Reengineering ERM

As you may be aware we are advocates of reengineering under-performing Enterprise Risk Management (ERM) programs. Our recent white paper on this theme encourages executive management to take a very tough stance of reassessing their enterprise-wide ERM program initiatives. Most of these program investments are "pet alligators" as they're eating their masters alive with huge outlays of time and money without any real strategic value being generated. We are now on the hunt to dig up any quantitative or annecdotal evidence of these situations. If you would like to help us to collect annecdotal evidence, where we protect the real people and firms involved, we'd appreciate you contacting us.

Two resources that we'd like to pass along to you are both from our favorite leader in this space... Ali Samad-Khan of Stamford Risk Analytics found on the web at His papers on ERM (Paper; "Why COSO is Flawed") and "modern risk assessment" practices (Paper; "A New Approach for Managing Operational Risk") are awesome even though they have both been written a number of years ago. They can be downloaded for free at their site:

The goal for any COSO ERM reengineering effort (or for any green field program) is to establish a process for accurately monitoring (measuring) the ever-changing risk and control profile for each business within an enterprise. The above papers will give you the details, but we will boil these down to 4 core strategies over the next couple of blogs.