Public Utilities Reports

PUR Guide 2012 Fully Updated Version

Available NOW!
PUR Guide

This comprehensive self-study certification course is designed to teach the novice or pro everything they need to understand and succeed in every phase of the public utilities business.

Order Now

Beyond Sarbanes-Oxley

Energy Trading & Risk Management: How to evaluate risk and improve decision-making capabilities.

Fortnightly Magazine - October 2005

would benefit from a dialogue around how capable they want the entity's risk management to be with respect to each of its priority risks. The capability maturity model provides a scale for evaluating the maturity of an organization's risk-management capabilities. The model provides five states for rating the maturity or capability of any process ranging from "initial" to "optimizing."

The capability maturity model is a powerful tool for evaluating sustainability. Using this model, management rates the enterprise's capabilities in key risk areas, identifies gaps based on the level of capability desired in specific areas, and shifts the dialogue on operating metrics to incorporate appropriate emphasis on process maturity. The ERM infrastructure ensures that the rating process is fact-based and conducted with integrity by the participating risk owners.

The model provides a valuable framework for facilitating substantive dialogue among directors, management and others regarding the capability of the organization's processes as compared with the critical risk areas identified in their risk assessments. Armed with this tool, boards and management are able to satisfy themselves that risk management improvements are directed to the areas of greatest concern and exposure. The focus is then directed to implementing those improvements according to management's plan over time. Again, the ERM infrastructure provides oversight to ensure that improvements are on schedule.

Improving Risk Management Capabilities

Companies evolving toward ERM should keep in mind that it is a journey, not a destination. ERM can potentially represent a sea change in organizational attitude and behavior. As with any significant change, the adoption of ERM is fundamentally a process of building awareness, developing buy-in and ultimately driving the acceptance of ownership throughout the organization. Change enablement is, therefore, a significant aspect of an ERM initiative because everyone's perspective about risk varies.

To help ensure success, keep the following in mind when implementing ERM:

  • Develop a compelling business case linking the ERM agenda to real priority business needs, garner support from the top, and manage progress against milestones over time.
  • Obtain agreement on risk management objectives and the necessary ERM infrastructure, consider relevant cultural issues, and focus on enterprise-wide application. n Implement an effective enterprise-wide risk assessment process early.
  • Clarify process ownership issues: Who decides, who designs, who builds, and who monitors?
  • Integrate risk management with the business planning process.
  • Don't forget the true purpose of ERM infrastructure-be sure to define the future goal state of the capabilities around managing the critical risks and contrast it with the current state.
  • Use the COSO ERM components as a framework against which to benchmark ERM requirements.

Properly implemented, ERM can help organizations pursue strategic growth opportunities with greater speed, skill, and confidence. Opportunity-seeking behavior is invigorated if managers have the confidence that: (1) they understand the risks they are taking on; and (2) the organization's risk taking is aligned with its core competencies and risk appetite. Markets will differentiate competing organizations by the quality and extent-real or perceived-of their risk-management capabilities.