ERM Discussion 6
Additional Praise for Implementing Enterprise Risk Management
“Educators the world over seeking to make the management of risk an integral part of management degrees have had great difficulties in providing their students with a definitive ERM text for their course. The Standards and associated Handbooks helped, but until the arrival of Implementing Enterprise Risk Management: Case Stud- ies and Best Practices, there has been no text to enlighten students on the application of an effective program to manage risk across an enterprise so that objectives are maximized and threats minimized. Fraser, Simkins, and Narvaez have combined with a group of contributors that represent the cream of risk practitioners, to pro- vide the reader with a clear and concise journey through the management of risk within a wide range of organizations and industries. The knowledge, skills, and experience in the management of risk contained within the covers of this book are second to none. It will provide a much needed resource to students and practition- ers for many years to come and should become a well-used reference on the desk of every manager of risk.”
—Kevin W. Knight AM, chairman, ISO/TC 262—Risk Management
“The authors—Fraser, Simkins, and Narvaez—have done an invaluable service to advance the science of enterprise risk management by collecting an extensive num- ber of wonderful case studies that describe innovative risk management practices in a diverse set of companies around the world. This book should be an extremely valuable source of knowledge for anyone interested in the emerging and evolving field of risk management.”
—Robert S. Kaplan, senior fellow, Marvin Bower Professor of Leadership Development, emeritus, Harvard University
“Lessons learned from case studies and best practices represent an efficient way to gain practical insights on the implementation of ERM. Implementing Enterprise Risk Management provides such insights from a robust collection of ERM pro- grams across public companies and private organizations. I commend the editors and contributors for making a significant contribution to ERM by sharing their experiences.”
—James Lam, president, James Lam & Associates; director and Risk Oversight Committee chairman, E∗TRADE Financial Corporation;
author, Enterprise Risk Management—From Incentives to Controls
“For those who still think that enterprise risk management is just a fad, the varied examples of practical value-generating uses contained in this book should dispel any doubt that the discipline is here to stay! The broad collection of practices is insightful for students, academics, and executives, as well as seasoned risk man- agement professionals.”
—Carol Fox, ARM, director of Strategic and Enterprise Risk Practice, RIMS
“Managing risk across the enterprise is the new frontier of business management. Doing so effectively, in my view, will be the single most important differentiating factor for many enterprises in the twenty-first century. Implementing Enterprise Risk Management: Case Studies and Best Practices is an innovative and important addition to the literature and contains a wealth of insight in this critical area. This book’s integration of theory with hands-on, real-world lessons in managing enterprise risk provides an opportunity for its readers to gain insight and understanding that could otherwise be acquired only through many years of hard-earned experience.
www.it-ebooks.info
http://www.it-ebooks.info/
I highly recommend this book for use by executives, line managers, risk managers, and business students alike.”
—Douglas F. Prawitt, professor of Accounting at Brigham Young University, and Committee of Sponsoring Organizations (COSO)
Executive Board member
“The real beauty of and value in this book is its case study focus and the wide variety of firms profiled and writers’ perspectives shared. This will provide readers with a wealth of details and views that will help them chart an ERM journey of their own that is more likely to fit the specific and typically customized ERM needs of the firms for whom they toil.”
—Chris Mandel, senior vice president, Strategic Solutions for Sedgwick; former president of the Risk Management Society
and the 2004 Risk Manager of the Year
“Implementing Enterprise Risk Management looks at many industries through excel- lent case studies, providing a real-world base for its recommendations and an important reminder that ERM is valuable in many industries. I highly recommend this text.”
—Russell Walker, Clinical associate professor, Kellogg School of Management; author of Winning with Risk Management
“The body of knowledge in Implementing Enterprise Risk Management continues to develop as business educators and leaders confront a complex and rapidly chang- ing environment. This book provides a valuable resource for academics and prac- titioners in this dynamic area.”
—Mark L. Frigo, director, Strategic Risk Management Lab, Kellstadt Graduate School of Business, DePaul University
“The management of enterprise risk is one of the most vexatious problems con- fronting boards and executives worldwide. This is why this latest book by Fraser, Simkins, and Narvaez is a much needed and highly refreshing approach to the sub- ject. The editors have managed to assemble an impressive list of contributors who, through a series of fascinating real-life case studies, adroitly help educate readers to better understand and deal with the myriad of risks that can assault, seriously maim, and/or kill an organization. This is a ‘how to’ book written with the ‘risk management problem solver’ in mind. It provides the link that has been missing for effectively teaching ERM at the university and executive education levels and it is an exceptional achievement by true risk management advocates.”
—Dr. Chris Bart, FCPA, founder and lead faculty, The Directors College of Canada
“The Institute of Risk Management welcomes the publication of this highly practi- cal text which should be of great interest to our students and members around the world. Implementing Enterprise Risk Management brings together a fine collection of detailed case studies from organizations of varying sizes and working in differ- ent sectors, all seeking to enhance their business performance by managing their risks more effectively, from the boardroom to the shop floor. This book makes a valuable contribution to the body of knowledge of what works that will benefit the development of the risk profession.”
—Carolyn Williams, technical director, Institute of Risk Management
www.it-ebooks.info
http://www.it-ebooks.info/
IMPLEMENTING ENTERPRISE RISK MANAGEMENT
www.it-ebooks.info
http://www.it-ebooks.info/
The Robert W. Kolb Series in Finance provides a comprehensive view of the field of finance in all of its variety and complexity. The series is projected to include approximately 65 volumes covering all major topics and specializations in finance, ranging from investments, to corporate finance, to financial institutions. Each vol- ume in the Kolb Series in Finance consists of new articles especially written for the volume.
Each volume is edited by a specialist in a particular area of finance, who develops the volume outline and commissions articles by the world’s experts in that partic- ular field of finance. Each volume includes an editor’s introduction and approx- imately thirty articles to fully describe the current state of financial research and practice in a particular area of finance.
The essays in each volume are intended for practicing finance professionals, grad- uate students, and advanced undergraduate students. The goal of each volume is to encapsulate the current state of knowledge in a particular area of finance so that the reader can quickly achieve a mastery of that special area of finance.
www.it-ebooks.info
http://www.it-ebooks.info/
IMPLEMENTING ENTERPRISE RISK MANAGEMENT
Case Studies and Best Practices
Editors
John R.S. Fraser Betty J. Simkins Kristina Narvaez
The Robert W. Kolb Series in Finance
www.it-ebooks.info
http://www.it-ebooks.info/
Cover Design: Wiley Cover Image: © iStock.com/clauiad
Copyright © 2015 by John R.S. Fraser, Betty J. Simkins, Kristina Narvaev. All rights reserved.
Published by John Wiley & Sons, Inc., Hoboken, New Jersey. Published simultaneously in Canada.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600, or on the Web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.
For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.
Library of Congress Cataloging-in-Publication Data:
ISBN 978-1-118-69196-0 (Hardcover) ISBN 978-1-118-74576-2 (ePDF) ISBN 978-1-118-74618-9 (ePub)
Printed in the United States of America. 10 9 8 7 6 5 4 3 2 1
www.it-ebooks.info
http://www.copyright.com
http://www.wiley.com/go/permissions
http://booksupport.wiley.com
http://www.wiley.com
http://www.it-ebooks.info/
To Wendy, my wonderful wife and my inspiration, and to my parents who instilled in me a lifelong thirst for learning.
—John Fraser
To my husband (Russell) and our family: sons and daughters- in-law (Luke & Stephanie and Walt & Lauren), daughter and son-in-law (Susan & Jason), and our youngest daughter (April). Thank you for your love, support, and encouragement!
—Betty Simkins
I would like to thank my husband and four children for support- ing me on my journey of writing two chapters and co-editing this book. I would also like to thank the Risk and Insurance Manage- ment Society for supporting me during my educational years and providing great workshops and conferences on enterprise risk management.
