23-Octubre-2015

Furbi & Friends

Introduction:
On this chapter we will introduce how enterprises are organized in different sections and who is
in charge of taking decisions in each area with the object of understanding management

risk and design effective strategies and policies.

Responsibility of ERM starts at the top, but everybody who maters within an organization should
participate to some extent in ERM.
Other important fact is that CEO get involved in the process since its ultimately responsible
should assume ownership, in other hand we have senior management , inevitably the
responsibility also rest on seniors, so an important key of success is having confidence in senior
management since he identify significant business risk and manage it .
Another important part of success is CIO since ERM solutions is implemented by technology in
various ways. Depending on the complexity and strategic importance of these systems and the
number of internal stakeholders involved, the CIO may play a key role in this transition.
Treasures and insurable manage exposures and uncertainties related to financial and physical
assets on the balance sheet, the prospects for expected future cash flows from business
activities and various contractual obligations.
On other hand, reporting is integral because it drives transparency about risk and risk
management throughout the organization to enable risk assessment, execution of risk
responses and control activities as well as monitoring of performance.
Good governance facilitates implementation of ERM because ERM is built on transparency; an
effectively functioning ERM infrastructure would provide greater confidence to executive
management that risks and opportunities are being systematically identified.
The CRO have the ability to operate effectively and broad understanding of all key areas of the
business executives with at least 12 to 15 years of experience. They possess different skill sets.
The CRO reports to CEO. The CRO must be independent and objective, his or her role

might be as a consultative or authoritarian or both, depending on the risk

area.
The risk management oversight structure, facilitate continuous improvement of the
organization's capabilities around managing its priority risks. Directors and the CEO
balance the organization's risk taking with its risk appetite, but there is not a recommended
organizational model, the application of the COSO illustrate some alternatives, along with the
related benefits and challenges.
According to the COSO it was designed to provide some bases rather than rigid rules, so its
more an art than a science, the key is to build on the existing management structure with out
suffer big changes and dont forget the business model objectives and risk appetite.
We have to identify, in smaller organizations, risk, risk owners and try to approve actions plans
and follow up the results in contrast larger organizations should have a chief risk officer to
provide the diagnostic.
Conclusion:
The most important tags in implementing ERM is to decide the capabilities to manage the risk
with discipline and control another important fact is who will design those capabilities since
management will not make the final decision but it ensures that responsibilities.

23-Octubre-2015
Furbi & Friends