- LATEST BLOG POST
- echo $post_date ?>
- Cultural Entropy and Risk Management are intertwined. Cultural entropy is defined as the amount of energy in an organization that is…
- Read More
Integrated and convergent risk approaches need some discussion. Are they so different? And what about the good old Enterprise Risk Management (ERM)?
In our modern society, organizations require a 360-view across all business units, risks and compliance functions. ERM approaches should cover that.
Experience shows that oftentimes ERM does not cover key business partners, suppliers and finally outsourced entities, the “Enterprise” (system) definition remains implicit. Thus there is no 360-view across business units, risks and compliance functions.
Maybe that was the driver to create new names for more comprehensive approaches.
Gartner defines the Integrated Risk Management (IRM) objective as to enable the simplification, automation and integration of (strategic, operational and IT) risk management across an organization.
Solutions working in that direction are IRM solutions. Such solutions should:
Beside the fact that this should be done through a specific technological solution, there isn’t much new in this definition with respect to the good old ERM, isn’t it?
IRM is good for your business provided it does not miss, again, some important targets we will discuss below.
Convergent Risk Management approaches tout to achieve streamlining by bringing all risk information under the same roof. That allows better risk informed decision making.
Here again nothing really new, aside the very important idea to use a single platform.
The denomination came perhaps as a result of numerous mishaps due to the “siloed” culture, among which we can cite:
It seems that once again the risk community is trying to sell common practice by changing the name and putting a couple new finishing touches. That is likely because the definitions of Integrated and convergent risk approaches are missing a few important points.
Indeed, as it stands now, we do not see any characteristics of the IRM following Gartner’s definition that would warrant a “new name”. The main notable element is that IRM should “look outside” the system. Frankly, no need to invent a new name. A good old ERM could work, with a proper definition of the system and success/failure criteria. Define the system first, develop success and failure criteria, and of course, develop a single platform.
As far as per convergence, well, the idea of having everything on the same platform is indeed important. See above for expalnations.
At Riskope we have fostered for over twenty years some aspects such as:
Neither integrated nor convergent literature references quote these paramount points.
Our “universal” ORE platform is indeed a convergent and integrated solution and we have been pushing forward with it for the last couple decades.
I find astonishing that no one cites paramount characteristics that a modern platform should have, around which the ORE platform has been created, namely:
For relatively small systems, like a productive operation, a logistic hub, or a cluster of relatively small operations, we can implement ORE “manually”. That means use a “worksheet-based” approach which keeps the deployment cost to a minimum.
A software upgrade is necessary for larger systems. Thanks to the pairing with a specific Business Intelligence software which seamlessly integrates the ORE framework there is no limit to size of the system we can analyze.
Welcome to the world of BI-ORE the ultimate solution for corporate Integrated and Convergent Risk Management.
Contact us to learn how BI-ORE, the ultimate solution for corporate Integrated and Convergent Risk Management, will change your understanding of your risk landscape and allow you to surpass your competitor.