RMSS Logo
Sign In  |  Register    
News > In The News > What is Enterprise Risk Intelligence (ERI)? An article by Andrew Howarth, CEO
 

What is Enterprise Risk Intelligence (ERI)? An article by Andrew Howarth, CEO

Date: 31.07.14 - Thursday

The concept of Enterprise Risk Intelligence (ERI) as an active business practice is emerging throughout the world as organisations begin to realise the value of integrating the previously disparate functions of Compliance, Event/Incident and Risk Management.

This integration delivers much more power than the individual value of the three functions, even if they are being managed effectively in isolation.

To understand why the term Enterprise Risk Intelligence encompasses significantly more than other frequently used terms in the market such as Governance, Risk and Compliance (GRC) or Enterprise Risk Management (ERM), it is necessary to truly define the term.

Close examination of the word ‘Enterprise’ reveals that it incorporates every aspect of the organisation, rather than simply a strategic focus on senior management or board reports. Other terms that use the word ‘Enterprise’ commonly make the assumption that it represents only the larger inherent risks, major loss events or significant compliance breaches summarised in a high level and conceptual manner.

However, simply producing an unchanged risk register of twelve or fifteen issues month after month does not provide a true picture of an organisation’s position. In true Enterprise Risk Intelligence, ‘Enterprise’ is inclusive of all strategic and operational risks, events and compliance obligations of an entire organisation.

To truly understand the term Enterprise Risk Intelligence, ‘Risk’ and ‘Intelligence’ are best examined together. An isolated examination of ‘Risk’ may lead to the common misconception that this practice it is simply about Risk Management. The recognition of risk intelligence as a business process is central to understanding what Enterprise Risk Intelligence really means.

Risk Intelligence’ is:

  • how an event/incident (a risk that eventuated) informs us about how effective our organisation’s risk management actually is;
  • the method of identifying breaches in compliance obligations as a risk;
  • the approach of risk assessing compliance obligations in order to prioritise the breach and the corrective actions;
  • the technique of escalating events on the basis of risk (potential outcome) not just severity (actual outcome).

Integrating this critical ‘Intelligence’ from the three disciplines makes each function significantly more effective and valuable to the business than operating them in isolation.





RMSS has several clients operating a full Enterprise Risk Intelligence model, and these organisations are experiencing tangible benefits. We are certainly seeing a progression of businesses implementing full Enterprise Risk Intelligence processes and several clients have begun the journey to deliver best practice Enterprise Risk Intelligence with RMSS’ assistance. Our risk, compliance and event/incident management software facilitates the passage to Enterprise Risk Intelligence in a staged manner that ensures painless and straightforward change management.

Best practice organisations are accepting the need to integrate previously disparate business processes and are recognising the value of embracing true Enterprise Risk Intelligence.

About the author – Andrew Howarth

Andrew Howarth is the founder and CEO of RMSS. Andrew’s achievements include over 18 years in senior risk management roles with multinational organisations throughout Australia and Asia. At RMSS, Andrew’s expertise in implementing enterprise risk management solutions has assisted clients across a broad range of industries to more effectively manage their organisational risk. In addition to Andrew's experience in the field of risk management, he has formal qualifications in the form of a Master of Business and Technology (Risk Management) from the University of New South Wales. Andrew is also a regular speaker on risk management and enterprise risk intelligence related topics, recently presenting at the Australasian Compliance Institute networking seminars, the National Self Insurers Summit and the Annual Chartered Practicing Accountants conference.