|
 |
|||||||
|
|
|
|
|||||||||||||||||
|
|||||||||||||||||||
|
|
|||
|
Reader
Profile
Editor's note: Each month, we ask a Directors & Boards reader to comment on critical issues facing directors today. If you'd like to participate in this section in the future, please email Scott Chase. What can senior management and boards do to drive innovation by leveraging risk management practices? It is important to keep in mind that each identified risk creates opportunity. A company’s ability to effectively analyze and manage risks will provide it an enormous competitive advantage over those less adept. Such adeptness will allow companies to identify and profit from opportunities that others either never considered or thought possible. The key to capitalizing on these opportunities is to create a culture that encourages prudent risk taking. Striking the right balance between prudence and recklessness can be challenging but is not impossible. Companies want employees to push the envelope but, to mix a metaphor, also want to ensure there is a safety net in place to guard against the envelop bursting. This requires that risk is objectively analyzed and discussed but that the risk analysis does not bog down into a discussion of why not move forward – rather it must include a full understanding and exploration of the benefits of why to move forward. In other words, the discussion of risk must be about identifying and overcoming obstacles, rather than just throwing up obstacles. This, more positive, approach to risk analysis encourages discussions of risks because it is no longer just the means to say no. What should boards do to help ensure their companies are effectively identifying and managing risk? Risks are not static. Boards should continually raise questions about business risks and otherwise force regular discussion of risks across the organization. The organizational hierarchy of companies can lead to compartmentalized thinking about risks. From its broader perspective, the board can help drive a more coordinated and effective approach to risk analysis. This means insisting that senior management explain the process they have in place for identifying, prioritizing and managing the significant risks facing the company as a whole. This also means that boards insist on regular discussions of the high-priority risk areas so that they can develop an independent understanding of these risks, their potential impact on the operations, and the adequacy of the company’s response. What is the General Counsel’s role in risk management and how does the board of directors interact with the General Counsel when it comes to managing risk? The General Counsel’s most obvious role in the risk management process is in identifying and addressing legal risks. However, in this increasingly complex global business environment, legal risks are not isolated but rather ubiquitous. As a result, General Counsels, with the support of their boards, need to be intimately involved in driving enterprise risk management efforts. The changing nature of the General Counsel’s role illustrates that this is indeed happening – as General Counsel’s are now, more than ever, much more involved in overall business strategy. What are some of the biggest risks organizations face in an increasingly interconnected world (social networking, blogging, wikis, video –sharing, mobile networks, etc.)? The technology that has allowed for this increased interconnectedness has had, and will continue to have a profound impact on the pace and nature of business. Transactions that would have taken days to complete are now completed almost instantaneously. Business partners and coworkers can interact seamlessly despite large geographic gulfs between them. These benefits do not come without risks. However, the risks are less new risks than they are a heightening of previously-existing risks. For example, there was always the risk that a company employee would enter into a terrible transaction without the appropriate vetting, that confidential information would be shared outside the company, or that inappropriate communications will occur. These aren’t new risks that result from new technologies, but as a result our increased interconnectedness, these risks are now much more prevalent. It is obviously important that companies not ignore the heightened risk; however, because of the enormous business benefits associated with this increased interconnectedness, it is also important not to overreact to these risks. These technologies are not going away and businesses that fail to adopt them will be in a competitive disadvantage. Prudent companies need to ensure that their controls keep up with the changes. This means taking the time to understand new and upcoming technologies, their business uses and their impact on risk. With this understanding, companies can adapt their risk control mechanisms to addresses the heightened risks Do you think boards are doing enough to respond and prepare for business risks prevalent today? My sense is that there is probably more discussion of business risks at the board level than ever before, which is a very good sign. However, it can be a challenging topic to get your arms around and it is easy to get bogged down in questions of methodology (e.g., should we adopt COSO’s Integrated Framework for Enterprise Risk Management or some other model?), rather than the substance. The most important thing a board can do is to ensure that a company actually has a coordinated company-wide approach to identifying, prioritizing and managing business risk. While the approach may take many forms, the board’s focus should be more on making risk management a priority for the company and asking the tough questions that will give it the comfort the process is effective. As importantly accountability for risk management must reside with senior business managers, not merely within a risk management function.
|
|
||
Chris Leahy is senior vice president, general counsel, corporate secretary and executive committee member of CDW, a leading provider of technology products and services for business, government, and education. Leahy is responsible for CDW’s legal, corporate governance and compliance functions. She is also a founder and current sponsor of the Women-to-Women Network at CDW which focuses on leadership and development. In 2002, Leahy joined the CDW team as the company's first in-house counsel and as a member of the company’s executive committee. Prior to joining the company, Leahy served as a corporate partner in the Chicago office of Sidley Austin LLP, where she specialized in corporate governance, securities law, mergers and acquisitions and strategic counseling. Leahy earned her undergraduate degree from Brown University and J.D. from Boston College Law School. She also completed the CEO Perspective and Women’s Director Development programs at Northwestern University’s Kellogg School of Management. Leahy is a member of the American, Chicago and Washington, D.C. Bar Associations. Copyright © 2008 Directors & Boards, P.O. Box 41966 Philadelphia, PA 19101-1966. All rights reserved. Contact the webmaster. < Privacy Notice > |
||||
