reporting
Accounting for Derivatives—FASB 133
Firm Choice for FASB 133 and Disclosure Risk Management
Risk Identification, Monitoring, and Reporting
Financial Reporting Challenges Today
Paring Down Internal Control: Auditing Standard 5 (AS5)
Global Financial Crisis and ERM
Reexamining Fair Value Accounting: FASB 157
Conflicts with International Standards: Rules versus Principles
Adding ERM to Company Credit Ratings
Conclusion
Notes
References
About the Author
PART V Survey Evidence and Academic Research
22
Who Reads What Most Often?: A Survey of Enterprise
Risk Management Literature Read by Risk Executives
371
371
372
372
372
375
375
375
377
379
379
379
380
381
383
383
383
384
384
385
387
Introduction
Survey Methodology
Survey Results
Survey Respondent Profile
ERM Tools and Techniques Used by Respondents
Most Frequently Read Literature on ERM
Critical Areas of Need
Key Findings of Our Survey
Conclusion
Appendix 22.A: Publications Included in the Survey
Appendix 22.B: Survey Respondents Who Gave Permission
to Be Identified
Notes
References
About the Authors
387
389
390
390
392
396
399
400
402
403
23 Academic Research on Enterprise Risk Management
419
Introduction
Academic Research on Enterprise Risk Management
Colquitt, Hoyt, and Lee (1999)
Kleffner, Lee, and McGannon (2003)
Liebenberg and Hoyt (2003)
410
410
412
416
419
420
425
426
426
24
CONTENTS
xv
Beasley, Clune, and Hermanson (2005a)
Beasley, Clune, and Hermanson (2005b)
Desender (2007)
Beasley, Pagach, Warr (2008)
Pagach and Warr (2008a)
Pagach and Warr (2008b)
Gates, Nicolas, and Walker (2009)
Case Studies on ERM
Harrington, Niehaus, and Risko (2002)
Aabo, Fraser, and Simkins (2005)
Stroh (2005)
Acharyya and Johnson (2006)
Nocco and Stulz (2006)
Conclusion
Notes
References
About the Authors
427
428
429
429
430
431
431
432
432
434
434
435
436
436
437
438
439
Enterprise Risk Management: Lessons from the Field
441
Introduction
Lessons from the ERM Process
Clarifying Strategies and Objectives
Identifying Risks
Assessing Risk
Acting on the Risks
Monitoring Risks
Lessons from Integrating ERM with Ongoing
Management Initiatives
Strategic Planning and ERM
The Balanced Scorecard and ERM
Budgeting and ERM
Internal Auditing and ERM
Business Continuity Planning, Crisis Preparedness, and ERM
Corporate Governance and ERM
Some Key Value Lessons from ERM
Conclusion
Notes
References
Further Reading
About the Authors
441
442
442
443
444
448
449
PART VI Sp…
Purchase answer to see full
attachment