3 Ways to Mature your ERM Program and Why They’re All Bad

In a nutshell, ERM can be a powerful tool for ensuring executives are making risk-informed decisions and limited resources are being used in the most efficient manner.

Unfortunately, this isn’t something you can simply wish for and it’s done. Getting an ERM program to this point requires time and LOTS of patience and diligence.

There’s no doubt you want to mature your ERM program beyond a simple check-the-box, bureaucratic exercise. You have a few options to help mature your ERM program to protect and create value in your organization.

  1. Do-it-yourself

That’s right – the first option is just go at it alone, which can include one or all of the following:

While the DIY option requires minimal financial investment, it can be very time-consuming with little to show on the back end. How many hours have you spent doing research without getting anywhere?  30, 50, even 75 hours? What is your time worth? 

There are lots of great resources out there, many of which are available for free. The problem is that many resources do a great job of discussing theory but don’t focus so much on real-world application.

Also, taking in all of this information and then figuring out how to apply it to the unique circumstances of your organization (needs, organizational culture) could take years and hours upon hours. It’s safe to assume that you and your company’s leadership don’t want to wait that long.

Now I don’t want to disparage the value of reading and engaging with others because it can be extremely helpful in understanding different perspectives and approaches to ERM. However, when it comes to making real progress on maturing your ERM program, it can be daunting.

  1. Subscribe to a research service or join an organization

The next option available to mature your ERM program involves more financial investment but provides more resources at your disposal.

I’m specifically thinking of research services like CEB and organizations like the Risk and Insurance Management Society (RIMS), but there are others out there. I’m personally a member of RIMS and have previously used CEB.

While I found them helpful in providing information on how other organizations are managing risks to the enterprise, they provide no guidance specific to your organization. As I have explained elsewhere, what works for one organization won’t necessarily work for others. There are too many factors like your industry, organizational structure, culture, and more to consider.

Also, services like the two mentioned above are great information resources, but like option #1, it can be really hard to know how to apply the principles and ideas to your specific situation.  How much money have you spent on books, webinars, and memberships to get over that wall you keep hitting?  Hundreds, if not thousands, of dollars to be given materials that you now have to read and figure out if it is right for your company?

  1. Hire a large consulting firm

Another option you can consider for helping mature your ERM program is to hire a large consulting firm, which is by far the most expensive investment. These consultants come to your company and spend many hours speaking with you and your executives, crafting documents, facilitating meetings, and more.

There’s no doubt that hiring a large consulting firm can move the ball forward, but they do have their drawbacks.

Most consulting firms will employ a standard approach to helping mature your ERM program. While some of the things they propose will work well, there will always be areas that will require a bit more customizing to ensure it fulfills your needs.

And while they’ll certainly do the things mentioned above quite well, is it the right fit for your organization for the long haul?

Remember – ERM isn’t some quick exercise and it’s over. Instead, it requires constant action to ensure you’re properly identifying, assessing, and ultimately managing the right risks.

Also, the cost to hire a team and fly them to your location can easily run into the tens or hundreds of thousands of dollars.  The last thing you want is to spend $50k, $100k, or even $250k just to have the program falter in a year or two because it is not sustainable for your organization.

What steps have you taken to help mature your ERM program? What worked and what didn’t?

Please feel free to share your experience in the comments section below or join the conversation on LinkedIn.

I can speak from personal experience on each of these 3 options since I used them in my former role as an ERM director for a $7+ billion property insurance company. While they were all helpful to a degree, I felt each had their downsides.

That’s why I love my job as a consultant of a boutique ERM firm! Since I am not a part of a large firm dedicated to a certain approach, I can help you develop tailor-made solutions to mature your ERM program. I invite you to reach out to me  to discuss your ERM program and what we can do to move it forward.

After all, we all have goals to achieve this year. Do you have the resources you need to achieve your ERM goals for this year?

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

Receive Our Weekly Blog Updates

Meet Carol Williams, SDS Founder & Lead Strategist

To our readers:

This blog was launched to provide strategy and risk practitioners with a go-to resource to better guide their efforts within their companies. Thank you for bringing me and my team along to be part of your journey towards better risk management, strategic planning and execution, and overall decision-making. Happy reading!

Find more SDS Insights