Effective Risk Management

Uncertainty bounds today’s economy and every organization needs a structured process for effective risk management to sustain with a competitive edge ( K. J., A., V. R. and U., 2017 ). Numerous corporate governance regulations like SOX Act 2002, COSO Enterprise Risk Management Framework 2004, Companies Act 2013 and Clause 49 of SEBI made the existence of a risk management committee mandatory. A risk management committee, a person or a group of persons are required at the top management level for effective risk management. Such individuals are important influencers and play a significant role in the organization. These executives setup the risk management system with the help of other management officials and disseminate the risk information in the organization. It reduces risk information asymmetry among the stakeholders, unites all risk management process in the entire organization, all redundant efforts across departments can be avoided leading to improved organizational efficiency. The committee must possess excellent communication, interpersonal, negotiation and team building skills. Enterprise Risk Management ( ERM ) is found to be proactive, continuous, value-based, focused and process driven activity. The integrated approach of ERM guides management to diagnose risk and evaluate effective strategies for managing the organization’s exposure with its risk requirement.

Risk management is the process by which an organization diagnoses threats, explores alternatives, and alleviates those risks. In today’s dynamic business environment, overseeing risk is a vital and challenging concern for the organization in each sector. Enterprise Risk Management (ERM) embodies a holistic enterprise-wide procedure and control system for diagnosing the effect of the numerous risks such as financial, operational, strategic, compliance, etc. on the organizational objectives and provide solutions to mitigate them. ERM is considered as a major component of successful firms as it enables them to anticipate and mitigate risk through a standard plan. Another important aspect of ERM, which results from risk identification, is the prevention of destruction of shareholder value by protecting assets from bad lower-tail earnings outcomes. High-profile corporate scandals in USA such as Enron and Worldcom followed by encouragement from the New York Stock Exchange (NYSE) and Securities and Exchange Commission (SEC) compelled firms to adopt risk management activities. Various corporate governance stipulates risk management as a mandatory compliance requirement. Firms that embrace ERM possess a long lasting competitive edge by balancing the risk and returns and thus enhancing the firm value.

Organizational uncertainty has become more complicated, the organizational success depends on risk management ( K. J., A., V. R. and U., 2017 ). Effective risk management is beneficial to all organizations irrespective of their size and sector. The benefits include better financial position, the improved basis for setting the strategic objective, greater service delivery, more competitive edge, optimum utilization of resources, more value for money, waste reduction and efficient management of contingencies. The various dimensions of risk management practices such as like financial, operational and strategic have to be well defined to ensure that the firm makes efficient use of risk management approaches. Based on the acceptable level of risk, risk management helps to decide a plan of action. Sarbanes-Oxley Act, 2002 was a response to the corporate scandals of the mid 21st century. It incorporates directions in regards to of Public Company Accounting Oversight Board (PCAOB), auditor autonomy, corporate duty, upgraded monetary divulgences, and corporate and criminal fraud accountability. ERM is a technique that helps to identify, analyse and manage contingencies that could hinder the organization from attaining its goals. For successful ERM, a risk manager should focus on people, intellectual property, brand image, managerial knowledge and skills, the source of profit and business environment. It will help the risk manager to create an awareness of the various risks associated, monitor its vulnerability and change strategies to ensure that the organization faces an only acceptable level of risk. In the long run, this will optimize trade-off between risk and return. a well implemented ERM can create value when it reduced financial distress. ERM doesn’t avoid risk, it helps the management to prepare or prevent the risk and thus enhance maximum firm value.

Efforts to reduce organizational risk through risk management plans and risk mitigation procedures that address external and internal organizational policies, strategies, and decisions, risk mitigation is the process of identifying risks and articulating and introducing measures to reduce them ( Grabowski and Roberts, 1997 ). Organizations and individuals are increasingly part of larger industrial, manufacturing, regulatory, or environmental systems. Large-scale systems are composed of networks of humans and technical resources such as computers, machines, communications equipment that perform tasks, support the missions and goals of more than one organization. A differentiates in large-scale systems from other kinds of groupings is the attention paid to and importance given to interfaces, interconnections, and interdependence between and among system elements. Large complex systems are difficult to comprehend as a whole. The tendency is to decompose or factor them into smaller subsystems, which can lead to the development of a large number of subsystem interfaces. Large tightly coupled systems can also exhibit physical problems associated with resource movement, coordination, and communication. Decoupling tightly coupled system which reduces the need for communication and allows subsystems to communicate with each other on an exception basis, eases some of these problems, but incurs costs. For instance, costs are associated with maintaining decoupling mechanisms like inventories, buffers and waiting lines. Recent advances in information technology have changed perceptions about the capabilities of large-scale systems. Large human-machine intelligent systems now appear in warehousing and materials handling, manufacturing, aerospace process control and air, land and marine transportation. Intelligent subsystems are often embedded in a larger system to formulate and implement decisions made by a computer or by humans to control parts of the larger system. Over time, these systems can develop into decision makers which managers must manage as they do any other system resource. The nature and composition of large-scale systems is also changing. In some systems, boundaries have become more diffuse, and virtual organizations have emerged. These large-scale systems have helped organizations transcend geographical, temporal, size or scope limitations and have changed our notions of organizational behavior and form.

Risk mitigation in increasingly global, multi-organizational, large-scale systems is managed by a variety of owners and operators ( Grabowski and Roberts, 1997 ). Risk reduction mechanisms for such systems are poorly understood by organizational researchers and are probably equally poorly understood by managers. Risk mitigation in virtual organizations is particularly challenging, since these large-scale interdependent systems often fail to articulate their boundaries or the behavior that is expected of their members. clarifying goals and roles in such systems is critical if its members are to understand how their systems are simultaneously autonomous and interdependent. Risk mitigation in such systems involves developing trust and respect in working relationships and in developing the organization’s ability to learn and adapt. Risk mitigating communications serve two purposes in large-scale systems: to clarify roles, goals, relationships, and responsibilities; and to provide a means of developing a culture of trust and shared values.

To be effective, risk mitigation measures in large-scale systems need to address the cultural needs of systems. Risk mitigation in large-scale systems, managers can reduce unintended consequences if they provide safe areas and slack in the system where decision makers can consider, off-line, the potential impacts of their decisions. Another way managers can mitigate risk is by requiring individuals to take responsibility for their actions and to indicate when they are unsure about decisions, situations or other individuals or groups in the system. This concept ties in closely with the need for talk and communication. In distributed decision making settings, articulating responsibility and ownership for outcomes helps mitigating risk because it creates a culture where “”the buck stops everywhere. This concept ties in closely with the need for talk and communication. In distributed decision making settings, articulating responsibility and ownership for outcomes helps mitigating risk because it creates a culture where the buck stops everywhere. Managers can mitigate risk by understanding the dynamics of negotiation and bargaining in a large-scale system, and by working to maintain consistency among beliefs, actions, and decisions throughout all parts of the distributed system. These activities increase organizational vigilance so that members do not become complacent and desensitized to risk. This will insure that the unintended consequences of risk mitigation measures are acted upon quickly.


Grabowski, M., & Roberts, K. (1997). Risk Mitigation in Large-Scale Systems: LESSONS FROM HIGH RELIABILITY ORGANIZATIONS. California Management Review, 39(4), 152-16

K. J., A., & V. R., U. (2017). The Determinants of Firm Value From Enterprise Risk Management Perspective: A Conceptual Model. Journal Of Management Research (09725814), 17(4), 194-203.

Did you like this example?