Page 70 - IRMSA Risk Report 2020
P. 70
ALIGNMENT BET WEEN RISK MANAGEMENT AND STRATEGY
1. Expect risk management to fulfil a significant role in strategy setting. This includes context setting, scenario planning and predictive
data analytics.
2. Risk managers should be expected to confidently comment on the performance of an organisation and contribute to the
company’s agility by delivering quality, timeous and relevant information.
3. Critical to integrating a company’s strategy, business objectives and performance with risk management.
4. Insist on a high level of risk expertise across the organisation’s leadership and management structures.
5. All organisational objectives must be subjected to risk assessments.
DOES Y OUR BO ARD INC ORPOR ATE RISK M ANA GEMENT WHEN DO ALL AREAS OF Y OUR OR GANISATION UNDERSTAND THEIR R OLE
SE T TING AND EXECUTING STR ATEGY ? IN A CHIE VING BUSINESS OBJEC TIVES ?
Functional Management Functional Management
Operational Management Operational Management
Company Secretary
Company Secretary Other Assurance Roles (e.g. Audit, Compliance, Ethics)
Other Assurance Roles (e.g. Audit, Compliance, Ethics) Risk Consultant/Professional
Risk Consultant/Professional Risk Practitioner
Risk Manager
Risk Practitioner
Chief Risk Officer/Head of Risk
Risk Manager
Chief Operations Officer
Chief Risk Officer/Head of Risk Chief Financial Officer
Chief Operations Officer Chief Executive Officer
Chief Financial Officer Non-Executive Director or Committee Member
Chief Executive Officer 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Yes - our strategic objectives are effectively integrated into our operational and functional plans as well as
Non-Executive Director or Committee Member
performance agreements
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Yes - divisional, departmental or subsidiary heads share their strategic objectives annually
Yes, they regard it as a key strategic enabler
Somewhat - we rely on our divisional, departmental and subsidiary heads to determine their own objectives
They are neutral and will include it if prompted, but will not miss a lack of it either required to achieve the business strategy
They include it only to avoid an audit finding No - our organisation does not actively communicate its strategy and operational / functional teams do as they
Unimportant - it is excluded or an afterthought (to tick the box) are told or what they have always done
DOES Y OUR EX C O INC ORPOR ATE RISK M ANA GEMENT WHEN SE T TING DO ALL AREAS OF Y OUR OR GANISATION LINK THEIR RISKS T O THE
AND EXECUTING STR ATEGY ? A CHIE VEMENT OF THEIR BUSINESS OBJEC TIVES ?
Functional Management Functional Management
Operational Management Operational Management
Company Secretary
Company Secretary
Other Assurance Roles (e.g. Audit, Compliance, Ethics)
Other Assurance Roles (e.g. Audit, Compliance, Ethics)
Risk Consultant/Professional
Risk Consultant/Professional
Risk Practitioner
Risk Practitioner
Risk Manager
Risk Manager
Chief Risk Officer/Head of Risk
Chief Risk Officer/Head of Risk
Chief Operations Officer
Chief Financial Officer Chief Operations Officer
Chief Executive Officer Chief Financial Officer
Non-Executive Director or Committee Member Chief Executive Officer
Non-Executive Director or Committee Member
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
Yes, they regard is as a key enabler in executing strategic and operational objectives 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%
They are neutral and will include it if prompted, but will not miss a lack of it either Yes – they clearly define their risks in line with specific objectives for that particular division or department
They will include it only to avoid an audit finding Somewhat – they define their risk vaguely in terms of the overall company objectives
Unimportant - it is excluded or an afterthought (to tick the box) No – they define their risks only in line of their operational needs and not on strategic objectives
G R A P H S 4 : A L I G N M E N T B E T W E E N R I S K M A N A G E M E N T A N D S T R AT E G Y .
6 9