—Kristina Narvaez
www.it-ebooks.info
http://www.it-ebooks.info/
www.it-ebooks.info
http://www.it-ebooks.info/
Contents
Foreword xiii
1 Enterprise Risk Management Case Studies: An Introduction and Overview 1 John R.S. Fraser, Betty J. Simkins, and Kristina Narvaez
PART I Overview and Insights for Teaching ERM 17
2 An Innovative Method to Teaching Enterprise Risk Management: A Learner-Centered Teaching Approach 19 David R. Lange and Betty J. Simkins
PART II ERM Implementation at Leading Organizations 37
3 ERM at Mars, Incorporated: ERM for Strategy and Operations 39 Larry Warner
4 Value and Risk: Enterprise Risk Management at Statoil 59 Alf Alviniussen and Håkan Jankensgård
5 ERM in Practice at the University of California Health System 75 Grace Crickette
6 Strategic Risk Management at the LEGO Group: Integrating Strategy and Risk Management 93 Mark L. Frigo and Hans Læssøe
7 Turning the Organizational Pyramid Upside Down: Ten Years of Evolution in Enterprise Risk Management at United Grain Growers 107 John Bugalla
ix
www.it-ebooks.info
http://www.it-ebooks.info/
x Contents
8 Housing Association Case Study of ERM in a Changing Marketplace 119 John Hargreaves
9 Lessons from the Academy: ERM Implementation in the University Setting 143 Anne E. Lundquist
10 Developing Accountability in Risk Management: The British Columbia Lottery Corporation Case Study 179 Jacquetta C. M. Goy
11 Starting from Scratch: The Evolution of ERM at the Workers’ Compensation Fund 207 Dan M. Hair
12 Measuring Performance at Intuit: A Value-Added Component in ERM Programs 227 Janet Nasburg
13 TD Bank’s Approach to an Enterprise Risk Management Program 241 Paul Cunha and Kristina Narvaez
PART III Linking ERM to Strategy and Strategic Risk Management 251
14 A Strategic Approach to Enterprise Risk Management at Zurich Insurance Group 253 Linda Conrad and Kristina Narvaez
15 Embedding ERM into Strategic Planning at the City of Edmonton 281 Ken Baker
16 Leveraging ERM to Practice Strategic Risk Management 305 John Bugalla and James Kallman
PART IV Specialized Aspects of Risk Management 319
17 Developing a Strategic Risk Plan for the Hope City Police Service 321 Andrew Graham
18 Blue Wood Chocolates 335 Stephen McPhie and Rick Nason
www.it-ebooks.info
http://www.it-ebooks.info/
CONTENTS xi
19 Kilgore Custom Milling 363 Rick Nason and Stephen McPhie
20 Implementing Risk Management within Middle Eastern Oil and Gas Companies 377 Alexander Larsen
21 The Role of Root Cause Analysis in Public Safety ERM Programs 397 Andrew Bent
22 JAA Inc.—A Case Study in Creating Value from Uncertainty: Best Practices in Managing Risk 427 Julian du Plessis, Arnold Schanfield, and Alpaslan Menevse
23 Control Complacency: Rogue Trading at Société Générale 461 Steve Lindo
24 The Role of VaR in Enterprise Risk Management: Calculating Value at Risk for Portfolios Held by the Vane Mallory Investment Bank 489 Allissa A. Lee and Betty J. Simkins
25 Uses of Efficient Frontier Analysis in Strategic Risk Management: A Technical Examination 501 Ward Ching and Loren Nickel
PART V Mini-Cases on ERM and Risk 523
26 Bim Consultants Inc. 525 John R.S. Fraser
27 Nerds Galore 529 Rob Quail
28 The Reluctant General Counsel 535 Norman D. Marks
29 Transforming Risk Management at Akawini Copper 539 Grant Purdy
30 Alleged Corruption at Chessfield: Corporate Governance and the Risk Oversight Role of the Board of Directors 547 Richard Leblanc
www.it-ebooks.info
http://www.it-ebooks.info/
xii Contents
31 Operational Risk Management Case Study: Bon Boulangerie 555 Diana Del Bel Belluz
PART VI Other Case Studies 559
32 Constructive Dialogue and ERM: Lessons from the Financial Crisis 561 Thomas H. Stanton
33 Challenges and Obstacles of ERM Implementation in Poland 577 Zbigniew Krysiak and Sl̄awomir Pijanowski
34 Turning Crisis into Opportunity: Building an ERM Program at General Motors 607 Marc S. Robinson, Lisa M. Smith, and Brian D. Thelen
35 ERM at Malaysia’s Media Company Astro: Quickly Implementing ERM and Using It to Assess the Risk-Adjusted Performance of a Portfolio of Acquired Foreign Companies 623 Patrick Adam K. Abdullah and Ghislain Giroux Dufort
About the Editors 649
Index 651
www.it-ebooks.info
http://www.it-ebooks.info/
Foreword
Enterprise Risk Management is an evolving discipline focused on a com-plex and still imperfectly-understood subject. In such a situation, science isadvanced best by collecting data from multiple, independent sites. A rich set of observations educates the field’s scholars and practitioners and provides the foundation for them to develop descriptive and normative theories as well as cod- ified best practices about the subject.
The authors—Fraser, Simkins, and Narvaez—have done an invaluable service to advance the science of enterprise risk management by collecting an extensive number of wonderful case studies that describe innovative risk management prac- tices in a diverse set of companies around the world. This book should be an extremely valuable source of knowledge for anyone interested in the emerging and evolving field of risk management. We should be grateful to the editors and to each chapter author for expanding the body of knowledge for risk management professionals and academics.
Robert S. Kaplan Senior Fellow, Marvin Bower Professor of Leadership Development, Emeritus
Harvard University
xiii
www.it-ebooks.info
http://www.it-ebooks.info/
www.it-ebooks.info
http://www.it-ebooks.info/
CHAPTER 1
Enterprise Risk Management Case Studies An Introduction and Overview
JOHN R.S. FRASER Senior Vice President, Internal Audit, and former Chief Risk Officer, Hydro One Networks Inc.
BETTY J. SIMKINS Williams Companies Chair of Business and Professor of Finance, Oklahoma State University
KRISTINA NARVAEZ President and Owner of ERM Strategies, LLC
Businesses, business schools, regulators, and the public are now scrambling to catch up with the emerging field of enterprise risk management.
—Robert Kaplan (quote from Foreword in Fraser and Simkins, 2010)
Most executives with MBA degrees were not taught ERM. In fact, there are only a few universities that teach ERM. So some business school graduates are strong in finance, marketing, and management theory, but they are limited in terms of critical thinking, business acumen, and risk analysis skills.
—Paul Walker1
THE EVOLUTION OF ENTERPRISE RISK MANAGEMENT Over the past two decades enterprise risk management (ERM) has evolved from concepts and visions of how risks should be addressed to a method- ology that is becoming entrenched in modern management and is now increasingly expected by those in oversight roles (e.g., governing bodies and regulators). As Felix Kloman describes in his chapter “A Brief History of Risk Man- agement,” published in Fraser and Simkins (2010), many of the concepts go back a very long time and many of the so-called newly discovered techniques can be
1
www.it-ebooks.info
http://www.it-ebooks.info/
2 Implementing Enterprise Risk Management
referenced to the earlier writings and practices described by Kloman. However, it is only from around the mid-1990s that the concept of giving a name to manag- ing risks in a holistic way across the many operating silos of an enterprise started to take hold. In the 1990s, terms such as integrated risk management and enterprise- wide risk management were also used. Many thought leaders, for example, those who created ISO 31000,2 believe that the term risk management is all that is needed to describe good risk management; however, many others believe that the latter term is often used to describe risk management at the lower levels of the organiza- tion and does not necessarily capture the concepts of enterprise-level approaches to risk. As a result, the term ERM is used throughout this book.
As ERM continues to evolve there is still much discussion and confusion over exactly what it is and how it should be achieved. It is important to realize that it is still evolving and may take many more years before it is fully codified and practiced in a consistent way. In fact, there is a grave danger now of believing that there is only one way of doing ERM. This is probably a mistake by regula- tors who have too eagerly seized some of these concepts and are trying to impose them when the methods are not fully understood, and in some cases the require- ments are unlikely to produce the desired results. As Fraser and Simkins (2010) noted in their first book on ERM: “While regulatory interest can force ERM into companies, if not done well, it can become another box-ticking exercise that adds little value.”3
The leading and most commonly agreed4 guideline to holistic risk manage- ment is ISO 31000. However, it should be mentioned that in the United States the COSO 2004 Enterprise Risk Management–Integrated Framework has been the dominant framework used to date. Many organizations are currently adopting one or the other of these frameworks and then customizing them to their own context.
WHY THE NEED FOR A BOOK WITH ERM CASE STUDIES? Following the success of the earlier Enterprise Risk Management: Today’s Leading Research and Best Practices for Tomorrow’s Executives by Fraser and Simkins (2010), we found through our own teaching experiences, and by talking to others, that there was an urgent need for a university-level textbook of ERM case studies to help educate executives, risk practitioners, academics, and students alike about the evolving methodology. As a result, Fraser and Simkins, together with Kristina Narvaez, approached many of the leading ERM specialists to write case studies for this book.
