I was reading this article from Gary W Patterson called, “Enterprise Risk Management (ERM) Applied to Benefit Operations and Strategic Planning”. In it, Gary, a.k.a the FiscalDoctor™, addresses these five questions about ERM:
1. Does ERM focus only on money?
2. What activities does ERM involve?
3. What are ERM deliverables?
4. How do I know whether our ERM program is a success?
5. How does ERM fit into the goals and structure of the organization?
To see the entire article, click here. For this post, I only want to focus on the response to #4. How do I know whether our ERM program is a success?
Gary answers: “Determining whether an organization’s ERM program is a success is a judgment call. The judgment is based on the effectiveness of the eight ERM activities. Are the program deliverables and risk responses effective?”
While I agree there is some element of “judgment call”, we should be moving away from qualitative measures of success. With my ERM hat firmly on my head at all times, I am also able to squeeze my Six Sigma hat on my noggin. (Six Sigma is a methodology for process improvement with a focus on variability and measurement of defects.) At the heart of every Six Sigma engagement, one measures the current state of a process or output, then makes the improvement, then measures the future state and the difference. Thus, no judgment call but quantified proof.
I submit for an ERM project, one merely has to define some current and future state measures, as this is the sort of thing that Board members or leaders will want to see to compliment the only measure they are likely to focus on: the tens of thousands of dollars spent on consultants with little to show for it in the short-term.
Some examples of measures include: the number of risks identified, key risk indicators defined, action plans outstanding and completed, people trained on ERM, articles published on the Intranet, etc. If you have any more ideas, please leave your comments below.
Perhaps as a profession, risk practitioners need to move more in this direction so our performance can be measured against something tangible, because as discussed in earlier posts, it is difficult to measure success as “nothing bad has happened”.