An Enterprise Risk Management Program is NOT One-size Fits All

Designing an ERM program involves a lot of experimentation based on your company’s leadership, culture and operations

The board and/or executives have decided to establish an enterprise risk management (ERM) program.  You have been given the responsibility of designing an ERM program for your organization and have established that they are in it for the long-haul.  But where do you start?

There are so many resources (books, articles, webinars) out there, but you are having problems making heads or tails of it.  Much of it sounds like theory or textbook, but how do you know what will work for your organization?

As you read through the multitude of resources, including this article on governance documents, you question and second-guess yourself about so many areas, including:

  • how to engage with people,
  • the ways to identify risk,
  • how to assess the risks,
  • the best way to report risks to executives, and
  • how frequently to talk to people across your company.

“The theory and ideas floating around  sound great on paper, but will they work for me?”

You don’t want your ERM program to be one of those stories:  the program that dies a painful death or is just a check-the-box task.

You know the company – the personalities of the executives, the hectic (or not so hectic) schedules, how people prefer to communicate, and the operations of the company.  Wanting to get it right the first time likely means you are over-preparing.  Just like studying for an exam, there is such a thing as over-preparation or over-planning.

Designing an ERM program is like an experiment – you have to be mentally and emotionally ready to try things that may not work and make adjustments to get the best fit for your company.

designing an ERM program

As you are working to design the program, take a look around the organization to see what other activities related to risk-management are already being done.  Avoid the duplicative efforts.  Identify what is working (and not working) in those processes, and use that information to your advantage!

Ensure you are designing  an ERM program that fits  your organization

Use your knowledge of the organization to your advantage.  Use your network of people across the organization to understand some of the undercurrents.  Get people with influence across the company to buy-in and heartily support the idea of ERM.

Set the expectations from the very beginning, even before you start actually doing risk management.  Make sure to include these points in your messaging and conversations:

  • ERM is a long-term commitment, so don’t expect quick results.
  • Some activities will be experimental, and feedback is requested and appreciated.
  • ERM takes time if it is going to be done right…BUT it can provide so much value!
  • It is not a red-tape activity, not meant to create a bureaucracy, and not to be duplicative.

You and the program will succeed.  Just put on your lab coat, make sure you are ready to adapt on the fly, and get to it.

And remember, if you experience a hiccup or two along the way, a program can have a “reset” time – like discussed in this post – and emerge victorious!

What areas worried you when designing an ERM program and how did you overcome them?

I would love to hear from you.  Please share your thoughts in the comment field below, or join the conversation on LinkedIn.

Do you want someone to guide you through the process?  Are you struggling to get your risk management initiative off the ground or back on track? Contact me to discuss your program today, or continue browsing for more information.

Meme image courtesy of “Toeytoey” via

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

Receive Our Weekly Blog Updates

Meet Carol Williams, SDS Founder & Lead Strategist

To our readers:

This blog was launched to provide strategy and risk practitioners with a go-to resource to better guide their efforts within their companies. Thank you for bringing me and my team along to be part of your journey towards better risk management, strategic planning and execution, and overall decision-making. Happy reading!

Find more SDS Insights