Trends in enterprise risk management to support greater transparency

In my role at STG I get to see how many organizations are rolling out risk management across their businesses. One trend that's emerging is a definite swing away from taking a specific project or division to focus on as an ERM pilot.

An increased requirement for transparency - evidenced by the recent SEC rule 33-9089 - and a need to risk-adjust business plans and forecasts to aid certainty, means that many organizations are looking at an immediate 'lite-touch', enterprise-wide risk management approach.

You could liken it to taking the pulse of the organization - rather than to giving a top-to-toe examination of just one part of the business - and missing the symptoms elsewhere which might kill you.

The lite-touch approach will provide an enterprise-wide health check relatively quickly which will highlight the areas which need more focus. However it does have implications for information sharing, buy-in and cultural change. But in today's climate this seems like an infinitely sensible approach - as a first step - but you will still need to follow up to join up the top-down and bottom-up to cover all levels in the organization. Only when this is done will you increase the probability of detecting emerging risks.