Page 12 - Pharma eZine 140828
P. 12
Imperaive for managing risk in pharma
Dr. Robert Pojasek is the Managing Partner of RL This deiniion clearly places risk in the context of Benchmarking to ISO 31000
Expert Group LLC where he leads an internaional what a corporaion seeks to achieve: its objecives.
sustainability and risk management consuling Risk arises because the corporaion and its value To manage reputaion, a corporaion needs to
pracice. Dr. Pojasek teaches a popular distance chain operate in an uncertain world. Objecives have a coninuous process that supports internal
learning sustainability and risk management are set in the corporaion’s mission statement, changes and decisions and allows it to respond
course at Harvard University. You can reach him but to achieve them the governance must contend well to external changes – especially those
by email at rpojasek@rlexpert.com
with the internal and external context of every emerging stakeholder concerns that can afect its
e“lement in the value chain that it may not control reputaion. For this to take place efecively, the
Evoluion of Enterprise Risk Management
and which generates uncertainty and risk.
corporaions must embed risk management in
their normal business pracices and translate that
A quick scan of the literature reveals a plethora throughout the value chain. Here’s how this can
of aricles writen about risk and the damage that A successful enterprise be accomplished:
can impact a pharmaceuical company’s reputaion
when bad things happen. The pharmaceuical risk management First, all of the risk management iniiaives
industry is highly regulated. This regulaion has can be benchmarked to the ISO 31000 risk
been infused throughout its value chain. As a result, program that spans the management guidance. From this benchmarking
pharmaceuical and other life sciences companies enire value chain will process, the corporaion will be able to design a
focus on processes and controls in place to manage risk management framework to suit its business
risk. This is not risk management!
mean the pharmaceuical processes, structure, risk proile and risk appeite.
industry can be tough
Emphasis on risk management began to shit Second, the corporaion can benchmark all of its
with the advent of enterprise risk management operaing management systems (including the minded about how it can
(ERM) as speciied in regulaions similar to the ERM) to the ISO Consolidated Annex SL format. This
”
Sarbanes Oxley Secion 404 requirements for build and maintain the is the document that all ISO management systems
inancial reporing. This enterprise approach to risk are required to use as part of the revision process.
strong reputaion that it
management elevated the responsibility for risk Three standards have already been released in this
management to the Board of Directors, the Chief format: business coninuity, informaion security
deserves.
Execuive Oicer and the Chief Financial Oicer. and assets management. In 2015, the new quality
The ERM enables the corporate governance to and environmental management systems will
consider the potenial impact of all types of risks be released in the Annex SL format. If all of the
on all processes, aciviies, decisions, products and In the past, risk has been regarded solely as corporaion operaing systems are placed on the
services throughout the value chain. This should idenifying the negaive efects (threats) of same plaform, it is possible to embed the risk
result in enhanced compliance, assurance and uncertainty and seeking to avoid them or sharing management framework in all of these programs.
strategic decision-making.
the risk with others (e.g. insurance).
Third, the corporaion can benchmark how
The deiniion of risk used in the context of the ERM In the internaional risk management standard, operaing management systems are used
examines the possibility that an event will occur it is recognized that risk is indeed a fact of life throughout the value chain. It is essenial to have
and adversely afect the achievement of objecives. that cannot be avoided or denied. With this a risk management framework for the enire
The ERM process is designed to idenify potenial understanding of risk and how it is caused and enterprise that describes the broad strategies to
events that may afect the corporaion, to manage inluenced, it is possible to manage it so that the be pursued to manage reputaion.
risk to be within its risk appeite, and to provide objecives can be achieved. With this knowledge,
reasonable assurance regarding the achievement corporaions might even operate more efecively Conducing these benchmarks can lead to a
of corporate objecives. All eforts are made to and eiciently with improved results.
coninuous process that supports the development
ensure that risk management and internal controls and implementaion of the strategy of the
are fully integrated in the operaing management Risk is implicit in all decisions that are made. How corporaion and builds on what is already in place.
system.
these decisions are made will afect how successful A successful enterprise risk management program
the corporaion can be in achieving its objecives. that spans the enire value chain will mean the
Evoluion of Our Understanding of Risk
In ISO 31000, a risk management framework pharmaceuical industry can be tough minded
becomes a set of components that provide the about how it can build and maintain the strong
From its roots in the early 1990s, an Australian and foundaions and organizaional arrangements for reputaion that it deserves. We are reminded
of the character of Dorothy in the “Wizard of
New Zealand risk management standard (AS/NZS designing, implemening, monitoring, reviewing,
4360) became the catalyst for an internaional risk and coninually improving risk management Oz.” She always had the means of achieving her
management standard – ISO 31000:2009. Risk is throughout the organizaion. This is diferent than objecive (going home). She only needed to efect
deined as “the efect of uncertainty on objecives.”
what is currently done in an ERM.
the strategy to make it happen.
12 INSIGHT
