CHAPTER 25

Dashboard Reporting

One of the key objectives of enterprise risk management (ERM) is to promote risk transparency, both in terms of internal risk reporting and external public disclosure. The old adage what gets measured gets managed holds true in risk management. A 2011 Deloitte study of approximately 1,500 cross-industry executives indicated that 86 percent of survey respondents identified “risk information reporting” as of high or moderate priority, making it the most highly prioritized of 13 risk initiative options. The second and third most prioritized initiatives were “risk data quality and management” at 76 percent and “operational risk measurement system” at 69 percent.1 This study clearly demonstrates that establishing a robust risk measurement and reporting system is critical to ERM success.

However, many companies still approach risk reporting from the wrong angle. The reader may recall the 80/20 rule from the previous chapter, where data sources, analytics, models, and reports make up the base of the ERM process pyramid, with decision making on top. It would seem logical to start from the bottom of the pyramid and work our way up. Nevertheless dashboard reporting becomes much more effective when we start from the top, and first define business and risk management decision-making needs. Who is our audience? What kind of decisions do they make? From there, we can determine the metrics, analyses, and reports needed to support those decisions (and then which ...

Get Enterprise Risk Management: From Incentives to Controls, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.