Surveys have also shown that there is a dire need for more case studies on ERM (see Fraser, Schoening-Thiessen, and Simkins 2008). Additionally, surveys of risk executives report that business risk is increasing due to new technologies, faster rate of change, increases in regulatory risk, and more (PWC 2014). As Paul Walker of St. John’s University points out in the opening quote of the 2014 American Pro- ductivity & Quality Center (APQC) report on ERM, “Most executives with MBA degrees were not taught ERM. In fact, there are only a few universities that teach ERM. So some business school graduates are strong in finance, marketing, and
www.it-ebooks.info
http://www.it-ebooks.info/
ENTERPRISE RISK MANAGEMENT CASE STUDIES 3
management theory, but they are limited in terms of critical thinking, business acu- men, and risk analysis skills.” Learning Centered Teaching (LCT), as discussed in Chapter 2, is an ideal way to achieve this. Using LCT and the case study approach, students actively participate in the learning process through constructive reflective reasoning, critical thinking and analysis, and discussion of key issues. This is the first book to provide such a broad coverage of case studies on ERM.
The case studies that follow are from some of the leading academics and prac- titioners of enterprise risk management. While many of the cases are about real-life situations, there are also those that, while based on real-life experiences, have had names changed to maintain confidentiality or are composites of several situations. We are deeply indebted to the authors and to the organizations that agreed so kindly to share their stories to help benefit future generations of ERM practition- ers. In addition, we have added several chapters where we feel the fundamentals of these specialized techniques (e.g., VaR) deserve to be understood by ERM stu- dents and practitioners. Each case study provides opportunities for executives, risk practitioners, and students to explore what went well, what could have been done differently, and what lessons are to be learned.
Teachers of ERM will find a wealth of material to use in demonstrating ERM principles to students. These can be used for term papers or class discussions, and the approaches can be contrasted to emphasize different contexts that may require customized approaches. This book introduces the reader to a wide range of con- cepts and techniques for managing risks in a holistic way, by correctly identifying risks and prioritizing the appropriate responses. It offers a broad overview of the various types of ERM techniques, the role of the board of directors, risk tolerances, profiles, workshops, and allocation of resources, while focusing on the principles that determine business success.
Practitioners interested in implementing ERM, enhancing their knowledge on the subject, or wishing to mature their ERM program, will find this book an abso- lute must resource to have. Case studies are one of the best ways to learn more on this topic.
This book is a companion to Enterprise Risk Management: Today’s Leading Research and Best Practices for Tomorrow’s Executives (Fraser and Simkins 2010). Together, these two books can create a curriculum of study for business students and risk practitioners who desire to have a better understanding of the world of enterprise risk management and where it is heading in the future. Boards and senior leadership teams in progressive organizations are now engaging in building ERM into their scenario-planning and decision-making processes. These forward- looking organizations are also integrating ERM into the business-planning pro- cess with resource allocation and investment decisions. At the business unit level, ERM is being used to measure the performance of risk-taking activities of employees.
As these case studies demonstrate, ERM is a continuous improvement process and takes time to evolve. As can be gleaned from these case studies, most firms that have taken the ERM journey started with a basic ERM language, risk identification, and risk-assessment process and then moved down the road to broaden their pro- grams to include risk treatments, monitoring, and reporting processes. The ulti- mate goal of ERM is to have it embedded into the risk culture of the organization and drive the decision-making process to make more sound business decisions.
www.it-ebooks.info
http://www.it-ebooks.info/
4 Implementing Enterprise Risk Management
SUMMARY OF THE BOOK CHAPTERS As mentioned earlier, the purpose of this book is to provide case studies on ERM in order to educate executives, risk practitioners, academics, and students alike about this evolving methodology. To achieve this goal, the book is organized into the following sections:
Part I: Overview and Insights for Teaching ERM Part II: ERM Implementation at Leading Organizations Part III: Linking ERM to Strategy and Strategic Risk Management Part IV: Specialized Aspects of Risk Management Part V: Mini-Cases on ERM and Risk Part VI: Other Case Studies
Brief descriptions of the contributors and the chapters are provided next.
PART I: OVERVIEW AND INSIGHTS FOR TEACHING ERM The first two chapters provide an overview of ERM and guidance on ERM educa- tion. As we have pointed out, education on ERM is crucial and more universities need to offer courses in this area. Our conversations with many ERM educators and consultants highlight how extremely challenging it is to achieve excellence in ERM education.
Chapter 2, “An Innovative Method to Teaching Enterprise Risk Manage- ment: A Learner-Centered Teaching Approach,” offers insights and suggestions on teaching ERM. This chapter covers the concept of flipping the classroom with learner-centered teaching (LCT), distinguishes it from traditional lectures, and describes how it can be used in teaching ERM. The LCT approach emphasizes active student participation and collaboration on in-class activities such as case studies versus the traditional lecture approach. This chapter provides several examples as to how LCT can be applied in teaching ERM, utilizing Fraser and Simkins’ (2010) book. David R. Lange and Betty J. Simkins, both experienced ERM educators, team together to write this chapter. David Lange, DBA, is an Auburn University Montgomery (AUM) Distinguished Research and Teaching Professor of Finance. He has received many prestigious awards for both research and teaching from the University and from several academic associations. He has taught many courses in the area of risk management and has consulted in a significant num- ber of individual and class insurance–related cases in both state and federal court. Betty Simkins, PhD, the Williams Companies Chair of Business and Professor of Finance at Oklahoma State University, is coeditor of this book.
PART II: ERM IMPLEMENTATION AT LEADING ORGANIZATIONS Part II is a collection of ERM case studies that give examples of how ERM was developed and applied in major organizations around the world. Note that there is no perfect ERM case study and the objective is for readers to assess what they believe was successful or not so successful about these ERM programs.
www.it-ebooks.info
http://www.it-ebooks.info/
ENTERPRISE RISK MANAGEMENT CASE STUDIES 5
The first case study in this book describes ERM at Mars, Inc. Larry Warner, who is the former corporate risk manager at Mars, Inc. and now is president of Warner Risk Group, describes the ERM program at the company in Chapter 3. Mars is a global food company and one of the largest privately held corporations in the United States. It has more than 72,000 associates and annual net sales in excess of $33 billion across six business segments—Petcare, Chocolate, Wrigley, Food, Drinks, and Symbioscience. Its brands include Pedigree, Royal Canin, M&M’s, Snickers, Extra, Skittles, Uncle Ben’s, and Flavia. With such complex business oper- ations, Mars recognized the importance of providing its managers with a tool to knowledgably and comfortably take risk in order to achieve its long-term goals. Mars business units use its award-winning process to test their annual operating plan and thereby increase the probability of achieving these objectives.
The case study in Chapter 4 entitled “Value and Risk: ERM in Statoil” was writ- ten by Alf Alviniussen, who is the former Group Treasurer and Senior Vice Pres- ident of Norsk Hydro ASA, Oslo, Norway, and Håkan Jankensgård who holds a PhD in risk management from Lund University, Sweden. Håkan is also a for- mer risk manager of Norsk Hydro. In this case study, the authors discuss ERM at Statoil, one of the top oil and gas companies in the world, located in Norway. In Statoil, understanding and managing risk is today considered a core value of the company, which is written into the corporate directives and widely communicated to employees. ERM is thoroughly embedded in the organization’s work processes, and its risk committee has managed the transition from a “silo”-mentality to pro- moting Statoil’s best interests in areas where risk needs to be considered.
Chapter 5, called “ERM in Practice at University of California Health Systems,” is written by their former Chief Risk Officer (CRO), Grace Crickette, who is now the Senior Vice President and Chief Risk and Compliance Officer of AAA Northern California, Nevada, and Utah. The University of California’s (UC) Health System is comprised of numerous clinical operations, including five medical centers that support the clinical teaching programs for the university’s medical and health sci- ence school and handle more than three million patient visits each year. ERM plays an important role at the UC Health System and assists the organization in assess- ing and responding to all risks (operational, clinical, business, accreditation, and regulatory) that affect the achievement of the strategic and financial objectives of the UC Health System.
The descriptive case study in Chapter 6, written by Dr. Mark Frigo from DePaul University and Hans Læssøe, the Strategic Risk Manager of the LEGO Group, provides a great example of integrating risk management in strategy devel- opment and strategy execution at the LEGO Group, which is based on an initiative started in late 2006 and led by co-author Hans Læssøe. The LEGO methodology is also part of the continuing work of the Strategic Risk Management Lab at DePaul University, which is identifying and developing leading practices in integrating risk management with strategy development and execution.
