-
“How to align Risk management & Human capability”
Risk management shapes our daily lives, from predicting weather to shaping investment portfolios to making social commitments to determining healthy living choices.
Managing risk helps leaders anticipate threats and build control systems to minimize harm. Generally housed in the finance department, enterprise risk managers identify, assess, and prioritize risks. They then develop strategies and processes to reduce the impact of prioritized risks.
While the risk management industry has many models and frameworks for mitigating risks, one of the most widely used is about 40 years old and derived from the Committee of Sponsoring Organizations of the Treadway Commission. The most recent iteration of the COSO framework highlights the importance of embedding business or enterprise risk management (ERM) throughout an organization. It defines four categories of business objectives, eight components of business risk, and four levels of application (figure 1).
The COSO risk framework helps manage overall risk management focusing on sources of risk. A number of reports on sources of risk can be identified and assessed (see figure 2). An ERM team will likely do an annual report to the board or executive committee to identity current risks and then propose control mechanisms to mitigate prioritized risks. As noted in figure 1, the risk management process can be applied at multiple levels throughout the organization.
HR and its contribution to risk management has often been considered a source of risk that affects a company’s ability to meet its strategic and financial obligations. A study by the Economist Intelligence Unit highlighted risks associated with human resource management as a significant threat to global business operation. Another study by the Conference Board classified people and organization risk as the fourth biggest impact on business performance, but the study placed it tenth in terms of how effectively it is measured and managed within the business.