How Boards Can Effectively Oversee Enterprise Risk Management

Inside Americas Boardrooms
Overseeing risk is one of the board's foundational duties. However, experts question whether this duty has gotten so complex-particularly with the introduction of cyber risk-that it's nearly impossible for boards to wrap their arms around the task of overseeing enterprise risk management (ERM).

[blockquote]There's no way that a board can feel comfortable with a company's strategy without having a serious dialogue about risk.[/blockquote]

In this episode, Herbalife board member Michael Montelongo outlines a risk oversight roadmap for corporate boards. Acknowledging that every company has a different risk profile, Montelongo explains how an effective ERM process operates as both an internal safeguard and a shareholder engagement tool. An ERM framework (like the one from COSO) is not only a great starting point for board discussion, but it reassures investors that the company's risk taking is being systematically analyzed and rigorously managed.

What Board Committee (if Any) Should Own Enterprise Risk Management?

While the audit committee is functionally equipped to assess risk, Montelongo warns of the dangers to siloing enterprise risk management-a responsibility that the whole board should be managing. Kerstetter and Montelongo outline key considerations regarding the delegation of ERM. Ultimately, the company's risk profile must determine how that responsibility should be assigned, whether as its own committee, within an existing committee, or as a function of the whole board.

How Can Boards Begin to Lay the Framework for an ERM Program?

According to Montelongo, directors must begin by engaging with management on the current ERM process. He outlines several questions, including:

  • Does the company have a risk management vision, along with goals and objectives?
  • Is there a GAAP analysis that's being performed with current and desired risk management capabilities?
  • Is there an on-going and structured process to update a company's risk profile / appetite / tolerances as new changes enter the marketplace?
  • How effectively are these changes communicated to internal and external stakeholders?
Background image
Turn ESG Promises Into Progress
Lead the way on ESG with streamlined data collection, predictive modeling, specialized dashboards and auditable reports.
Related Insights

The Rising Tide of ESG – Navigating the Road Ahead

video

The Board's Role in Leading and Enabling GRC

Article

Board and Executive Collaboration: Components of a Secure Platform for the Evolving Workplace

White Paper