Here’s an article we do not see very often (read: never). Joseph Allred, a CPA from Texas, writes about the value of ERM in a manufacturing organization. Although the content is consistent with what many of us often write about, I found it refreshing to focus on a non-financial for a change.
The author does articulate his points nicely about the difficulty implementing ERM:
ERM has been difficult to implement primarily because organizations approach it as a massive project. Initially, combining distributed risk management efforts is a big job. It takes time to migrate from the old risk-management model that often involved diverse, independently operated functional areas to one that is holistically managed and owned by a specific functional area.
However, ERM should be a phased, evolutionary process that focuses first on the highest entity-level risks and supporting process-level risks. Using this right-sized method, the effort gradually filters outward through the organization while keeping the scope manageable.
While ERM does not eliminate functional area efforts, a realignment of authority, accountability and responsibility establishes greater risk-management timeliness, consistency, efficiency and effectiveness. The holistic perspective provides the basis for managing risk across the organization, rather than just assessing risk in a vacuum.