Quick thought of the day: Should the Board of Trustees be included in your ERM Assessment Cycle?
Enterprise Risk Management (ERM) provides reasonable assurance to the university’s management and Board of Directors that the core mission and objectives are achieved. Assessments are completed throughout the university, identifying risks, mitigation steps, and action plans to further the benefit of an ERM program. But, what about the Board of Trustees (BoT)? Should they be included?
According to both Protiviti and the North Carolina State University’s Poole College of Management, the proper placement of the Chief Risk Officer (CRO) is vital to getting the most out of the position. And, we couldn’t agree more. The CRO is charged with many responsibilities, among them the ability to stimulate discussions and think against the grain. In fact, the ERM Initiative Faculty at NCSU state
The old viewpoint that innovation only occurs at growing organizations who take risks has long been dismissed by many leading universities and corporations. However, the idea that enterprise risk management (ERM) can co-exist with innovation, let alone promote and partner with it, is still viewed as polarizing. But, is this accurate?
Enterprise Risk Management (ERM) is often looked at as a way to prevent risks from ever happening. In other words, when the threat occurs, a barricade is in place to prevent any damage from happening. By taking this approach, many strategists will be let down. And wrong.
In today’s Enterprise Risk Management (ERM) world, organizations have learned to focus on the risks that affect their ability to meet goals and objectives. And rightly so; by definition, this is a vital component to successfully operating an ERM program. Having the capability to show executive staff and board members where cracks exist in the foundation, as well as the amount of resources needed to mitigate, prevent, or fix those cracks, is a benefit all companies should instill.
Pressure on the Board of Directors for higher education and corporate America has always been high, but thanks to recent developments in compliance enterprise risk management, Board of Directors are starting to be held personally responsible. According to Steven Minsky, expectations include the choice between proving their risk management programs are effective or disclosing their ineffectiveness to the public. In other words, the ability to claim that they were unaware is no longer a defense.