LP-Risk
(Lateral Praxis – Risk Monitoring System) increase risk oversight and drive performance improvement
Risk Architecture of a group enterprise
Audit committee
The Board Overall responsibility
Receive routine reports from GRMC
Ensure risk management is embedded into all processes and activities
Set annual audit programme and priorities
Review group risk profile
Provide risk assurance to the Board
Monitor progress with audit recommendations Oversee RM structures and processes
Risk Culture Group Risk Monitoring Committee
Failures in risk culture were the primary cause of the credit crisis of 2008. It is easy for large, disparate group companies to fall into several behavioural traps that lead to poor decision making. Enterprise Risk management processes can prevent such pitfalls if implemented with commitment from the board.
Formulate strategy and policy based on risk appetite,risk attitudes and risk exposures Receive reports from business units, review risk management activities and compile the group risk register Receive reports from business units and make reports and recommendations to the Board Track RM activity in the business units and keep the risk management context under review
Disclosures Committee Review and evaluate disclosure controls and procedures Consider materiality of information disclosed to external parties
Business Units Produce BU-specific policy statements, as necessary Prepare and update the business unit risk register
Direct & Monitor
Set risk priorities for business unit
Reports & Evaluation
Monitor projects and risk improvements Prepare reports for GRMC Manage control risk self-certification activities
Background Risk profiles are changing as businesses’ operating models become more globalised, and supply chain and transport networks become increasingly complex, interconnected and interdependent. Major disruptions in the last few years—including the global financial crisis, terrorist scares, flooding in Thailand and the Bangladesh warehouse issues—all of these have heightened public discussion on risk preparedness. Spreadsheets & ledger entries in multi-locations don’t cut it any more. Companies need to create a central framework to continually monitor their internal and external environments and identify potential sources of risk early, assess those risks, and respond based on the organisation’s risk tolerance.
LP-Risk—holistic framework design
LP-Risk is never off-the-shelf
LP-Risk is a risk identification and monitoring solution capable of tying in all three components (Operational, Strategic, & External) via an organisation’s Risk Committee and Chief Risk / Compliance Officer.
Every company is unique. Best practices are a given but Lateral Praxis is always conscious that hands-on customisation is the key to a successful implementation. We consider your needs in the context of: Our complex financial markets Your unique products and services Diverse technologies you work with Your individual appetite for risk Simplicity or complexity of your business processes
“The goal is not to predict what or when – but instead be prepared and able to respond in an informed and planned manner to minimize the impact of a disruption.”
Risk in perspective Steve Jobs was willing to cannibalise his company’s products in the name of progress. Many CEOs would have been hesitant to develop the iPhone, knowing full well that it would help to make the iPod obsolete – but Jobs did it anyway (and took a big bite out of the lucrative mobile market).
Operational Risk Natural Catastrophes
Competitive Environment
Industry maturity
Management Succession
Enterprise Risk
Disruptive Technology
Liquidity Financing Regulatory change
Event Identification Risk Assessment Risk Response
mp
lia
nc
g
Objective Setting
Co
rtin
Re
po
tio era Op
ate Str
Internal Environment
Subsidiary Business Unit Division Entity -Level
Business often means having to take risks. Especially smart ones.
e
Risk Committee Members will view data of the organization as well as for its subsidiaries while preventing reverse access as needed for security. LP-Risk ties in neatly into SAP, ERP & internal auditing solutions, including our own products: LP-Audit & LP-CMS. ns
LP-Risk: Secure multi-level access
The LP-Risk framework must be customised to your need and deployed in a transparent, streamlined process. In line with the internationally accepted COSO ERM framework our processes are: (see COSO cube at right) Establishing Context: Current conditions in which the organization operates on an internal, external and risk management context. Identifying Risks: Document threats to the organization and the representation of areas you may exploit for competitive advantage. Analysing/Quantifying Risks: Creation of probability distributions of outcomes for each material risk. Integrating Risks: Aggregation of risk distributions, correlations, and impact on KPI. Assessing/Prioritising Risks: Determination of the contribution of each risk to the aggregate risk profile, and appropriate prioritisation. Treating/Exploiting Risks: The development of strategies for controlling / exploiting various risks. Monitoring and Reviewing: Continual measurement and monitoring of the risk environment and the performance of the risk management strategies.
gic
Risk Identification & Quantification
Control Activities Information & Communication Monitoring
Training, Support & Updates LP-Risk support means hands-on training and regular updates. Remotely administered software upgrade patches are effortless and never disrupt client operations.
The Leadership Challenge Managing risk is very different from managing strategy. Risk management focuses on the negative—threats and failures rather than opportunities and successes. It runs exactly counter to the “can do” culture most leadership teams try to foster when implementing strategy. By definition, businesses need to balance risk exposure to stakeholder value. Sample heat mapping screen
LP-Risk Dashboards and action screens Our LP-Risk dashboards are executive information systems that enhance visibility of performance and allow tracking of your key risk performance indicators. Collating data from disparate systems, our dashboards present a unified view of the information. We enable your risk committee, directors, managers & users to have a personalised insight of their risk status and quickly spot problems before they adversely affect the business. Your dashboard will: Allow the Risk owner to set out the Risk Mitigation Plan Define mitigating actions for the risk Set frequency of execution, target date with auto-reminders Allows computation of the cost of mitigation Single screen view, including collapsible subsidiaries’ information, with overall status Links to SAP, LP-CMS & LP-Audit—our internal auditing solution Provides easy pick of risks from organization’s environment to subsidiary’s environment Links with the companies’ HR database. The latest employee status is reflected and risks can be re-assigned as needed
The LP promise Reliable, actionable information, provided in a consistent, rule-bound time line.
Your Gain Economic in cost, time & resources. Low TCO, Low implementation period, Low IT footprint A secure, consistent, dependable risk monitoring process for the enterprise and subsidiaries Prevent duplicitous monitoring of business processes and meet reporting requirements A secure, succession-proof knowledge repository allowing smooth, secure employee changeovers Risk perception: despite the quantifications and metrics, risk perception is mostly a people driven, cultural ethos; part of a company’s DNA. Shoehorning an organisation into a pre-configured ERM process delivers very little. Implementation to us, means getting involved with your company and translating your risk perception into a unique process that you know covers all areas that concern you, in the priority you choose.
We are good at this —call us.
inclusive innovation CenterPoint, MVIRDC, World Trade Centre, Centre 1, 1st Floor, Cuffe Parade, Mumbai - 400 005, Maharashtra, INDIA Tel: +91 22 6638 7272 Fax: +91 22 2218 8175 email: preet@lateralpraxis.com Website: www.lateralpraxis.com