Independent Consultant, Norway
Researcher, Department of Business Administration and Knut Wicksell Centre for Financial Studies, Lund University, Sweden
The enterprise risk management (ERM) approach to managing a company's risks promises many benefits. A reading of the literature on the subject will tell you that ERM, among other things, will reduce the frequency of surprises, lead to better allocation of resources, improve risk response decisions, and reduce costly duplication of risk management activities (e.g., COSO 2004).
Many companies are finding out that these benefits don't always materialize easily. It turns out that implementing a holistic, enterprise-wide approach to risk management often challenges the organizational status quo. Powerful individuals and business units face a potential loss of autonomy and are asked to comply with new reporting requirements. “The way we've always done things around here” is no longer good enough, it may seem.
In companies where change is resisted, ERM is at risk of becoming an island, an isolated process whose outputs and opinions are largely ignored by decision makers. These so-called ghost ERM programs contribute little or nothing at all to enterprise value. In this chapter we use the experience of Statoil, a Norwegian oil and gas producer, for lessons about how to overcome these organizational challenges and make the potential benefits ...