ExampleBoardRiskReporting-RIMS.ppt

Board Risk Oversight Improvement ERM: required and also increases value, lowers earnings volatility, leads to better decisions, improves reputation… Governance metrics are used by analysts, viewed by the market, bad/good news, impact the ability to attract board members We have governance metrics and board assessment but not BRO metrics or assessment Board Risk Oversight Improvement Benchmark, review, improve ERM and BRO BRO Methods BRO assessment and self-assessment BRO metrics and questions Board Risk Oversight Improvement NACD 10 Deloitte 20/21 BRO 30 (Walker et al. 2012) RCC 27 (Walker et al. 2014) Board Risk Oversight Tool In recent work the authors found that the number one tool used by companies to manage risk is not some sophisticated modeling tool or even a risk assessment exercise. Instead, the number one tool preferred by many companies is to have a conversation about risks with management, and with and among the board. The tool presented here is not meant to replace that conversation, but should be used to ignite that conversation. For each question for which the board believes there is a lack of consensus, the board should have a discussion about why they are not following this practice. In some cases, the questions are rooted in mandated regulations. In other cases, they are considered a best practice by many companies and by the research team. * Confidential; not for distribution Tool The board and the organization have a rigorous strategic plan which incorporates all major and emerging risks. The board is comfortable that management has identified all enterprise level risks. The board has a clearly defined risk oversight process and has clearly established risk responsibility. The organization has a CRO or ERM leader with direct line reporting to the board or a respective board committee. The board quarterly reviews risk maps, risk dashboards, or related risk reporting. The board and organization go beyond risk maps and generate risk action pl