Easy as 1... 2... 3!
- Establish your ERM group (panel, committee) - or have an existing group take responsibility for ERM
- Generic Panel Nomination Letter (doc)
Need a champion to help you get this started?
Contact Grace Crickette at (510) 987-9820 or for assistance.
- Generic Panel Nomination Letter (doc)
- Write your charter
- Develop a Work Plan (Plans may be used in conjunction with, or independent of, each other)
- Plan 1: Based on the COSO Framework Sample Work Plan (doc)
- Environment/Objective Setting: describe the "Tone at the Top", Organizational Objectives, and the ERM Initiative Goals
- Event Identification/Risk Assessment: Describe how you are going to recognize and catalogue internal and external events that could impact achieving objectives and how you will assess them
- Risk Response/Control Activities: Develop plan that assists individual units and key owner's of processes to identify and assess risk and develop action plans to mitigate the identified risk
- Information & Communication: Describe how information will be communicated throughout the organization
- Monitoring: Develop measures for monitoring risks and key controls and communicate findings on an ongoing basis
- Plan 2: Based on Supporting Objectives and Strategic Goals of Your Organization – that still encompasses the COSO Framework – Sample Strategic Goal Plan (doc)
- Define the Organizations Strategic Goals and Objectives: a Strategic Plan is likely to have been completed by your organization, so the primary initial action required by the ERM group is to ensure that they understand the goals and objectives, and can correctly articulate them and communicate them
- Develop a survey process: to examine individual unit's goals, objectives and operating plan to determine if they support your organizations goals and objectives. – Sample Survey (doc)
- Identify the Risks: Identify individual units' risk that might stop them from meeting their goals and objectives.
- Identify the controls and develop mitigation plans: Identify how the risks are currently managed and how they might be improved.
- Monitor: With the unit establish an ongoing risk management program.
- Understand and Develop Risk Assessments
Tip: Start small, but think BIG
Look at an existing program or initiative that could benefit from ERM and start with just focusing on one area. Example: Safety Programs, Training Programs, Effort Reporting, Workers' Compensation, Contract Management.
Note: This page is best viewed using Microsoft Internet Explorer v7 or later.