Page 374 - COSO Guidance
P. 374
4 | Creating and Protecting Value: Understanding and Implementing Enterprise Risk Management
Board guidance published in South Africa offers a quick, ERM helps organizations identify, assess and manage the
useful way to think about the relationship between the risks to their strategies. It is a practical way to create and
board and strategy, risk, performance, sustainability, protect value and should be an integral part of the strategy
and value creation. See Example 1 below. The board is selection process. Understanding the role of ERM is key to
responsible for the oversight of the organization’s strategies avoiding a common mistake many organizations make. ERM
and their related risks. While it may delegate day-to- is not a separate, stand-alone function but is embedded
day responsibilities to management, it retains ultimate in the fabric of how the organization sets and monitors its
responsibility for oversight seeing that management is strategies and helps enhance the overall performance of
achieving the strategy and business objectives. Example 1 the organization. It also answers a question that some ask,
also introduces the concept of sustainability, the need for which is “What is the real value of ERM?” If you attempt
the organization to focus on value creation for the long term to answer that question with a separate, not aligned ERM
not just short-term maximization. activity, the answer is often unclear. If ERM is understood
and positioned as described by COSO, however, the answer
becomes clear; its benefit is improved decision making and
EX AMPLE 1 ultimately improved performance of the organization as it
The Relationship between Strategy, Risk, strives to meet its mission and achieve its strategies and
Performance and Value Creation business objectives.
Understanding and supporting these objectives for ERM are
The governing body should appreciate that critical for boards and managements to both help improve
the organization’s core purpose, its risks their organizations and to understand the benefit and return
and opportunities, strategy, business model, for an investment in ERM.
performance, and sustainable development
are all inseparable elements of the value
creation process. EX AMPLE 2
What ERM is
That simple statement and principle encapsulates
the thought process underlying the updated
COSO guidance namely the importance of linking • An ongoing/continuous process
and aligning strategy, risk, performance, and • A way to help create and preserve value
sustainability to create value and ensure the • Includes practices that management puts
long-term success of the organization.
in place to manage risks
• A process that can be used by
Source:
“King IV Report of Corporate Governance for South Africa 2016” organizations of any size
The Institute of Directors in Southern Africa, 2016, Page 40.
• An aid to making better decisions
What ERM is not
Linking the relationship between strategy and risk is
beneficial to evaluating which risks are most critical to
the organization. There are various levels of severity and • A separate activity, not coordinated or
impact of risks. ERM helps not only identify risks but also integrated with strategy setting activities
assesses which risks are significant enough to impair the • A separate staff function or department
organization’s ability to achieve its objectives. Those are • A “to-do” or checklist
the events and risks related to the core strategies that the • Applicable only to large, public companies
organization’s ERM activities must identify and manage to
be successful. • Simply a listing or inventory of risks
• A solely quantitative exercise
c oso . or g
