A short list of questions that every board member and senior manager should be able to answer.
Brett Friedman and Tim Essaye are consultants at Risk Capital, a risk management consultancy based in New York.
“We pursue a disciplined approach to risk management" says the CEO of a major utility during the company's earnings call with analysts and investors. In this era of increased scrutiny over corporate governance, how can senior management and the board be certain that this statement is accurate, and where does the discipline begin?
Senior managers and board members cannot be expected to know every detail of risk management, but by asking a handful of questions, they should gain a comfortable understanding of the firm's risk-management strategy and control structure.
Asking the following questions of the risk management staff sends a clear signal to the organization that risk management discipline is not something to be delegated to the "financial guys," but is a high-level priority.
1. How do we decide how much risk is the right amount of risk?
Defining the appropriate risk tolerance for a utility is a difficult business. Different stakeholders have different tolerance for risk. For example, debt holders want less risk than equity holders. Risk tolerance is also a function of profitability: We are willing to take more risk when we are very profitable.