Board agendas are getting reset to accommodate deep discussions on Risk Management.
Five key themes are emerging:
– Can the COSO framework 2019 be raised to the level of a global acceptance to measure the internal preparedness of all major entities to determine their own stance on risk and opportunities management?
– Can mind-sets be altered to get ideas of abundance, exponential thinking, transformational purpose and world altering actions in a risk adjusted manner?
– Shouldn’t all Internal Auditing and control practices pivot to Cyber Security and ESG considerations?
– Can the training of all Risk Management personnel be raised to Level 5 in the prescribed hierarchy of International Risk Management Institute? Will this would guarantee an organisation wide understanding of endogenous and exogenous causes of Risk and a choice of mitigation measures that are effective as preventatives?
– Is reporting on Risk Management an idea whose time has come?
The obvious answer to all these questions is a resounding YES. What is critical is to have a road map to install risk management systems, set up risk guard rails, measure and track the effectiveness of controls, prioritise the installation of systems and processes, present the framework and action plans to the Audit committee or the Risk Management Committee and to actually simulate all risk events becoming visible in the external environment to determine whether any of the weak controls visible can affect the enterprise. This outside in, systematic process is leading to great value addition to many large enterprises.
Regulators like the RBI are insisting on a robust risk management infrastructure, technology adoption, identified, high level leadership, organisational clout and a constant raising of the bar. All other regulators, including SEBI, IRFA, PFRDA and MCA are equally emphasising the need and desirability of a robust Risk Assessment and Management process. With this regulatory thrust and the volunteerism on boards, the activity is gaining the high importance that it deserves.
It is essential that the framework, platforms, benchmarks and simulations be deployed at scale to enhance the earnings of Corporate India and to protect the substrates that will protect the business models of the existing enterprises. New startups must be born risk-effective as much as they are born digital. It is in this new world where the Institute of Risk Management will lead you to a professional pathway in ERM (Level 1 onwards) to Certified Fellow (Level 5).
Blog Author: Shailesh Haribhakti, Chairman, Shailesh Haribhakti & Associates, Strategic Advisory Board Member, IRM India