Tuesday, February 12, 2019

Updates on Enterprise Risk Management (ERM) by Dr. Salifou

Enterprise Risk Management (ERM) promotes a prospect for conventional risk managers to take on a more strategic role, and assist their enterprise to create value while assimilating all core risks and prospects, both current and emergent. The 2008 financial crisis smashed the global economy poorly, leading to substantial losses for financial institutions like banks and insurance corporations. The downfall of Bear Stearns in March 2008 was a prologue to the financial collapse of the US investment banking system and its subprime mortgage market, as well as the following worldwide economic recession. Also by 2009, about eleven United States banks closed down mostly because of the credit disaster. Additionally, Wall Street’s leading financial companies such as Merrill Lynch and Lehman Brothers were added to this bankruptcy trend (Investment in Trading Advisor, 2008). Though the main upshot in the crisis mainly involved giant name investment banks, the insurance industry was unavoidably damaged by its low investment returns and thoughtless investment activities. For instance, the American International Group (AIG) over-invested in Credit Default Swaps (CDS) that developed in its scandalous US government bailout in September 2008 (Karnitschnig et al., 2008).

In reality, top-down and bottom-up efforts were desirable so that management was able to make strategic decisions based on a more inclusive accepting of a business (Angelina, 2008). Nevertheless, there was a significant opportunity for the Committee of Sponsoring Organizations of the Treadway Commission (COSO) to be redrafted or rephrased in the future. COSO’s 2013 report suggested that ERM could add value to organizations if their decision-makers and employees collaborated to address risk more thoroughly as if they own it. Many arguments started on why enterprise risk management failed in averting financial institutions from plummeting into the 2008 credit black hole.
ERM involves the identification and analyzing of companies’ loss along with their efforts to reduce that loss. Today, ERM and the conventional risk management or traditional risk management are the main risk approaches used by most organizations. Traditional risk management emphasis exclusively on risks and believes risk is an independent hazard. Businesses embracing this method departmentalize the risk accountabilities to diverse managers. Contrasting traditional risk management, ERM actually considers risks as unified and it should be instead integrated in business strategies and decision-making processes.

More researches should take place in order to find out more about why some organizations had implemented ERM while many more simply chose not to. ERM could enable organizations to adopt COSO’s ERM model more effectively, have a better understanding about the overall functions of risk, and a better risk strategy approach. ERM could also enable a better decision-making process and vision for organizational goals, strategy, and competitiveness. Risk is categorized in four components that include market risk, price risk, credit risk, and operational risk. Managing risk is more than just improvement. It is also about perfection or doing the very best. ERM is also about value added to organizations. It is a great vehicle for sophisticated predictions with regards to risk and other major organizational financial forecasts for many organizations within the financial industry.
Early research findings determined that ERM had the potential to enable organizations to minimize risk, increase revenues, and in the long run empower them with a credible competitive advantage. If that were the case, wouldn’t companies benefit from the ERM system by implementing COSO’s suggestions as the financial industries as well as the non-financial industries were experiencing a global economic crisis? Further studies on COSO’s ERM model was absolutely necessary in order to reach a better understanding of ERM concept and its effectiveness with regards to business strategy, competitive advantage, and value. Most organizations’ business strategy to reach their goals more efficiently is done by categorizing their objectives and assigning one or more categories to what is known as business projects. The success of these projects is vital to every organization as they represent the tools or inputs they need in order to accomplish their goals. Project managers usually managed these projects and their fundamental objectives is to ensure the projects success from start to finish. In order to do that and among many other factors that defined project management, project managers should take into consideration one very important aspect of project management, risk planning. The reality is that every project is subject to risk that could negatively or positively impact the project. Failure to capture those risks at an early stage could have tremendous impacts on the project’s outcomes.

That is why every organization/institution/corporation/small business should implement or at least pay very close attention to enterprise risk management.

Daniel A. Salifou, Ph.D.

Tuesday, November 15, 2016


Focus on Risk Management

Risk is really what matters as we make everyday decisions.  Whether it is about our personal life or making business decisions, there is always risk involved that could be beneficial or harmful.  The way we approach personal or business decisions always involves taking risk.  It is therefore, imperative to acknowledge that risk plays a fundamental role in daily decision-making process.  Effective risk management and risk priority management are means to monitor those changes. Decision makers are therefore, better off investing a great amount of time, efforts, and money if necessary to make sure organizations operate at a minimum risk or are capable of taking advantage of risk opportunities. The standards for project management recommended by the Project Management Institute (PMI) should be a universal technique guide for managing and prioritizing project risks. However, as every organization has its uniqueness in terms of the environmental factors, the type of industry it belongs to, or its geographical location, a universal standard may not be the only solution.  My recommendations for changes in techniques for prioritizing project risk are the following:
1.              Research new techniques and approaches that work for other organizations in the same industry.
2.              Experiment the new techniques others have found useful to fit your organization’s environment.
3.              Encourage new ideas and innovations from project team members and other stakeholders.
4.              Through training, reinforce awareness of the role and importance of the impact of an efficient risk management project on the overall project management outputs and the organization.
5.              Strategize to minimize human errors on the job.
6.              Use the Failure Mode and Effects Analysis (FMEA) to monitor and control high risks.
7.              Use hazards analysis to prioritize risks.
Risk priority matrix is developed to simplify qualitative risk assessment, explain each element of the template in terms of how and when it is appropriate to use, provide instructions to potential users, and analyses the strengths and weaknesses of prioritizing project risk.
Risk Priority Matrix’s Template to Simplify Qualitative Risk Assessment
Probability
Threats
0.90
0.05
0.09
0.18
0.36
0.72
0.70
0.04
0.07
0.14
0.28
0.56
0.50
0.03
0.05
0.10
0.20
0.40
0.30
0.02
0.03
0.06
0.12
0.24
0.10
0.01
0.01
0.02
0.04
0.08