United Grain Growers (UGG), a conservative 100-year-old Winnipeg, Canada- based grain handler and distributor of farm supplies, was an ERM pioneer. Chap- ter 7 called “Turning the Organizational Pyramid Upside Down: Ten Years of Evo- lution in Enterprise Risk Management at United Grain Growers” analyzes the ERM program at United Grain Growers 15 years later. When UGG announced that it had implemented a new integrated risk-financing program in 1999, it received a great deal of attention in the financial press. CFO magazine hailed the UGG
www.it-ebooks.info
http://www.it-ebooks.info/
6 Implementing Enterprise Risk Management
program as “the deal of the decade.” The Economist characterized it as a “revo- lutionary advance in corporate finance,” and Harvard University created a UGG case study. While most outside attention focused on the direct financial benefits of implementing the program (protection of cash flow, the reduced risk-capital required, and a 20 percent increase in stock price), scant attention was given to the less tangible and therefore less measurable issues of governance, leadership, and corporate culture—the conditions that enabled such innovation. It was a combi- nation of a collaborative leadership open to new ideas, a culture of controlled risk taking, and active risk oversight by the board that produced a strategic approach to UGG’s risk management process. This chapter is written by John Bugalla, who is the principal of ermINSIGHTS.
John Hargreaves has written Chapter 8 titled “Housing Association Case Study of ERM in a Changing Marketplace.” He has a mathematics degree from Cambridge University and six years strategy consultancy experience at KPMG. This case study features four real-life charitable housing associations in England and Wales, each with a different strategy and risk environment. Simple yet prac- tical tools to assist in risk identification and prioritization are also presented. This case study has two main aims. The first is to help develop an understanding of the importance of ERM in a charitable context, showing that modern charities are often very active organizations that face significant risks. Second, the case aims to illustrate the need for a close relationship between risk assessment and strategy development, particularly in sectors where objectives are defined in social as well as economic terms. Each of the four cases has a different perspective and challenges the student or practitioner to identify and assess the risk and develop possible risk treatments for each.
Chapter 9, “Lessons from the Academy: ERM Implementation in the Univer- sity Setting,” was written by Anne E. Lundquist. She is pursuing a PhD in the Educational Leadership program at Western Michigan University with a concen- tration in Higher Education Administration. This chapter explores the unique aspects of the University of Washington’s (UW) risk environment, including how leadership, goal-setting, planning, and decision-making differ from the for-profit sector. The lack of risk management regulatory requirements, combined with cul- tural and environmental differences, helps explain why there are a limited number of fully evolved ERM programs at colleges and universities. The second half of the chapter explores the decision to adopt and implement ERM at UW, including a description of early decisions, a timeline of how the program evolved, a discus- sion of the ERM framework, and examples of some of the tools used in the risk management process. It traces the evolution of the UW program as well as demon- strates decisions that administrators made to tailor ERM to fit the decentralized culture of a university.
The case study in Chapter 10, “Developing Accountability in Risk Manage- ment: The British Columbia Lottery Corporation Case Study,” demonstrates how ERM was successfully implemented in a Canadian public sector organization over a 10-year period. Jacquetta Goy, author of this chapter, was the Senior Manager, Risk Advisory Services at British Columbia Lottery Corporation and was respon- sible for establishing and developing the ERM program. Currently, Jacquetta is the Director of Risk Management at Thompson Rivers University, Canada. This case study focuses on initiation, early development, and sustainment of the ERM
www.it-ebooks.info
http://www.it-ebooks.info/
ENTERPRISE RISK MANAGEMENT CASE STUDIES 7
program, highlighting some of the barriers and enablers that affected implemen- tation. This case study includes a focus on developing risk profiles; the role of risk managers, champions, and committees; and the development of effective risk evaluation tools. The approach to ERM has evolved from informal conversations supported by an external assessment, through a period of high-level corporate focus supported by a dedicated group of champions using voting technology to an embedded approach, where risk assessment is incorporated into both opera- tional practice and planning.
Chapter 11, “Starting from Scratch: The Evolution of ERM at the Workers Com- pensation Fund,” describes the evolution of a formal ERM program at a midsize property casualty insurance carrier. This chapter is authored by Dan Hair, the CRO of the Workers Compensation Fund. In this chapter, the motivations of executive management and the board of directors in taking existing strategic risk manage- ment discussions to a higher level are reviewed. The step-by-step actions taken by the company to develop the ERM program are explained in chronological order. External resources used are also commented upon. The chapter concludes with a discussion of striking an ongoing balance between program rigor, documentation, and business needs.
Chapter 12, “Measuring Performance at Intuit: A Value-Added Component in ERM Programs,” shows how Intuit, maker of Quicken, QuickBooks, and Turbo- Tax, is committed to creating new and easier ways for consumers and businesses to tackle life’s financial chores, giving them more time to live their lives and run their businesses. This case study shows how Intuit, a global company, is exposed to a wide range of customer-related and operational risks. Understand- ing the risk landscape enables Intuit to formulate and execute strategies to address potential pitfalls and opportunities. The author, Janet Nasburg, is Chief Risk Offi- cer at Intuit. Janet is responsible for driving Intuit’s ERM capability, ensuring that the company appropriately balances opportunities and risks to achieve optimal business results. Before Intuit, Janet spent 16 years in various finance roles at Visa, and has more than 30 years of risk management and finance experience.
Chapter 13 describes TD Bank’s ERM program and how it has been developed to reinforce the risk culture and ensure that all stakeholders have a common under- standing of how risks are addressed within the organization. This is achieved by identifying the risks to TD Bank’s business strategy and operations, determining the types of risk it is prepared to take, establishing policies and practices to gov- ern risks, and following an ERM framework to manage those risks. This chapter is co-authored by Paul Cunha and Kristina Narvaez. Paul Cunha is Vice President, Enterprise Risk Management at TD Bank. During his career at TD Bank, he has spent time in risk management, internal audit, retail banking, commercial bank- ing, and corporate and investment banking. Kristina Narvaez is the president and owner of ERM Strategies, LLC, and is co-editor of this book.
PART III: LINKING ERM TO STRATEGY AND STRATEGIC RISK MANAGEMENT Part III of this book demonstrates the link between ERM and strategy in what is now being called strategic risk management (SRM). SRM represents an important evolution in enterprise risk management, shifting from a reactive approach to a
www.it-ebooks.info
http://www.it-ebooks.info/
8 Implementing Enterprise Risk Management
proactive approach in dealing with the large spectrum of risks across the organi- zation. These case studies view their risk-taking activities in a strategic way, not only to protect the organization’s value and assets, but also to be able to capture new value that is in alignment with the strategic goals of the organization.
Zurich Insurance Group, the case study in Chapter 14, demonstrates the link between ERM and strategy. Zurich is a global insurance carrier and is exposed to a wide range of risks. Zurich recognizes that taking the right risks is a necessary part of growing and protecting shareholder value. It is careful not to miss valu- able market opportunities that could attract the best talent and investor capital, but must also balance the growth opportunities with the reality that it is operating in a complex world economy. This chapter is co-authored by Linda Conrad, Director of Strategic Business Risk Management at Zurich and Kristina Narvaez, president and owner of ERM Strategies, LLC and co-editor of this book. Linda leads a global team responsible for delivering tactical solutions to Zurich and to its customers on strategic issues such as business resilience, supply chain risk, ERM, risk culture, and total risk profiling.
Chapter 15, “Embedding ERM into Strategic Planning at the City of Edmon- ton,” is written by Ken Baker, who is their ERM Program Manager. This study examines the process used by the City of Edmonton in Alberta, Canada, to estab- lish its strategic ERM model. After examining several existing frameworks, the City decided on a framework based on the ISO 31000 risk management standard, but customized to suit the City’s needs. During the process, administration had to weigh factors common to any large organization, as well as those specific to governments in general and municipalities in particular. The chronicling of this process may assist those in similar organizations to more successfully implement their own ERM and SRM programs.
Chapter 16 describes a brief history of the evolution of enterprise risk management and describes a new and innovative approach (value mapping) to measuring the potential value by taking risks. This chapter also provides a model for incorporating the ERM process into strategic planning. John Bugalla, Principal of ermINSIGHTS and author of Chapter 7, and James Kallman, a finance professor at St. Edward’s University, co-author this chapter. John’s experience includes 30 years in the risk management profession serving as Managing Director of Marsh & McLennan, Inc., Willis Group, Plc., and Aon Corp., before founding ermINSIGHTS. James teaches courses in finance, statistics, and risk management.
PART IV: SPECIALIZED ASPECTS OF RISK MANAGEMENT Part IV of the book captures unique aspects of ERM so that the reader can learn about the many broad applications, including insights into managing specific types of risk. This part starts with a case study in Chapter 17 of the challenges of risk management within a typical police department. This case is followed by eight additional chapters addressing other intriguing aspects of risk management.
