How to develop a Corporate Governance process
January 2008 and written by Geoff Rodrigues, CA, ORMP of Horwath Orenstein - Many companies understand that having a robust corporate governance process will make it easier for them to identify operational risks and anticipate barriers to reaching organizational goals. They are less sure, however, of how to develop such a process. Here are some recommendations to keep in mind:
Establish a conceptual framework
The best starting point for a comprehensive corporate governance process involves developing a conceptual framework that will identify the full range of risks within the organization. If a company has an immediate issue in a specific area – such as Human Resources – it can address it immediately. But before devoting too many resources – people, capital or technology – to any particular area, the company should develop an overview that highlights the most significant risks and allocates resources accordingly. This process, which requires a team effort, will provide the added benefit of rallying the workforce around a common goal.
Communicate throughout the organization using consistent terminology
It is important to facilitate communication horizontally across functions, divisions and business units, as well as vertically among management levels. When communication is ineffective and roles are unclear, the risk management framework is either not sustainable or is inefficient. A sample inefficiency as a result of lack of communication is duplication of tasks and efforts. Also to ensure appropriate Disclosure Controls and Procedures are being followed, a common language is important for communicating consistently to both internal and external audiences to ensure the same message is delivered, thereby preventing misinterpretation of information.
Adopt a process view
It’s important to avoid thinking in narrow, departmental or functional silos. Let’s take Customer Relations Management as an example. Employees involved in back-office functions like production or billing may not see how their work touches the customer and may ignore monitoring. In other departments, there may be overzealous monitoring, with excessive customer surveying. It’s important to appoint an overall process owner to accept responsibility for managing risks of a given process and to create a balanced monitoring effort.
Balance control with empowerment
Regardless of the framework developed, managers and employees must believe they can contribute to managing risk rather than merely feeling inhibited by additional rules and structures. Therefore, in order to have buy-in from all the ranks, appoint managers and employees with responsibilities and empower them to make decisions. There must also be a clear understanding though that with responsibility comes accountability.
Move to Operational Risk Management
Operational Risk Management (ORM) is a key strategy for improving the quality and relevance of information reaching executive decision-makers, thereby leading to improved corporate governance and company performance. In addition, a more integrated approach to risk management will allow companies to anticipate unexpected events early, deploy resources to address the most critical risks and manage those risks effectively. While Enterprise Risk Management (ERM) deals with setting the organizational strategies and practices to be followed, ORM systematizes them and puts risk on everyone’s’ desk. ORM deals with the activities and measures in place for every employee to ensure that corporate objectives are being achieved. This is achieved by aligning the people, processes, and systems towards a common goal and taking a holistic view of the organization. It deals with linking the activities of personnel to the strategies set by senior management.
January 2008 and written by Geoff Rodrigues, CA, ORMP of Horwath Orenstein - Many companies understand that having a robust corporate governance process will make it easier for them to identify operational risks and anticipate barriers to reaching organizational goals. They are less sure, however, of how to develop such a process. Here are some recommendations to keep in mind:
Establish a conceptual framework
The best starting point for a comprehensive corporate governance process involves developing a conceptual framework that will identify the full range of risks within the organization. If a company has an immediate issue in a specific area – such as Human Resources – it can address it immediately. But before devoting too many resources – people, capital or technology – to any particular area, the company should develop an overview that highlights the most significant risks and allocates resources accordingly. This process, which requires a team effort, will provide the added benefit of rallying the workforce around a common goal.
Communicate throughout the organization using consistent terminology
It is important to facilitate communication horizontally across functions, divisions and business units, as well as vertically among management levels. When communication is ineffective and roles are unclear, the risk management framework is either not sustainable or is inefficient. A sample inefficiency as a result of lack of communication is duplication of tasks and efforts. Also to ensure appropriate Disclosure Controls and Procedures are being followed, a common language is important for communicating consistently to both internal and external audiences to ensure the same message is delivered, thereby preventing misinterpretation of information.
Adopt a process view
It’s important to avoid thinking in narrow, departmental or functional silos. Let’s take Customer Relations Management as an example. Employees involved in back-office functions like production or billing may not see how their work touches the customer and may ignore monitoring. In other departments, there may be overzealous monitoring, with excessive customer surveying. It’s important to appoint an overall process owner to accept responsibility for managing risks of a given process and to create a balanced monitoring effort.
Balance control with empowerment
Regardless of the framework developed, managers and employees must believe they can contribute to managing risk rather than merely feeling inhibited by additional rules and structures. Therefore, in order to have buy-in from all the ranks, appoint managers and employees with responsibilities and empower them to make decisions. There must also be a clear understanding though that with responsibility comes accountability.
Move to Operational Risk Management
Operational Risk Management (ORM) is a key strategy for improving the quality and relevance of information reaching executive decision-makers, thereby leading to improved corporate governance and company performance. In addition, a more integrated approach to risk management will allow companies to anticipate unexpected events early, deploy resources to address the most critical risks and manage those risks effectively. While Enterprise Risk Management (ERM) deals with setting the organizational strategies and practices to be followed, ORM systematizes them and puts risk on everyone’s’ desk. ORM deals with the activities and measures in place for every employee to ensure that corporate objectives are being achieved. This is achieved by aligning the people, processes, and systems towards a common goal and taking a holistic view of the organization. It deals with linking the activities of personnel to the strategies set by senior management.
Labels: GRC
posted by 180 Systems at 1:40 PM 
0 Comments:
Post a Comment
<< Home