0.05
0.10
0.20
0.40
0.80

The risk probability and impact matrix illustrate the fusion of risk impact and probability, and is utilized to decide the relative priority of risks.  Risks that go down into the red-shaded cells of the matrix above are the utmost priority, and should be given the greater part of risk management resources during response planning and risk monitoring and control.  Risks that fall into the yellow-shaded cells of the matrix are the subsequently top priority, followed by risks that fall into the green-shaded cells. The matrix shows the combination of impact and probability that in turn yield a risk priority shown by the red, yellow, and green colored shading. Risk priority is utilized during response planning and risk monitoring and control.  It is critical to understand the priority for each risk as it allows the project team to properly understand the relative importance of each risk.
Risk Probability and Impact Matrix
Probability Category
Probability
Description
Very High
0.90
Risk event expected to occur
High
0.70
Risk event more likely than not to occur
Probable
0.50
Risk event may or may not occur
Low
0.30
Risk event less likely than not to occur
Very Low
0.10
Risk event not expected to occur
 Risk Probability


Very Low
0.05
Low
0.10
Moderate
0.20
High
0.40
Very High
0.80
Cost
Insignificant cost impact
< 10% cost impact
10-20% cost impact
20-40% cost impact
> 40% cost impact
Schedule
Insignificant schedule impact
< 5% schedule impact
5-10% schedule impact
10-20% schedule impact
> 20% schedule impact
Scope
Barely noticeable
Minor areas impacted
Major areas impacted
Changes unacceptable to sponsor
Product becomes effectively useless
Quality
Barely noticeable
Only very demanding applications impacted
Sponsor must approve quality reduction
Quality reduction unacceptable to sponsor
Product becomes effectively useless

During risk analysis the potential likelihood that a given risk will occur is assessed, and an appropriate risk probability is selected. Potentially impacted project areas such as cost, schedule, scope, and quality are major risks that organization should focus on. While conducting a risk analysis, the potential impact of each risk should therefore, be analyzed. Once risks are identified and documented, risk analysis should be performed.  Each potential risk event is analyzed for the probability that the risk will occur and the impact of the risk if it occurs. Impacts can be assessed against project cost, schedule, scope, or quality.  If the risk event affects more than one dimension and the scores are different, the higher impact definition should be utilized. Once the appropriate risk impact and probability are selected, the risk score can be determined. Risk impact analysis can be qualitative or quantitative. Risk analysis should be documented in a “risk register.” The risk priority matrix’s should instruct potential users about risk impact, risk probability, risk matrix score computed by the risk register spreadsheet after impact and probability are entered, and risk priority computed by the risk register spreadsheet after impact and probability are entered. 
 Daniel A. Salifou, Ph. D.
Project Management & Planning Expert
Founder & CEO
DS Concepts Consulting LLC 
Chicago, IL







Wednesday, August 10, 2016

Listen and Learn From Your Peers


Small businesses, and more specifically start-ups like myself with DS Concepts Consulting (DSCC), have to embrace learning from those who have been there before us, and ultimately understand we don’t have to reinvent the wheel.  As a founder and CEO of DSCC, I made it my personal mission to maximize learning from other business leaders by attending and participating in as many leadership conferences / forums as possible. Just recently I attended and participated in the Sage 2016 International Summit at the McCormick Convention Center in Chicago, IL. According to the Sage 2016 website, “Sage Summit is the largest gathering of small and medium businesses in the world. Where business gets personal with celebrated speakers, business experts, tech innovations, mentor and peer networking, in-depth education, interactive training, Sage certification, and off-the-chart experiences.”  In all fairness, the summit was really about sharing one another passion and experiences with building a business and also sharing how to succeed in business. Sage Summit catch phrase for that was “ignite your passion.”
I was able to take many notes reflecting direct quotes from many successful business leaders and celebrities who participated as speakers/presenters/or panelists. My take away includes but is not limited to the following quotes I believe are worth sharing. In other words, attending Sage Summit 2016 allowed me to listen and learn from my peers in the business and leadership community:

"I just knew I didn't want to be poor. I didn't want people to pick on us,” said Robert Herjavec (RH), founder & CEO of Herjavec Group and investor on ABC’s Emmy Award winning hit show Shark Tank.
"Purpose comes from two things; drive or purpose, or being in pain," RH.
"Marketing strategy was my priority for success,” said Daymond John (DJ), founder & CEO of FUBU and star of ABC/s Shark Tank, and CEO of Shark Tank branding.
"Leverage is the greatest business motto. You can't do everything. You have to be great at one thing," RH.
“Culture always trumps strategies,” was a quote used by RH to explain the power of culture in doing business.
"If you own a business as founder, CEO, you are in Sales," RH.
"You don't need money to make money in business," DJ.
"Sale to people what they need/want. It becomes natural," DJ.
"Money is not the main business driver. Creativity/sales/initiatives are what you need most," RH.
"Entrepreneurs take affordable steps to succeed," DJ.
"Don't be a spectator in life," RH. 
 
By Daniel A. Salifou, PhD
Founder & CEO, DS Concepts Consulting LLC
Chicago, IL