HOME         ABOUT US         NEWS & EVENTS         MEASURABLE DIFFERENCE         CONTACT         JOIN OUR TEAM
Brown Smith Wallace LLC
  HOME  > RISK SERVICES  > Enterprise Risk 


Enterprise Risk Management

Enterprise risk management (ERM) is the process of planning, organizing, leading and controlling the activities of an organization in order to minimize the effects of risk on an organization's capital and earnings. Enterprise risk management expands the process to include not just risks associated with accidental losses, but also financial, strategic, operational, and other risks. We have found that there is a wide-range of views on what ERM is and how it should be implemented within an organization. Ultimately, it comes down to identifying how ERM fits within the culture of the organization and focusing on objectives that the company is trying to accomplish. These objectives often include:

  • Management and Board alignment in understanding an approach to risk
  • Increased focus on managing risks associated with strategic objectives
  • Improved risk weighted approach to evaluating capital decisions
  • Increased ownership and accountability for managing risks
  • Opportunity to challenge areas where the company may be able to increase risk

We believe that ERM should be customized to a company’s environment and that it should evolve over time to fit the maturity and needs of your business. This may include:

  • Incorporating ERM into your strategic planning and deployment process
  • Incorporating ERM into capital decisions
  • Performing periodic updates of the enterprise risk assessment
  • Performing risk assessment audits or management assessments

Enterprise Risk Assessment

We can help you develop and conduct a cost-effective enterprise risk assessment that will help you position the organization to understand and effectively manage risk and improve performance. Enterprise Risk Assessments help companies:

  • Understand the significant risks facing the organization
  • Prioritize risks in terms of severity of impact and probability of occurrence
  • Focus more detailed process risk assessments where risk is determined to be significant
  • Identify opportunities to improve internal controls and other risk management activities
  • Identify opportunities that may exist to improve efficiency, streamline workflow and enhance performance

Our enterprise risk assessment methodology provides a consistent approach to evaluating risk and identifying opportunities to improve processes. Deliverables include a risk profile, which serves as the foundation for developing a risk-based audit plan, identifying needed management initiatives and generating specific recommendations for performance improvement.

Risk Based Audits

Our internal audits are designed to take a risk-based approach to evaluating the area(s) under review. Our approach includes the following:

  • We identify potential risks to the achievement of goals and objectives. Through discussions with management, internal control guides and our experience with other similar organizations, we identify risks related to financial, operational and compliance objectives for the areas being reviewed.
  • As risks are identified, we evaluate the overall impact the risk could have to the process and the likelihood that the risk will occur.
  • As we gain an understanding of the policies, procedures and practices for the areas under review, we identify internal controls that have been put in place to mitigate the relevant risks.
  • During our procedures we evaluate the design of internal controls to determine effectiveness at mitigating the relevant risks. In addition, we also perform tests to evaluate whether controls are operating as described.

We have found this approach ensures audits are focused on areas of greatest risk and opportunity, which results in more valuable feedback to management and a more cost-effective audit.

ERM Program Development

We will help you develop an effective ERM program that coordinates your various risk positions into a coherent system of checks and balances. One of the problems inherent in the implementation of an enterprise risk management (ERM) program is creating protocols that are compatible with your organization's existing structure and long-term attitudes about risk. 

Business Process Assessment

As companies grow, their needs change and processes must be adjusted to support the business. Far too often these changes are made in a patchwork manner and result in processes that are costly and inefficient or ineffective in meeting the needs of the company. When performing a process improvement engagement, we evaluate the effectiveness and efficiency of each process, focusing on the following:

  • Goals and objectives and effectiveness of measuring and monitoring progress
  • Organization structure and alignment with the company's strategies and organization structure
  • Staffing levels, roles and responsibilities, knowledge, and training for personnel
  • Use of technology to enable the process
  • Design of process, including policies, procedures and related internal controls
  • Segregation of duties 
  • Identification of potential risks and opportunities associated with each process area

Fiduciary Risk

With heightened governmental scrutiny and increasing ERISA litigation, fiduciary risk is a growing concern for those with retirement plan responsibilities. Vulnerability often stems from inadequate definition of the legal obligations fiduciaries have and from inadequate fiduciary procedures.

We focus on the interests of plan participants and beneficiaries and generate effective and properly designed training, systems and processes for meeting fiduciary requirements. This usually results in a reduction of fiduciary risk.

The most important step in successfully fulfilling fiduciary responsibility is to formally establish and maintain processes and procedures that focus on the interest of the plan participants. Those processes and procedures should be tailored to your organization's unique structure, operations and applicable regulations. We can help you with:

  • Fiduciary Investigations
  • Fiduciary Reviews
  • Fiduciary Governance and Structuring
  • Fiduciary Training 

Technology Risk

Our technology risk team focuses on assisting companies in managing technology risk, improving processes and internal controls, maximizing return on their ERP investments and complying with the provisions of Sarbanes-Oxley. At Brown Smith Wallace, we are able to provide a full spectrum information technology audit team with specialist capabilities in all major technical competencies (e.g., infrastructure, operating systems, applications, databases, etc.).

We help organizations of all sizes and provide a wide range of cost-effective technology risk management services. Our services are designed to provide successful evaluation, review, monitoring and maintenance of your systems with minimal disruption to your daily operations.

Construction Risk

We provide companies with construction risk management by identifying and analyzing potential risks that may occur throughout the construction process. We perform risk assessments on construction projects to help you prevent and mitigate potential costly delays and disruptions.

Our construction risk team brings extensive experience gained in adapting to the complexities of construction projects while maintaining our proven practices and procedures throughout your construction process.

To see how we make A Measurable DifferenceTM Contact Us

 

 HOME | TAX | AUDIT | RISK | FINANCIAL ADVISORY | RECESSION | INSURANCE 
NOT FOR PROFIT | INDUSTRIES | AFFILIATES | PRIVACY | LEGAL | SITE MAP

Thursday July 29th 2010 09:15:01 am


ST. LOUIS 314.983.1200
ST. CHARLES 636.255.3000
HIGHLAND,IL 618.654.3100
TOLL FREE 888.279.2792

Ted Flom
CPA, CISA,CIA
Member in Charge
314.983.1294
tflom@bswllc.com

Anthony Munns
CISA, CIRM, CITP
Risk Services
314.983.1297
amunns@bswllc.com

Chris Menz
CPA
314.983.1227
cmenz@bswllc.com

Get More Information