Andrew Graham reveals the complex and challenging aspects of risk manage- ment in Chapter 17, “Developing a Strategic Risk Plan for the Hope City Police Ser- vice.” This fictional case study was developed based on many years of teaching risk management to police forces. The setting is a medium-sized but growing city that
www.it-ebooks.info
http://www.it-ebooks.info/
ENTERPRISE RISK MANAGEMENT CASE STUDIES 9
is facing many issues, including changes in demographics, traffic issues, budgetary challenges, and so on. The student is required to act as a consultant who has been hired by the chief of police to assist him in briefing the Police Services Board and the mayor in understanding the most critical risks to their objective of having a best- in-class police service for their citizens. Andrew Graham researches, teaches, and writes on public-sector management, financial management, integrated risk man- agement, and governance at Queen’s University School of Policy Studies, Canada, as well as a variety of international and Canadian venues. Andrew had an exten- sive career in Canada’s criminal justice system and has taught and worked with police services and police boards and commissioners in a variety of ways for the past 10 years.
Chapter 18, “Blue Wood Chocolates,” is designed to facilitate discussion of the implementation of an ERM framework, corporate governance issues, and com- modity risk management. The situation that this fictional company faces is typi- cal of many midsize companies that have performed satisfactorily in the past but are exposed, often unknowingly, to major potential risks and do not have the internal governance and risk management structures to identify, quantify, and manage such risks adequately. In particular, this case illustrates commodity and foreign currency exposures, and challenges the student to investigate the specifics of hedging such positions. Rick Nason, PhD, CFA, and Stephen McPhie, CA, coau- thored this chapter. Rick is an associate professor of finance at Dalhousie Univer- sity, Canada, and is also a founding partner of RSD Solutions, a risk management consultancy firm. His coauthor, Stephen McPhie, CA, is a partner of RSD Solu- tions Inc. and has also held various positions in the United States, Canada, and the United Kingdom with a major Canadian bank.
Foreign exchange (FX) risk management is one of the greatest financial risks a company faces when expanding globally. Chapter 19, “Kilgore Custom Milling,” illuminates the myriad of issues that arise when hedging FX risk, such as faced by a midsize original equipment manufacturer (OEM) operating in the automobile industry. Kilgore Custom Milling (a fictional company) needs to develop a hedg- ing strategy to manage its foreign exchange risk for a new contract and decide what type of derivatives to use, what size of hedge to implement, and how the com- pany’s financial risk management fits in with its overall ERM process. Rick Nason and Stephen McPhie, coauthors of Chapter 18, team together again to explore the complex and challenging issues that many companies face with FX risk.
ERM is currently of very high interest to companies operating in the Mid- dle East, an area that presents unique challenges for implementation. Alexander Larsen captures this scenario in Chapter 20, “Implementing Risk Management within Middle Eastern Oil and Gas Companies.” This case study is based on real- life examples of Middle Eastern oil and gas companies and captures the challenges of implementing risk management in the Middle East. Alexander Larsen holds a degree in risk management from Glasgow Caledonian University and is a Fellow of the Institute of Risk Management. He has over 10 years of experience across a wide range of sectors, including oil and gas, construction, utilities, finance, and the public sector. Alexander has considerable expertise in training and working with organizations to develop, enhance, and embed their ERM.
Public safety organizations are increasingly adopting sophisticated enterprise governance and risk management techniques as a means of managing their
www.it-ebooks.info
http://www.it-ebooks.info/
10 Implementing Enterprise Risk Management
programs and expenditures. Root cause analysis can provide these agencies with detailed insights into the problems and issues they face, and provide them with the information they need to make informed decisions on risk management. Chapter 21, “The Role of Root Cause Analysis in Public Safety ERM Programs,” explores these issues by presenting six common root cause analysis techniques that are applied in a public safety or law enforcement environment. The chapter author, Andrew Bent, is a practicing risk manager with a large Canadian inte- grated energy company and was previously in charge of ERM for one of Canada’s largest municipal police services.
Chapter 22, “JAA Inc.—A Case Study in Creating Value from Uncertainty: Best Practices in Managing Risk,” provides extensive details about ERM implementa- tion in a fictional international organization and discusses topics including gover- nance structure, the processes, and the various tools used. The case is built on the principles and guidance of ISO 31000 and the implementation guidance created by The Australian and New Zealand Hand Book HB 436. This case emphasizes the roles of the heads of the internal audit function and the risk management func- tion. The three coauthors of this chapter have extensive experience in risk man- agement. Julian du Plessis, Head of Internal Audit at AVBOB Mutual Assurance Society, South Africa, has over eight years of financial sector experience. Arnold Schanfield is a Principal with Schanfield Risk Management Advisors LLC, and is an internal audit and risk professional with diversified industry expertise. Alpaslan Menevse is currently the Risk Officer at Sekerbank T.A.S., which has in excess of 310 branches in Turkey. He has 28 years of experience in information systems, both as an academic and as a practitioner.
A book on ERM case studies is not complete without some coverage of risk management failures. One of the most famous failures involving opera- tional risk is discussed in Chapter 23, “Control Complacency: Rogue Trading at Société Générale.” In January 2008, Société Générale uncovered €49 billion of unauthorized equity positions at its Paris head office, which cost €4.9 billion to unwind. Using an interactive format, this case study analyzes the origins, actors, causes, and consequences of this notorious control breakdown and derives risk management lessons from it in the areas of corporate governance, controls, com- pliance, systems, technology, and reputation risk. The author, Steve Lindo, Princi- pal, SRL Advisory Services, has many years of experience in ERM and provides a thorough and fascinating coverage of this disaster.
Value at risk (VaR) is one of the most widely used techniques to measure financial risks, particularly in the area of investment portfolios. However, it is a technique that has not been fully understood by many risk managers. In Chapter 24, “The Role of VaR in Enterprise Risk Management: Calculating Value at Risk for Portfolios Held by the Vane Mallory Investment Bank,” VaR is described along with its underlying assumptions, advantages, and disadvantages. Several exam- ples for single assets are detailed for both the dollar and percentage VaR estimation methods. The main focus of this case study is a tutorial on calculating VaR for port- folios of assets using the covariance approach utilized in portfolio theory. Allissa A. Lee coauthored this case study with Betty J. Simkins. Allissa is an assistant professor of finance in the College of Business Administration at Georgia South- ern University. She has published several academic articles and also worked in the mortgage industry for MidFirst Bank. Betty, coeditor of this book, is the
www.it-ebooks.info
http://www.it-ebooks.info/
ENTERPRISE RISK MANAGEMENT CASE STUDIES 11
Williams Companies Chair of Business and Professor of Finance at Oklahoma State University.
Chapter 25, “Uses of Efficient Frontier Analysis in Strategic Risk Manage- ment,” covers an advanced analytical technique, efficient frontier analysis (EFA), where complex property and casualty risk profiles are being considered. This chap- ter provides insights into risk portfolio volatility, pricing, and insurance layering efficiency using EFA and is applied to a risk portfolio that presents catastrophic loss potential within the context of strategic risk management. This chapter’s coau- thors are Ward Ching, who is Vice President, Risk Management Operations, at Safeway Inc., and Loren Nickel, who is Regional Director and Actuary, Actuarial and Analytics Practice, at Aon Global Risk Consulting. Both authors have extensive experience in property and casuality risk management and share their expertise in this specialized topic of ERM.
PART V: MINI-CASES ON ERM AND RISK Mini-cases are a very powerful and highly useful resource in teaching ERM and can be easily utilized in short time periods such as a one-hour class segment. This part fills this gap in the education literature on ERM and includes six fictional mini- cases that have been developed by leading risk practitioners who draw from the wealth of their experiences in various applications of risk management.
Chapter 26, “Bim Consultants Inc.,” is based on a real event in which a company was faced with an important strategic acquisition decision. All names and data have been changed for confidentially reasons. The purpose of the case is to illustrate the complexity of making strategic decisions and how greed and ego can cause a firm to change strategy that may put the business at risk. The author, John Fraser, Senior Vice President, Internal Audit, and former Chief Risk Officer of Hydro One Networks Inc., is also coeditor of this book. Fraser is currently an adjunct professor at York University, Canada, and a member of the faculty of the Directors College. He is a recognized authority on ERM and has written extensively on the topic.
