ERM in the Energy Industry

A recent study by the Center for Excellence in ERM at St. John's University shows the state of ERM in one industry—energy. The study highlights the top risks in the industry and the ERM practices.

The good news:
- 73% have a formal ERM initiative or process, and
- 88% have risk maps.

The not-so-good news:
- 48% have been surprised by a risk event
- 38% have no clear risk accountability
- 56% do not know when to do a deep dive
- 52% do not look at the upside or opportunities
- 49% do not look at risks in an integrated approach
- 38% do not timely take risk information to the board.

How to Incorporate ERM into Innovation

The recent report on innovation and risk shows that ERM executives believe ERM is a missing piece of the innovation process. Some of the keys are:

  • Incorporating ERM into the innovation process
  • Requiring risk acumen
  • Risk-adjusting the analysis, and 
  • Doing risk post-mortems.

These keys are designed to counter the risk of bias by various members, force the risk conversation at every stage (rather than after the new innovation is launched), identify and understand all risks with the innovation (not just the financial related risk), get consistent performance, and change the thinking from a certain number to the real value associated with the innovation. One CFO even argued that financial numbers are the last thing to consider. 

The real success? "If you know the real risks, you can innovate more," according to one Fortune 50 company executive.

 

 

Insights on Risk in a Disruptive Age

The Center for Excellence in ERM at St. John's University and the ACCA co-hosted an Oct 13th event on risk and disruption.

St. John's alumni Henry Ristuccia (Global leader of Deloitte’s Governance, Risk Management and Compliance practice as well as a financial services industry senior client service partner) delivered the keynote and was joined on a panel by Lee Marks (SVP of ERM at First Data) and Michael Lynn (Vice Chair of the IIA's Global IT Guidance Committee).

The Original COSO ERM Background

Around the year 2000, we were asked by COSO to determine if they should write an ERM framework. Students, educators, and others with ERM curiosity might find our original report of some interest. Our answer was, "Yes. Write an ERM framework."

Back then we thought an ERM framework should address:

  • Risk identification and establishing a risk language
  • Measurement and prioritization of risks
  • Business risk solutions, and
  • Risk infrastructure.

Despite the fact that a lot has changed in the world, this framework is still a good starting point.

 

 

How to Flip Risk into Potential New Revenue: One Lesson from Grad Students in Silicon Alley.

1. Know the business model.
Really know the business model. Spend time discussing, evaluating, and applying strategic risk tools to understand and score the business model. One key strategic risk is the health of the business model.

2. Write the business epitaph.
Ponder the death risk combination of trends and disruption that could take out or severely impact the business in the future.

3. Using the insights from #1 and #2, confront the upside risk and opportunity. 
Learn how to generate new revenue opportunities using new business models (a strategic risk tool). Map the ideas to help see feasibility or identify early wins. 

Students at St. John's mapped out their approach to a Fortune 100 company.

Students at St. John's mapped out their approach to a Fortune 100 company.

APPLICATION:
Graduate Enterprise Risk Management (ERM) students at St. John's University Tobin College of Business applied the approach above to a Fortune 100 company. The students also mapped the ideas (see left). As the photo shows, these millennials thought there was tremendous upside opportunity—untapped revenue. 

 

 




This exercise was part of a class assignment. St. John's University is one of a few schools that offer both an MS ERM and a MBA in ERM. Sitting in what some call Silicon Alley, St. John's shares the same building with IBM's Watson.

Three Big Ideas About the Innovation and ERM Link

Innovation and disruption are coming to many organizations. For some, it is already upon them. For others, it is moving so quickly that leaders either do not see it or they misunderstand it. New research by the Center for Excellence in ERM at St John's University highlights three big ideas.

#1 — Companies must learn to see the waves of disruption coming at them.
Interpreting what is noise versus a signal is critical. The sooner the better. It is critical to link the detected signal to the current business model, risks, and strategic plans. As others have noted, continuing to believe the same things over and over can have serious negative consequences. Challenge the traditional thinking at your organization. 

#2 — Organizations need to create their own innovation waves to keep up or disrupt others.
Innovation is a response to strategic risk. If the innovation person/team is not talking to the team that is watching for the waves of disruption coming, then a serious disconnect exists.

#3 — Organizations must identify the risk in new innovations.
If you know the real risks and the related dimensions, the chances of success increase and more innovation can be done. Not understanding the related risks seems foolish in today's environment. 

 

 

 

Next