Last week’s onsite survey at the
2012 Enterprise Risk Management Symposium gathered perspectives from 105 risk managerers and other participants. Here are the final results.
And here are the results of our open-ended question,
“What are the biggest misconceptions about enterprise risk management?”
We asked attendees of the
2012 Enterprise Risk Management Symposium in Washington, D.C., an open-ended question: What do you think is the biggest misconception about enterprise risk management? Here is what they had to say:
It is too complex!
hard to demonstrate value
that an ERM implementation is achievable in finite time
that models need to be complicated
too wishy washy
looking over your shoulder
that it serves as an audit function even though it does more than that
the tool gives specific answers to business questions
it’s about people not exogenous events
that ERM can generate value
the number should say everything
that it is for compliance only
ability to quantify all risks
it’s the process not the result
It can provide THE answer and will address all business issues.
it is a compliance exercise
that it holds us back from a business perspective.
it is one and done
the value of ERM is questionable
that erm takes away the risk
static. not evolving
erm is just meant for risk manager not entire organization.
erm is for calculating capital only
is an independent process
it’s only about economic capital
there are no standards
lack of awareness
it is too complex and costly. Where can I find independent experts to get us started?
theory of risk and light
focus on capital modeling
only management is involved
internal model is erm
that ERM is a compliance exercise
that it is too focused on the downside
it is easy
prevents doing business
negative interpretation of identifying or acknowledging the risks
save the enterprise from failure
just a compliance exercise
we seem to be on right track
difficult to implement
only about downside risk
it is too hard
It will not solve all of the problems immediately.
not considered strategic
too complex for implementation
it is too difficult to implement
one size fits all.
that it is just a bunch of objective formulas
not just about quants, about demonstrating that you can help the business achieve objectives. value add
commitment from senior management
it reduces value
it doesn’t add value.
that ERM is focused on the down side
it is strategic planning in disguise
there is only one right way
staff vs strategic function
risk appetite is easy to set and allocate down to business units
top misconception is that it is a compliance and control process.
only cost, no benefits
silo based misconceptions regarding certain risks (primarily investment, liquidity)
Quantitative models are overrated
that we can predict every risk accurately
That risk can be represented by a purely objective measure.
that it is a cure all
quant exercise only
that it’s a compliance exercise when it can reveal hidden risks and opportunities and increase risk awareness
We’re glad you asked. Alongside several questions about the maturity of enterprise risk management (ERM) models, we’ve been asking attendees at the
2012 ERM Symposium in Washington DC how they would characterize the risk management breakdown that led to the Titanic sinking just over 100 years ago. Here’s what they had to say.
The results from our first 50 enterprise risk management iPad surveys are streaming live at the
Milliman ERM Symposium booth. One of the more intriguing early findings: Two barriers have jumped out as major impediments to ERM success. Risk professionals are asking: How do we measure value? And how do we navigate the complexity of an ERM program?
Anyone interested in participating in the survey or in seeing the full results should visit the Milliman booth.
We received a number of inquiries about the results of our survey at the ERM Symposium in Chicago last week, so we’ve decided to publish the results here. While our survey was hardly scientific, we thought it was interesting to see how attendees view the evolving Enterprise Risk Management landscape, and hope you agree. Our thanks to the many people who took the time to speak with us at the Symposium.
We asked ERM Symposium attendees, “What should every CEO know?” Here are samplings of the answers we have received so far:
There is no free risk
The numbers are only a current estimate
A knowledge of risk is key in knowing the value of the company
Listen to your CRO!
Risk has a value
Decisions can be made
What’s the cost of not doing ERM?
How do risks correlate?
What return should I expect on my ERM investment and how should I go about calculating that return?