Explaining the Why of Enterprise Risk Management

During the North Carolina State University’s ERM Roundtable Summit this fall, one of the topics of conversation focused on how to involve more people from across the organization in ERM. During this discussion, we were all asked, “how many of you have talked extensively about ‘what ERM is’ and explained ‘we are conducting surveys, interviews, and then assessing the risks…’?” All of the hands went up.

Then, “how many have actively explained the ‘why of ERM’ for your organization?”

The answer: very few.

Then it occurred to me…I have talked extensively about the “what” of enterprise risk management (ERM) when I explained the differences between traditional risk management and ERM. And there are a multiple of “how to” resources on various topics, like risk identification, risk assessment, and using ERM to support strategy.

And I have even explained some of the “why of ERM” to you.

But what we haven’t talked about is this concept: ERM is like an internal consulting department within your organization. So instead of treating yourself like another employee or your ERM team as just another department, think of ERM like this…

You have to convince the other departments that they need the services of ERM and the value ERM can bring to them.

The reality is that you have to think about what they want to get from you, not necessarily what you want to “sell” or think they should want to “buy.” This can be a difficult reality for ERM professionals, especially since there is usually one standard process that you use across the entire organization. Another way to think about your standard process is this: you can use variations of this process, but you explain it to the department based on their pain points.

For example, if they are struggling with inefficient processes and need more people, tell them that ERM can help look at those processes and the risks they are addressing. This assistance can help determine if the processes are even needed, which would free up those people’s time for other, more valuable activities.

Another hard reality: departments will not want to work with you if they cannot relate to you.

Have you focused on building relationships with contacts in those departments? Relationships are hugely important but are often overlooked within the risk management field.

Does your ERM team have the right personalities to do the wide variety of tasks related to ERM? If your team is full of analysts but not someone comfortable talking with people or presenting information to executives, then ERM could be suffering unintentionally.

When you talk to people, show your enthusiasm for ERM. Talk about more than why ERM is important to the organization. Talk about why you are passionate for ERM. Make it personal to make that connection. A key piece of advice – ask them about themselves. Why do they do what they do? What do they love about their job? What are their biggest challenges?

The answers to these questions will give you some guidance as to how you should talk about ERM with them.

How have you “sold” ERM within your organization?

I’m interested to hear about your experiences, so please feel free to leave a comment below or join the conversation on LinkedIn.

And if your organization needs assistance in expanding the outreach of ERM, please contact me to discuss your situation today.

Featured image courtesy of “Fletcher6” via Wikimedia Commons

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

Receive Our Weekly Blog Updates

Meet Carol Williams, SDS Founder & Lead Strategist

To our readers:

This blog was launched to provide strategy and risk practitioners with a go-to resource to better guide their efforts within their companies. Thank you for bringing me and my team along to be part of your journey towards better risk management, strategic planning and execution, and overall decision-making. Happy reading!

Find more SDS Insights