Chapter 27, “Nerds Galore,” is based on a fictitious small services company that appears to be on the verge of a major downturn. The focus of the case study is human resources–related risks, and the exercise is to conduct a risk assessment to aid in making the decision on whether to proceed with a major human resources strategy. This case study could be used as the basis for an actual risk workshop sim- ulation with students role-playing various positions on the management team. Rob Quail, the author of this case study, draws on his extensive experience as Director of ERM at Hydro One Networks Inc., and provides an excellent mini-case to illu- minate ERM applications.
Can a company have a successful ERM program that does not involve a key function, such as the legal department? And if not willing to participate, how do you convince this department to commit to ERM? The reader is challenged with tackling this crucial issue in Chapter 28, “The Reluctant General Counsel.” This mini-case is about the implementation of ERM at a software company and illus- trates the challenges faced when the general counsel of the company has reser- vations and is not willing to support the implementation. The author, Norman Marks, CPA, CRMA, has been chief audit executive of major global corporations
www.it-ebooks.info
http://www.it-ebooks.info/
12 Implementing Enterprise Risk Management
for over 20 years, and is highly regarded in the global profession of internal audit- ing. Furthermore, he is a prolific blogger about internal audit, risk management, governance, and compliance.
Chapter 29, “Transforming Risk Management at Akawini Copper,” describes how the approach to managing risk can be transformed and enhanced in a com- pany. The case study is based on a hypothetical mining company, Akawini Copper, that has recently been acquired by an international concern. It draws on the practi- cal concepts of ISO 31000 to show how a weak approach to risk management can be enhanced to be more robust and comprehensive by following a logical framework and transformation plan. The author, Grant Purdy, has worked in risk manage- ment for more than 35 years, across a wide range of industries and in more than 25 countries. Grant is coauthor of the 2004 version of AS/NZS 4360 and also of AS/NZS 5050, a standard for managing disruption-related risk, and has also writ- ten many risk management handbooks and guides.
Richard Leblanc, PhD, who is a governance lawyer, certified management con- sultant, and Associate Professor of Law, Governance, and Ethics at York Univer- sity, draws on his extensive experience in board of director effectiveness when writing Chapter 30, “Alleged Corruption at Chessfield: Corporate Governance and the Risk Oversight Role of the Board of Directors.” Richard has advised regula- tors on corporate governance guidelines, and, as part of his external professional activities, has served as an external board evaluator and governance adviser for many companies, as well as in an expert witness capacity in litigation concerning corporate governance reforms. This case deals with the inner workings of a large organization’s board of directors, including allegations of alleged corruption and self-dealing, and provides the reader with a captivating application of risk man- agement shortcomings in governance and internal controls.
Diana Del Bel Belluz, president and founder of Risk Wise, Inc., draws on her experience in operational risk when writing Chapter 31, “Operational Risk Man- agement Case Study: Bon Boulangerie.” This mini-case provides the opportunity for students to discuss and present their knowledge of operational risk. It describes the challenges and opportunities faced by a fictional bakery business in a small city. The bakery’s owner has decided to expand the business for greater rewards, but in doing so is faced with a number of operational challenges. Additional infor- mation on the steps of operational risk management is available in Chapter 16 in Fraser and Simkins (2010). Diana has many years of consulting experience in ERM, and advances the practice of ERM through her thought leadership as an educator, conference organizer, speaker, and author of ERM resources.
PART VI: OTHER CASE STUDIES Many risk management lessons can be learned from the financial crisis of 2008, and we begin this part with a chapter addressing this topic: Chapter 32, “Con- structive Dialogue and ERM: Lessons from the Financial Crisis.” In this chapter, Tom Stanton eloquently examines the critical distinctive factors between success- ful and unsuccessful firms in the crisis and refers to the presence or absence of these factors as constructive dialogue. Successful firms managed to create produc- tive and constructive tension between those in the firm who wanted to do deals or offer certain financial products and services and those who were responsible for
www.it-ebooks.info
http://www.it-ebooks.info/
ENTERPRISE RISK MANAGEMENT CASE STUDIES 13
limiting risk exposures. Instead of simply deciding to do a deal or not, successful firms considered ways to hedge risks or otherwise reduce exposure from doing the deal. Thomas H. Stanton is a Fellow of the Center for Advanced Governmen- tal Studies at Johns Hopkins University, a director of the Association of Federal Enterprise Risk Management, a former director of the National Academy of Public Administration, and a former member of the federal Senior Executive Service.
An important objective in this book is to provide global coverage about ERM by including insightful applications in various countries. Poland, after the transi- tion into the free market economy in 1989, became open to knowledge and transfer of the best practices from around the world. Chapter 33, “Challenges and Obstacles of ERM Implementation in Poland,” draws on years of research, both formal and informal, and documents the country’s first approaches to ERM implementation. The successes, challenges, and weaknesses are described and provide a valuable lesson for other countries, regions, or even organizations in how they might go about implementing ERM. Two experts on ERM implementation in Poland teamed together to write this chapter. Zbigniew Krysiak, PhD, is an associate professor of finance at the Warsaw School of Economics in Poland. He is the author or coau- thor of more than 100 publications, intended both for practitioners and for the aca- demic community, concerning finance, risk management, financial engineering, and banking. His coauthor, Sl̄awomir Pijanowski, PhD, is president of the POL- RISK Risk Management Association in Poland, where he is responsible for devel- opment of good risk management practices for the Polish market. He is coauthor of the Polish book titled Risk Management for Sustainable Business published by the Polish Ministry of the Economy and has many other accomplishments in the area of risk management.
Chapter 34 entitled “Turning Crisis into Opportunity: Building an ERM Pro- gram at General Motors” was written by leaders of ERM at GM—Marc Robinson, Lisa Smith, and Brian Thelen. This case study chronicles the ground-up implemen- tation of ERM at General Motors Company (GM), starting in 2010 after it emerged from bankruptcy. While GM recognizes that its ERM is a work in progress, there have been important successes both in improving the management of risk and making better business decisions. Critical to these successes has been a clear strate- gic vision on adding value for the business leaders that are the true risk owners, unique decision tools such as game theory, and a continuous improvement mind- set, including robust lessons learned. The study describes the lessons learned dur- ing implementation and some of the unique approaches, tools, and techniques that GM has employed. Examples of senior management reporting are also included.
The last case study in the book is also extremely insightful because it provides an excellent example of an ERM application at a company in Asia. The authors demonstrate in Chapter 35 how Astro, a Malaysia-based media company, uses ERM to grow through international acquisitions, and how it implements enter- prise risk management not only to ensure sound risk management by its foreign subsidiaries and joint ventures, but also to make better risk/return decisions on its portfolio of direct investments. Both authors are authorities on ERM imple- mentation globally. Ghislain Giroux Dufort is President of Baldwin Risk Strate- gies Inc., a consulting firm advising boards of directors and management teams on risk governance and ERM and has over 25 years of experience. Patrick Adam Kanagaratnam Abdullah is the Vice President of ERM for Astro Overseas Limited
www.it-ebooks.info
http://www.it-ebooks.info/
14 Implementing Enterprise Risk Management
(AOL), Malaysia. He specializes in the implementation of ERM practices across AOL’s investments and has over 21 years of experience in various areas of risk management.
CONCLUSION As outlined above, the case studies and specialized topic chapters in this book present an impressive coverage of new information on enterprise risk manage- ment, and all chapters are written by leading ERM experts globally. To our knowledge, this is the first book to be published that provides such comprehensive coverage of ERM case studies. We hope you find this book a valuable resource in your education and/or implementation of ERM. We welcome your comments and suggestions. Answers to the end-of-chapter questions and detailed teaching notes to most cases are available to instructors at www.wiley.com.
NOTES 1. See the 2014 American Productivity & Quality Center Report. 2. ISO 31000 was issued by the International Standards Organization in 2009. For a descrip-
tion refer to Chapter 7 of Fraser/Simkins by John Shortreed. 3. Fraser/Simkins, 15. 4. ISO 31000 has been agreed to by about 25 major countries of the international community
as the guideline for risk management.
REFERENCES American Productivity & Quality Center (APQC). 2014. APQC Report. www.apqc.org/. Fraser, John, and Betty J. Simkins, eds. 2010. Enterprise Risk Management: Today’s Leading
Research and Best Practices for Tomorrow’s Executives. Hoboken, NJ: John Wiley & Sons. Fraser, John, Karen Schoening-Thiessen, and Betty J. Simkins. 2008. “Who Reads What Most
Often? A Survey of Enterprise Risk Management Literature Read by Risk Executives.” Journal of Applied Finance 18:1 (Spring/Summer).
PWC (PricewaterhouseCoopers). 2014. Risk in Review: Re-Evaluating How Your Company Addresses Risk. www.pwc.com/us/en/risk-assurance-services/publications/risk-in- review-transformation-management.jhtml.
