Enterprise risk management (ERM) enables an organization to systematically identify, assess and address critical risks. Increasingly, senior leadership teams are expected to drive a culture of risk management in their organizations. In some industries, particularly financial services,some form of ERM activity is a requirement. At CM2 Limited, we believe that well-run businesses will have an ERM activity. We also believe that we can ensure that our clients have ERM activities that are effective at reducing risk. We also focus on ERM solutions that will provide on-going assessments at a reasonable cost.

As businesses around the globe face the impact of the current recession, many leadership teams realize they need to improve their organizational ability to assess and manage risk. Furthermore, investors, lenders,and regulators are increasingly likely to demand better risk management practices. The path to improving risk management in your organization has several key steps – and CM2 can help you plan and execute a strong ERM program.

Our program has several steps:

Market Assessment: Working collaboratively with your staff, we will assess your market position and the risks that result. CM2's leading competitive intelligence skills can also be used to enhance this analysis by providing previously unknown insights for the market assessment.

Key Risk Analysis: Utilizing the market assessment results and the deep reservoir of CM2 experience in multiple industries, we will develop a complete analysis of the key risks your business faces over the long run. This list of risks, usually numbering ten or less, provides the framework for your senior team to assess, monitor, and communicate about risk over time.

Mapping Risk Assessment Needs: CM2 will assist you in determining how risk should be monitored in your organization. Usually, each business unit does its own assessment on a regular schedule. In some cases, however, units are combined, and provisions must be made for capturing risks managed by staff units like finance, legal, or human resources. Agreement on a proper program and the related monitoring of the program is essential to effective ERM.

Risk Identification: Each of the units will work with CM2 staff to assess its activities in two ways, according to the key risks we have agreed upon and also with a focus on the top risk issues facing management. This "dual lens of assessment" helps insure proper identification. Also, the CM2 team will help by bringing its extensive risk and industry experience to bear in efficient review sessions with senior leaders in each unit and for the overall organization.

Risk Assessment and Mitigation: CM2 will share its best practices for assessing risks and planning and executing risk mitigation activities. In some cases, the CM2 competitive intelligence skills can also be used to develop and guide the most effective mitigation tactics.

Education and Cultural Change: CM2 can help senior leaders prepare to lead the cultural change required to become a leader in ERM effectiveness. The teams need to know that ERM is a management priority, and they need to speak in the same terms around risk issues.

Note that the CM2 ERM program is intentionally lean. We believe the most important characteristic of an effective ERM program is identifying and mitigating the most dangerous risks at the lowest possible cost. While our activities are compatible with the software programs and SARBOX reporting efforts prevalent in the industry, we believe that too much emphasis on process and software to collect large amount of risk management data can sink an ERM effort in a sea of minutiae. Our goal is to help you know the risks you face – especially the big ones. We also want to make sure you can address them and avoid them. In the long run, this is critical to your organization achieving its full potential.