No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Risk

12 Steps to Make ERM a Team Sport

by Gary W. Patterson
March 21, 2016
in Risk
how to make enterprise risk management a team sport

Unless ERM is treated as a team sport, with the company Board fully “on board,” the company will flounder when:

  • Overwhelmed with other issues,
  • Unfamiliar risks related to specific situations occur or
  • The sheriffs in the C-Suite who formerly interacted with the ERM designee Board member view the political risks as too costly to point out the “175-pound gorillas” in the room.

This puts one’s business at risk of a 175-pound gorilla growing into the proverbial 800-pound gorilla or even worse, into 800 dead rats. Before the blink of an eye and with brute strength, that dreaded multimillion-dollar roof comes crashing down.

In real life, there are never enough resources vis-à-vis people, money or time needed to take advantage of the myriad opportunities to solve all of the problems rapidly piling up on one’s desk. So, how does one increase Board and organization involvement in integrating enterprise risk management into the corporate DNA? And where can the right person be found to assist in reaching that goal?

How you might find value for your organization

Fortunately, at the National Association of Corporate Directors Global Board Leaders’ Summit, attending professionals provided generous and timely advice.

They confidentially offered new insights and suggested 12 highly focused steps for organizations in the various phases of transforming ERM into a team sport, requiring only minimal investments of money, people and time.

Review of Rating Scale

Organizations are graded on a level of 1 to 10. At level 1, there is little or no full Board involvement with ERM; all such decisions are delegated to a internal or external risk expert. This is indicative of complete apathy and preference to ignore. At level 10, the opposite end of the scale, Board members are fully engaged and exhibiting a strategic and value-based orientation, as well as enthusiastic ERM buy-in.

Increasing Board participation and engagement in ERM

Three key elements with broad application to some degree include the following:

  • The lower the score, the less risk management function or expertise within the organization. Logically, small cap, middle market or family businesses are less likely to employ a Chief Risk Officer or risk management department.
  • What infrastructure do most organizations have that can be expanded upon at a reasonable cost? Logical starting places include strategic planning, safety, procurement, business continuity and internal audit.
  • Taking into account the wisdom of one’s organizational peers. This type of resource is readily available and the roadmaps listed can be applied to one’s own organization to search for underlying strategic operational issues without spending political capital with colleagues.

The next step is based on the previously calculated business score.

If the organization is between 1 and 3: Do what needs to be done to start the process. Just verbalizing that this can be an issue is a reasonable first step.  Passionate advocates may suggest that the million-dollar blind spot, if found now, may save your company, your job or a friend’s job further down the line.

The top three suggestions for moving forward:

1.      Obtain the CEO’s buy-in for ERM and have them drive accountability.

2.      Create an agenda to address the organization’s top major risks.

3.      Hire an IT Director to search for and resolve seemingly invisible system risks.

If the organization rated between a 4 and 6: Good, why not move toward applying a common-sense orientation to risk management processes to add ROI and move further away from the Sarbox Hell of the prior phase?

The three top suggestions offered to move up:

4.      Align compensation with risk strategy and its execution.

5.      Coordinate a strategy review, with benchmarks, on how to get to conference-winning team sport status.

6.      Finalize resolution of all remaining items from the lowest phase on up.

Once seeing what exists versus needs, consider where can you add some bench strength in areas that may be lacking or decide where and how to outsource to obtain access to specific skill sets that may be limited within your organization.

If the organization rated between a 7 and 9: Going for Great –well done! After a deserved pat on the back, consider how to further improve and receive even more value from balancing risk and reward and expand that lead.

The 3 top suggestions for a first place win:

7.      Maximize the collective wisdom of the team – i.e. through group brainstorming and scenario planning.

8.      Determine if it is necessary for your company to move up to a 10 at this time.

9.      Involve an independent third party who can provide truly objective feedback.

Once the distinction between “what exists” and “what is needed” is made clear, areas requiring some extra bench strength and/or where to outsource to obtain limited access to specific skill sets become clear.

If the organization rated a 10: Golden Great, you are at the top of your game and probably reaping ROI benefits that make the process well worth the effort.

The 3 top suggestions offered to maintain this outstanding status:

10.  Complete the move to a dedicated resource group.

11.  Take ERM to an even higher level by analyzing what or how an outsider could demolish your company.

12.  Invest in compliance software and in a competent team to manage it.

In conclusion, give careful consideration to these proven 12 suggestions and apply those that make the most sense at this point in your organization’s life cycle. After all, taking any of these actions will help make ERM more of a team sport and increase your chances of success.

Portions of this piece were initially shared in Risk & Compliance Magazine and are republished here with the author’s permission.


Previous Post

PWC: SHARE REPURCHASES AND DIVIDENDS

Next Post

The Importance of Understanding Corrupt Intent

Gary W. Patterson

Gary W. Patterson

Gary W. Patterson, president & CEO of FiscalDoctor®, works with leaders who want to uncover their blind spot; before it finds them, so that they can make better decisions. He can also help increase profitability, providing access to 100 best-of-the-best experts who are often better and cheaper than incumbents. Gary can be reached at 678-319-4739 or gary@FiscalDoctor.com.  

Related Posts

kroger

Blocked, Sued and CEO-Less: How Kroger’s Board Must Navigate Triple Crisis

by Conor Johnston
June 9, 2025

Failed mergers often trigger talent exodus and shareholder fury, but strategic refocusing on core competencies can turn regulatory setbacks into...

polluted water

PFAS Reporting Window Delayed, but Waiting to Act on ‘Forever Chemicals’ Could Be Risky

by Cally Edgren
June 9, 2025

Technical issues on government portal give companies short reprieve

money

CCO Salary Increases Cooling Off

by Staff and Wire Reports
June 6, 2025

35% of executives give boards high marks

overwhelming stacks of documents

Why Contract Management Is No Longer Legal’s Problem

by Matt Lhoumeau
June 6, 2025

As companies eliminate dedicated legal departments, contract ownership is shifting to teams that view agreements as business processes, not just...

Next Post
In the world of compliance, proving corrupt intent isn't always easy

The Importance of Understanding Corrupt Intent

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights