particularly in the U.S., the vast majority of corporations have made very little information about their overall risk profiles available to stakeholders. Companies in many other industrialized countries, like Canada, the U.K. and Australia, are much more forthcoming about their risk and ERM activities.
The situation's poised to change as rating companies start to factor in a company's ability to manage ERM. Stakeholders will start to gain a plethora of new risk-related data and information available to them. This story of risk management is likely to expand greatly over the next decade.
ERM: A Constantly Changing Management Discipline
Of course, companies have been managing risk for years. Historically, they've done this by buying insurance. More recently, companies have managed risk through the capital markets with "derivative instruments" that help them manage the ups and downs of moment-to-moment movements in currencies, interest rates, commodity prices and equities. From a mathematical point of view, all of these risks or "exposures" have been reasonably easy to measure, with resulting profits and losses going straight to the bottom line.
Where ERM comes in is where companies manage the risks that defy easy measurements or a framework for management. These include crucial risks such as reputation, day-to-day operational procedure, supply chain, legal and human resources management, financial and other controls related to the Sarbanes-Oxley Act of 2002 (SOX), and overall governance. All of these and other exposures fall under the ERM umbrella.
Back to the Upside
The "upside" that we discussed earlier also includes focusing on preventive measures that help a company avoid potential disasters down the road. For example, some of these actions may include determining when and how the physical assets they own need to be maintained and replaced. This way, the company can avoid unexpected and costly plant and equipment failure that might result in shutdowns, explosions or other events that put a company's employees, communities and reputations at risk.
Understanding that their most important and valuable asset is their reputation, some companies work proactively to protect the company when dealing with man-made or natural disasters. In one of the most storied reputation risk management stories in recent history, Tylenol found itself in need of a burnished reputation in the face of product tampering. It reacted by being honest with the media and quickly and aggressively removing and replacing its products at retail outlets. From 2006 to 2008, the recent push for companies is to prove they are "going green", hoping that aggressive environmental risk management will position their products, plants, supply chain and other operations positively with current and future customers. (Read more about this in For Companies, Green Is The New Black and The Green Marketing Machine.)
How to Find ERM-Friendly Companies
It is a difficult task for investors to discover which companies are working to manage risk from an enterprise-wide perspective - and an even more difficult job discovering who is doing so effectively. Many board members don't understand ERM, believing it to be simply another potentially costly, hard-to-measure regulatory fiat from Washington. Many others believe that effective ERM can be achieved simply by expanding their SOX-related reporting and controls efforts, which is not the case.
Because it's a new management discipline, what constitutes "best practices" in ERM has yet to be defined; currently it's being defined industry by industry, but few if any companies promote themselves as being "best of the best" in ERM or risk management.
So, how do you know who's working hard at effective ERM? A growing number of companies, particularly outside the U.S., devote a significant portion of their annual reports discussing risk management, regardless of whether they specifically call it ERM. Generally, investors interested in discovering who's doing a comprehensive job at risk management - and reporting it publicly in their annuals - need to look abroad. Just north of the border, Canadian-based companies discuss risk extensively in their annuals and they are a good place to start looking into this area further.
Read more: http://www.investopedia.com/articles/fundamental-analysis/08/enterprise-risk-ma nagement.asp#ixzz1W4weEd6v