ABOUT THE EDITORS John R.S. Fraser is the Senior Vice-President, Internal Audit, and former Chief Risk Officer of Hydro One Networks Inc., Canada, one of North America’s largest elec- tricity transmission and distribution companies. He is a Fellow of the Institute of Chartered Accountants of Ontario, a Fellow of the Association of Chartered Cer- tified Accountants (U.K.), a Certified Internal Auditor, and a Certified Informa- tion Systems Auditor. He has over 30 years of experience in the risk and control field mostly in the financial services sector, including areas such as finance, fraud, derivatives, safety, environmental, computers, and operations. He is a member of the Faculty at the Directors College for the Strategic Risk Oversight Program, and has developed and teaches a master’s degree course entitled Enterprise Risk
www.it-ebooks.info
http://www.wiley.com
http://www.apqc.org/
http://www.pwc.com/us/en/risk-assurance-services/publications/risk-in-review-transformation-management.jhtml
http://www.pwc.com/us/en/risk-assurance-services/publications/risk-in-review-transformation-management.jhtml
http://www.pwc.com/us/en/risk-assurance-services/publications/risk-in-review-transformation-management.jhtml
http://www.it-ebooks.info/
ENTERPRISE RISK MANAGEMENT CASE STUDIES 15
Management in the Masters in Financial Accountability Program at York Univer- sity where he is an adjunct professor. He is a recognized authority on enterprise risk management and has co-authored several academic papers on ERM. He is co- editor of a best-selling university textbook released in 2010, Enterprise Risk Man- agement: Today’s Leading Research and Best Practices for Tomorrow’s Executives.
Betty J. Simkins, PhD, is Williams Companies Chair of Business and Professor of Finance at Oklahoma State University. Betty received her PhD from Case Western Reserve University. She has had more than 50 publications in academic finance journals. She has won awards for her teaching, research, and outreach, including the top awards at Oklahoma States University: Regents Distinguished Research Award and Outreach Excellence Award. Her primary areas of research are risk management, energy finance, and corporate governance. Betty serves on the edi- torial boards of nine academic journals, including the Journal of Banking and Finance; is past coeditor of the Journal of Applied Finance; and is past president of the East- ern Finance Association. She also serves on the Executive Advisory Committee of the Conference Board of Canada’s Strategic Risk Council. In addition to this book, she has published two others: Energy Finance and Economics: Analysis and Valuation, Risk Management and the Future of Energy and Enterprise Risk Management: Today’s Leading Research and Best Practices for Tomorrow’s Executives (co-edited with John Fraser). Prior to entering academia, she worked in the corporate world for Cono- coPhillips and Williams Companies. She conducts executive education courses for companies globally.
Kristina Narvaez is the president and owner of ERM Strategies, LLC (www.erm- strategies.com), which offers ERM research and training to organizations on vari- ous ERM-related topics. She graduated from the University of Utah in environmen- tal risk management and then received her MBA from Westminster College. She is a two-time Spencer Education Foundation Graduate Scholar from the Risk and Insurance Management Society and has published more than 25 articles relating to enterprise risk management and board risk governance. She has given many presentations to various risk management associations on topics of ERM. She is an adjunct professor at Brigham Young University, teaching a business strategy course for undergraduates.
www.it-ebooks.info
http://www.erm-strategies.com
http://www.erm-strategies.com
http://www.it-ebooks.info/
www.it-ebooks.info
http://www.it-ebooks.info/
PART I
Overview and Insights for Teaching ERM
www.it-ebooks.info
http://www.it-ebooks.info/
www.it-ebooks.info
http://www.it-ebooks.info/
CHAPTER 2
An Innovative Method to Teaching Enterprise Risk Management A Learner-Centered Teaching Approach
DAVID R. LANGE Distinguished Research and Teaching Professor of Finance, Auburn University Montgomery
BETTY J. SIMKINS Williams Companies Chair of Business and Professor of Finance, Oklahoma State University
Learner-centered teaching (LCT), commonly referred to as “flipping the class-room” (Shibley and Wilson 2012), is an alternative to the traditional teacherlecture (TL). With LCT, students actively participate in the pedagogical pro- cess and take increased responsibility for learning through constructive reflective reasoning. Where with TL content is covered, content in LCT is used as a “means to learning” (Weimer 2002). LCT is ideally suited for content provided in lists, tables, charts, and exhibits, and particularly so if these are in the form of topic overviews, flowcharts, or summaries. The case method espouses similar student- engaged learning processes by promoting critical thinking and analysis, creating discussion of conflicting issues and requiring a decision (Bean 2011). LCT ampli- fies and broadens student learning from cases. Hence, the case studies in this book are ideal for teaching enterprise risk management (ERM) using LCT.
The chapter is presented in three sections. The first section clarifies the concept of flipping the classroom with LCT, distinguishing LCT from a TL, and why the growing LCT movement should be joined. The second section considers the what, Weimer’s (2002) Learner Centered Teaching “Five Key Changes to Practice,” a definitive paradigm for changing pedagogy to LCT from a TL. A final section, the appendix, provides examples of how, using content to utilize LCT in an enterprise risk management (ERM) course at Auburn University Montgomery. The examples are from Enterprise Risk Management: Today’s Leading Research and Best Practices for Tomorrow’s Executives (Fraser and Simkins 2010), which opportunely provides ERM content in the supporting formats. The LCT examples are provided in
19
www.it-ebooks.info
http://www.it-ebooks.info/
20 Implementing Enterprise Risk Management
Exhibit 2.1 TL versus LCT
Bloom (1956) Anderson and Krathwohl (2001) Expanded
� Knowledge � Comprehension � Application � Analysis � Evaluation � Synthesis
� Remember: Recognize, recall � Understand: Interpret, explain � Apply: Calculate, solve � Analyze: Distinguish, relate � Evaluate: Critique, test � Create: Hypothesize, devise
� Memorize, recollect, retain � Comprehend, realize, apprehend � Compute, estimate, determine � Examine, explore, study, associate � Assess, appraise, review, comment � Speculate, theorize, postulate, offer,
imagine, assume, suggest
contrast to TL approaches, and include learning notes expanding the how of examples.
LEARNER-CENTERED TEACHING: THE WHY Flipping the classroom refers to Bloom’s Cognitive Learning Taxonomy (1956), a commonly accepted identification of levels of learning (Anderson and Krathwohl 2001; Bean 2011; Shibley and Wilson 2012), and thus an easily identifiable model with which to distinguish LCT from TL. Exhibit 2.1 has inverted Bloom’s taxon- omy to illustrate flipping the classroom. In a TL, the teacher normally progresses through the taxonomy starting with imparting knowledge:
� Knowledge: covering content with PowerPoint presentations, lecturers, and so on
� Comprehension: offering alternative descriptions and definitions, followed by a question of “What does this mean in your own words?”
� Application: solving problems step-by-step, demonstrating necessary calcu- lations, and solving homework problems replicating calculations
� Analysis: comparing and explaining results from different problems � Evaluation: questioning validity of assumptions, processes, and textbook
sections on weaknesses in the model � Synthesis: concluding with summaries and overviews
We may recognize the TL approach from our own experience or through class- room observation of peers.
To further illustrate the levels of learning, Anderson and Krathwohl’s (2001) revision of Bloom’s taxonomy is included in the center column of Exhibit 2.1. The third column contains an expanded list of active learning for additional clarification.
Learner-Centered Teaching
In LCT, content is used as a means to learning (Weimer 2002). Envision a learning process in which students compute a financial problem, examine different points of view, review and comment on an article, or postulate explanations for survey
www.it-ebooks.info
http://www.it-ebooks.info/
AN INNOVATIVE METHOD TO TEACHING ENTERPRISE RISK MANAGEMENT 21
results. The knowledge (content) is discovered and used by the students in the learning process. Content in LCT is used as a means to learning (Weimer 2002), not presented and covered as in the context of a TL. In effect, as the examples will demonstrate, LCT enters Bloom’s Cognitive Learning Taxonomy through the higher levels of application, analysis, evaluation, and synthesis.
Why LCT?
A primary explanation for education moving toward LCT is based on learning research that supports “more active, inductive instruction” (Smart, Witt, and Scott 2012). Increased student engagement, strengthened team-based skills, personal- ized student guidance, focused classroom discussion, and faculty freedom are sev- eral benefits of the growing LCT pedagogical adoption (Millard 2012). In a review of pedagogical literature with courses adopting LCT, Wright (2011, p. 96) found college teachers believe “a more effective learning environment” was provided, and “students tended to respond positively.” A smaller study by Wohlfarth et al. (2008) acknowledged the need for further research and offered strong qualitative student support of LCT’s importance in assisting learning.
