Enterprise Risk and Opportunity Management
eBook - ePub

Enterprise Risk and Opportunity Management

Concepts and Step-by-Step Examples for Pioneering Scientific and Technical Organizations

Allan S. Benjamin

Share book
  1. English
  2. ePUB (mobile friendly)
  3. Available on iOS & Android
eBook - ePub

Enterprise Risk and Opportunity Management

Concepts and Step-by-Step Examples for Pioneering Scientific and Technical Organizations

Allan S. Benjamin

Book details
Book preview
Table of contents
Citations

About This Book

Risk management strategy for the pioneering technological sector

Enterprise Risk and Opportunity Management provides much-needed guidance tailored specifically to the technological sector. While most enterprise risk management guides are written for traditional businesses and finance firms, this book translates effective enterprise risk and opportunity management (EROM) principles into strategies and practices that work for government, nonprofit, and for-profit organizations in the technological space. Originally designed for noncommercial pioneering enterprises like NASA, an entire chapter is now devoted toward applying the methods to profit-making technological enterprises.

A 40-year veteran of the tech sector, Dr. Allan Benjamin outlines risk management strategies for organizations in which the advancement and integration of science and technology within complex systems is necessary for accomplishment of the mission. Commercial EROM strategies do not translate directly when the development and implementation of risky technologies is the organization's primary objective, and clumsy or near-sighted implementation can easily cripple progress. This book provides authoritative guidance tailored to the sector's specialized needs.

  • Maximize opportunity while effectively managing risk
  • Understand the core principles of the technological EROM approach and its interfaces with the management of the organization
  • Comprehend the intricacies of aggregating risks and opportunities from lower to higher levels of the organization
  • Gain expert insights specific to the technology sector
  • Mitigate and control the risk that comes with pursuing discovery

In practice, EROM in this sector involves working with mostly qualitative data, and is characterized by high uncertainty. Managing risk without handicapping the organization requires a specific set of adjustments to traditional EROM, and a more nuanced approach to the idea of "acceptable risk. Balance is key in technological EROM, and Enterprise Risk and Opportunity Management provides foundational guidance, real-world strategy, and enlightening examples for getting it right.

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on ā€œCancel Subscriptionā€ - itā€™s as simple as that. After you cancel, your membership will stay active for the remainder of the time youā€™ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlegoā€™s features. The only differences are the price and subscription period: With the annual plan youā€™ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Enterprise Risk and Opportunity Management an online PDF/ePUB?
Yes, you can access Enterprise Risk and Opportunity Management by Allan S. Benjamin in PDF and/or ePUB format, as well as other popular books in Negocios y empresa & Finanzas. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Wiley
Year
2017
ISBN
9781119318712
Edition
1
Topic
Negocios y empresa
Subtopic
Finanzas

Chapter 1
An EROM Primer for Organizations Concerned with Technical Research, Integration, and Operations (TRIO Enterprises)

1.1 EROM Scope and Objectives for TRIO Enterprises

1.1.1 What Is EROM?

Enterprise risk and opportunity management (EROM) refers to the methods and processes used by organizations to manage risks and seize opportunities related to the achievement of their objectives. It is a means by which organizations identify and implement their strategic goals, objectives, and priorities, subject to imposed constraints, through a process of strategic planning, execution, and performance evaluation.
Quoting from a report by the Committee of Sponsoring Organizations (COSO) of the Treadway Commission (2004), ā€œEnterprise risk management encompasses:
  • ā€œAligning risk appetite and strategyā€”Management considers the entity's risk appetite in evaluating strategic alternatives, setting related objectives, and developing mechanisms to manage related risks.1
  • ā€œEnhancing risk response decisionsā€”Enterprise risk management provides the rigor to identify and select among alternative risk responsesā€”risk avoidance, reduction, sharing, and acceptance.
  • ā€œReducing operational surprises and lossesā€”Entities gain enhanced capability to identify potential events and establish responses, reducing surprises and associated costs or losses.
  • ā€œIdentifying and managing multiple and cross-enterprise risksā€”Every enterprise faces a myriad of risks affecting different parts of the organization, and enterprise risk management facilitates effective response to the interrelated impacts, and integrated responses to multiple risks.
  • ā€œSeizing opportunitiesā€”By considering a full range of potential events, management is positioned to identify and proactively realize opportunities.
  • ā€œImproving deployment of capitalā€”Obtaining robust risk information allows management to effectively assess overall capital needs and enhance capital allocation.ā€
The overall objectives of EROM are to facilitate the successful development of the strategic plan, to promote an overall best approach for implementing the plan, and to evaluate performance with respect to the plan. The means for doing this is to seek an optimal balance between minimizing the potential for loss (risk) while maximizing the potential for gain (opportunity) with respect to the organization's overall mission. The focus on the overall mission is the reason for the ā€œEā€ in ā€œEROM.ā€ It implies an integration of risk and opportunity management over all programs, projects, initiatives, and activities in the organization's portfolio. Achievement of an optimal balance implies the involvement of the decision maker(s) in setting maximum tolerable levels for risk, minimum desirable levels for opportunity, and the trade-offs between them.

