This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our privacy policy to learn more.


5 benefits of an integrated risk management program Logo aicpa

  Neil Amato |   Free |   AICPA |   12 Jul 2016 |   Journal of Accountancy

This article summarizes concepts from the proposed COSO framework related to the benefits of integrated enterprise risk management, including reducing negative surprises and improving resource allocation.

Topics covered:
  • Management accounting: Business: Strategy, Foundational
  • Management accounting: Technical: Risk management & internal control: Risk identification & assessment, Foundational

2 Comments/Reflections

Charlotte Leach

Charlotte Leach Sep 2017

Risk management – It’s hard to dictate risk management at the moment I am currently leaving my position tomorrow I start my new job at the end of the month so have no idea what risks I will face when I get there and I will need time to settle into my role and understand the business before I am aware of the company’s risks.
In my current role we have faced many risks which have changed over the years, for example, when I first started the risk was always cash flow. The business I am in is videoconferencing in which we do large jobs for University’s. The jobs can take months to complete and we can only invoice on completion then the Universities are usually on 60 days payment terms which means heavy capital outlay upfront when we may not get paid for another 6 months after job completion and payment due date. This has meant we have always completed cash flows daily and ensured we had regular contact with the bank and the facilities where in place if needed. Later down the line the company was bought out by a bigger company which meant cash flow was no longer the risk. Saying that we still monitor cash flow daily to ensure we don’t take our eye of the ball – knowledge is power.
There are many risks in any business another example in my current company again we are heavily reliant on winning University contracts the contracts equate to around 85% of our turnover. The framework to win the University work is getting increasingly difficult to secure due to increased competition. This year we lost one of our contracts to a competitor but we were aware that this could be the case so bid for another contract with a different body to close the gap. The University has actually been a lot more profitable so has worked out well but there is an increased pressure on customer service, as the contracts are integral to the business, to aid this we have started to ensure the project manager is having weekly meetings with the Uni as well as ensuring we put overtime on to ensure the deadline is completed, along with customer surveys and taking notes on how to improve our customer journey. These are all simple changes that make the difference to the end user.
Businesses need to take risks to be successful especially currently when the exchange rate is fluctuating so much. I think everybody has been affected recently with the uncertainty of outcome from Brexit meaning this year we have been a lot smarter with hedging and securing contracts with the bank for the long term. Again we monitor all of our expected payments out for our overseas suppliers so we can lock in a rate of currency to mitigate surprises.
I am sure the risks will be a lot clearer in my new role once I have settled in and the article will be valuable in spotting these risks. As the article outlines its always important to ensure risks are constantly monitored and evaluated, new risks will crop up all the time but the ensuring you know the inside and out of the business will ensure you are one step ahead at all times internally to stop these surprises. Reading articles and monitoring political updates will be a huge part of this to help with risks outside the organisation.
Tshepo Irvin Direro

Tshepo Irvin Direro Aug 2017

Integrated risk management had the following benefits for my organisation:

It allowed us to proactively identify the changes in the BBEEE( Broad Based Economic Empowerment Act which required organisations to meet a certain quota of black people (Chinese, Colored, Indian, and African) and women in management position and normal employees. The fine was a higher of R1000,000 or 10% of revenue for companies which didn't comply. We actively reduced the risk through discussions, the budget was created for HR to undergo the training on how to implement the new legislation and hence the risk was reduced to an acceptable level. 

The law also changed with regards to the recruitment of foreign nationals which required the employees to have the critical skills as published by the department of Home affairs. Most of the employees were foreign nationals and lost their working permit as a result and the company became understaffed. The fact that the company was understaffed was identified through root cause analysis. The company started to recruit and train local employees to mitigate the risks because with foreign nationals there was an administrative burden. The quality improved as a result because the risk of shortage of employees was reduced.