There are several other reasons why LCT should be adopted. In a paper apply- ing 29 components to benchmark the degree of LCT implementation, Blumberg and Pontiggia (2011) note the importance of LCT in their institutions’ faculty devel- opment workshops, the implications for assessments and accreditation, and poten- tial student admission promotional material. Yang (2010, p. 80) offers a globaliza- tion justification to adopt LCT, the need to “encourage students to actively partici- pate in the discussion, and the need for students to fully express their views,” even if it is counter to student cultural behavior.
Poor teaching experience with the TL is another supporting reason for LCT. The prepared TL covering knowledge, with students attempting to retain and simultaneously comprehend key points, may appear more as a sermon, speech, homily, or oration. Instructors, from their own experience or through classroom observation of peers, may relate to the “picture of somewhat lifeless students sit- ting passively in classrooms, with glazed eyes, some struggling to stay awake in dimmed classrooms as an instructor shared key concepts . . . using slides” (Smart, Witt, and Scott 2012, p. 393).
The educational goal is to engage students to become active versus passive learners by promoting critical thinking and “emphasizing inquiry” (Bean 2011, p. 38). LCT’s flipped classrooms focus on critique, assess, hypothesize, and speculate, the higher levels of Bloom’s Cognitive Learning Taxonomy. The base levels of knowl- edge and understanding may be assigned before class (Shibley and Wilson 2012).
FIVE KEY CHANGES TO PRACTICE THE WHAT Weimer’s Learner Centered Teaching (2002) “Five Key Changes to Practice” is a definitive paradigm for changing pedagogy to LCT. This section describes each of these “Five Key Changes to Practice,” which are:
1. The Balance of Power 2. The Function of Content
www.it-ebooks.info
http://www.it-ebooks.info/
22 Implementing Enterprise Risk Management
3. The Role of the Teacher 4. The Responsibility for Learning 5. Evaluation Purpose and Process
Consideration of the five steps with each of the LCT ERM examples paradoxi- cally resembles the TL approach. Therefore, instructors are encouraged to appraise their current pedagogy and associate the respective LCT changes to practice with their course. To assist your movement to LCT, Weimer’s (2002) Part Two, “Imple- menting the Learner-Centered Approach,” includes discussions of responding to resistance from students and faculty, taking a developmental approach in convert- ing students from passive to active learners, and making LCT work based on prin- ciples of successful instructional improvement. Appendixes in Weimer (2002) offer suggestions for the syllabus and learning log (Appendix A), handouts for devel- oping learning skills (B), and a recommended reading list (C). Blumberg (2009) provides an extensive step-by-step guide to adopting LCT.
The Balance of Power
The LCT classroom is more democratic than the TL, where sequencing, con- tent, and information flow are one-way: professor to student. With LCT, stu- dents actively participate in the learning process and are likely to alter its direc- tion by connecting to prior tangential or experiential knowledge. Generally, the teacher retains the responsibility for selecting the course content, learning goals, and itinerary, though even these may include student input. Regardless, with LCT, the learning path taken, the direction of course discussion, and practical exam- ples are at the very least influenced, and more likely chosen, by the student; thus “power is shared” (Weimer 2002).
LCT often includes case studies, small group discussions or assignments, and/or designating a student to be a group discussion leader on a rotating basis. Power sharing is not easy for teachers accustomed to a TL approach. But LCT power sharing has several benefits. Students are more active, engaged, interested, and motivated, and less passive and disconnected (Weimer 2002, p. 31). It is easier for a student to hide in a class of 30, 50, or 100 than in a group of five students. It should be noted that the student discussion leader is equally asked to “share the power,” and there are potential “tough spots for running a risk management workshop”—nonparticipation and dominators (Fraser and Simkins 2010, p. 169).
The Function of Content
With LCT, content is used in the learning process, not covered in the context of the TL. This does not infer that the content, base knowledge, is not covered. It sim- ply means that students do not first memorize the base knowledge for later recall. Instead, students constructively examine, explore, review, and assess content. It is extremely interesting to see students strongly arguing for the most important step in an ERM process even when there may not actually be a hierarchy. Creating and defending an argument for the most important step, what risk stands out, or what is the most challenging step requires a cognitive reasoning process and a subtle incorporation of base knowledge and linkage to previously learned material—the
www.it-ebooks.info
http://www.it-ebooks.info/
AN INNOVATIVE METHOD TO TEACHING ENTERPRISE RISK MANAGEMENT 23
LCT version of content coverage. With LCT, the content learning process “develops learning skills” and “promotes self-awareness of learning,” and students “experi- ence it firsthand” (Weimer 2002, p. 51–52).
The amount of content covered is a possible concern for those more inclined toward a TL. However, contrary to expectations, experience suggests that more content is covered, not less, as students explore and assess content versus memorization.
As shown in the Appendix, Example #10, Chapter 18: “Managing Financial Risk,” is a good illustration of more coverage. The TL approach gives an example of the trade-offs, costs, and benefits of hedging with futures contracts, often start- ing with a simple natural hedge. Here, the student records the respective payoffs to long and short positions when prices change. Students memorize the transactions and expect to replicate the steps with different numbers, and maybe even a dif- ferent futures contract for a challenging TL course. With LCT, students first view a short video about futures markets (www.cmegroup.com/), and then review the listing of available futures contracts, selected quotes, and specifications. LCT sce- narios in which futures contracts could be applied quite often begin with weather futures, as students’ curiosity is awakened when they imagine rain, snow, and tor- nadoes, not the TL farmer and cereal producer with corn futures. With LCT, stu- dents first suggest, appraise, and associate scenarios with futures contracts, and then calculate payoffs given the contract specifications. As noted previously, the LCT teacher needs to be prepared to assist with any futures calculation.
A second example in the Appendix of expanded content is Example #13, Chapter 23: “Academic Research on Enterprise Risk Management.” In a TL course, students would memorize the articles and the findings of each, with the goal of restating the findings on an exam. With LCT, critiquing, appraising, and theorizing often lead to discussions of hypotheses. For example, why is there an expected rela- tionship between ERM and “organizational slack” or “asset opacity” (Fraser and Simkins 2010, p. 426)? This level of hypothetical discussion is considerably beyond “Who found what?”
The Role of the Teacher
Perhaps the most difficult change in moving to LCT for a teacher accustomed to the TL is that lectures are replaced with individual student learning, small group discussions, or other group activities. The teacher’s role is that of a moderator, tour guide, and/or facilitator of learning. This role is a necessary part of LCT, not an option; the teacher “must move aside, often and regularly” (Weimer 2002, p. 74).
Serving as guide extends to after groups (or individuals) report their sugges- tions, hypotheses, comments, explorations, or computations. It is very tempting to return to the TL, the “sage on the stage,” with corrections, conclusions, or examples. A moderator or facilitator would ask: Was your group in agreement? What issues did you differ on? What do you believe is the lesson here, the point to be learned? Does anyone else have a different solution or computation?
Granted, the teacher’s workload may be more, not less. We often prepare, or receive with the textbook, a series of very structured lecture slides, “talking PowerPoints,” demonstrating what and how much we know about the topic. Our thorough, insightful, wise lecture is interrupted only by the proverbial
www.it-ebooks.info
http://www.cmegroup.com/
http://www.it-ebooks.info/
24 Implementing Enterprise Risk Management
unanswered inquiries of: Does anyone have any questions? Is this clear? Do you understand?
It is quite another task to be able to guide constructive explorative reasoning and learning. It is not that LCT is without structure; it is that the LCT learning struc- ture is flexible, fluctuating, adjustable, and often unpredictable. Weimer (2002, pp. 83–91) offers the following seven principles:
1. Teachers do learning tasks less. 2. Teachers do less telling; students do more discovering. 3. Teachers do more design work. 4. Faculty do more modeling. 5. Faculty do more to get students learning from and with each other. 6. Faculty work to create climates for learning. 7. Faculty do more with feedback.
The “Useful Facilitation Tips” for running a risk management workshop (Fraser and Simkins 2010, p. 169) may serve a dual purpose as student content and LCT advice:
� Inquire. Ask open-ended questions, such as “Why?” Ask participants to speak not just on behalf of themselves but about what they think others might be thinking. Ask for the contrary view: “What are some of the argu- ments against this?” Ask for evidence: “How do you know?”
� Restate. Summarize or paraphrase what you have just heard. Summarize the key points and then ask someone to add to them or comment on them or contradict them.
� Provoke. State extreme views that you might have heard or imagined on the subject under discussion. Encourage healthy debate.