1.1.2 Why Is EROM Important to TRIO Enterprises?

Organizations that perform pioneering technical work must continually assess whether their strategic objectives continue to be achievable as conditions evolve, whether the balance between the risks and the opportunities has changed with time so as to require a recalibration of the strategic plan or a reassessment of how it is being implemented, and whether the funding agencies have introduced new requirements or constraints that need to be addressed.
For example, NASA, in response to new directions advocated by the executive branch of the US government, announced its intentions in 2013 to embark on new space exploration missions that necessitate a change in philosophy from strict risk minimization to a balanced combination of risk control and opportunity exploitation. This direction was enunciated in the following statements made by NASA Administrator Charles Bolden in a letter addressed to all NASA employees (Bolden 2013):
ā€¦throughout our history NASA's explorer spirit has led us deeper into the unknown where we continue to learn as much from our failures as our successes. One of the things that impress me most about our workforce is the willingness of so many to dream big, think outside the box, and take risks We have to be willing to do daring things. Put another way, risk intolerance is a guarantee of failure to accomplish anything of significance [emphasis is the Administrator's].
ā€¦As long as we ensure that our people are protected we can manage and tolerate failures as part of the price of progress As we prepare to undertake the many challenges offered in the President's 2014 budget for our agency, I ask you to continue to think about how we can identify and seize opportunities to make progress quickly and affordably, identify and manage risks, learn fast and adapt our plans to take the next steps. While we do this, we must constantly balance our risks and rewards and always, always put the lives and safety of our people first.
This change in philosophy has infused not only NASA but also other TRIO enterprises. Because of it, there is a need to expand our thinking regarding enterprise risk management from one that is centered on reducing risks to one that includes recognizing, cultivating, and exploiting opportunities. EROM is a rational, structured approach toward reaching an optimal balance between minimizing the potential for loss (risk) while maximizing the potential for gain (opportunity).
Finally, EROM is important to government technical organizations because the July 2016 update of OMB Circular A-123 specifically requires that all federal agencies use enterprise risk management as an integral part of deriving, implementing, and managing internal controls.

1.1.3 What Kinds of Risk and Opportunity Are Considered within EROM for TRIO Enterprises?

EROM in general is concerned with the enterprise-wide management of strategic and performance risks, which for purposes of this book are characterized as follows:
  • Strategic risk refers to shortfalls in the ability of an organization to adequately achieve the long-term goals of its stated mission. In part, strategic risk may be equated with the potential for an organization to fail in accomplishing one or more of its strategic objectives. Inferentially, it additionally includes the potential for an organization to fail to formulate its strategic objectives in a manner that best serves its overall mission.
  • Performance risk refers to shortfalls in the ability of an organization to achieve its shorter-term performance plan. Performance risk in part concerns the potential for an organization to fail to accomplish one or more of the performance objectives in its performance plan. It additionally includes the potential for an organization to fail to formulate its performance objectives in a manner that best serves its strategic objectives.
Strategic and performance risks are considered to consist of the enterprise-wide aggregation of several categories of risk, including (for purposes of this book) program/project risks, institutional risks, requirement risks, and reputational risks. These risk categories may be defined as follows (COSO 2004; International Standards 2008; NASA 2008, 2016a):
  • Program/project risk is the potential for performance shortfalls, which may be realized in the future, with respect to achieving explicitly established and stated program/project performance requirements. Performance shortfalls for programs/projects may be related to any or all of the following mission execution domains: safety, technical, cost, and schedule.
  • Institutional risk concerns risks to infrastructure, information technology, resources, personnel, assets, processes, occupational safety, environmental management, or security. They affect capabilities and resources necessary for mission success, including institutional flexibility to respond to changing mission needs and compliance with external requirements such as government regulations.
  • Requirement risk is the risk of not satisfying the requirements of the organization's stakeholders and regulators. Requirements to be satisfied may include environmental safety and health (ES&H) protection, protection against fraud and misconduct, equal opportunity and other labor requirements, and in the case of federal agencies, federal mandates directed at achieving specific goals in the areas of public education, international cooperation, and commercial partnerships.
  • Reputational risk concerns risks that could jeopardize the viability of the organization, and includes risks to financial health, legal risks, and public confidence risks. The latter category includes the risk of a catastrophic accident or other high-profile loss attributable to mismanagement or malfeasance.

1.1.4 How Does EROM for Nonprofit and Government TRIO Enterprises Differ from EROM for Typical Commercial Enterprises?

The last 10 to 15 years has seen a steadily expanding development of processes and standards for conducting EROM within commercial enterprises, for example, COSO (2004) and ISO-31000 (2008). While these frameworks have undoubtedly provided impetus for the acceptance and practice of EROM, they have tended to emphasize monetary risks and opportunities as would be paramount for profit-making companies. EROM to this point has been used less widely for nonprofit or government TRIO enterprises. For EROM to be effective at such enterprises, it must focus on the...

Table of contents