Put focus on risk management
By Debra Magallon Estero
AN ACCOUNTING, tax and business advisory firm has observed that there is a need to reposition internal auditing practices to focus on risk management.
At present, management teams in companies concentrate more on internal auditing without understanding why there is a need to do so, said Juan Carlos Robles, a partner of the Punongbayan and Araullo firm, handling business risk services.
Based on a survey, 40 percent of board members of different companies do not understand a company’s major risk factors, he added.
Objectives
Robles explained that traditionally, companies immediately proceed to identify the different risks that a company may encounter without first identifying a set of objectives a company wants to achieve.
In its current state, approaches on risk management cater to the preservation of company resources.
During the opening of a five-day-long seminar on value generation by Punongbayan yesterday, however, Robles said the future state of risk management is enterprise-wide and aims not just to preserve but also to create value generation.
Risk, as defined by Robles, is the possibility of something good or bad happening while trying to establish something.
An enterprise-wide risk management system (ERM) will cover various departments within the company like strategic, financial and operations management, he added.
An ERM will also establish a competitive advantage for the company since it will allow it to integrate business and strategic planning. Costs of managing risks will also be optimized, Robles said during the session.
Robles, though, said there are a number of off-the-shelf ERM solutions, but companies who go for these products are "setting themselves up for disappointment" in the results they get.
"No two ERM solutions are alike," he told the seminar participants at the Cebu Parklane Hotel, explaining that even if the companies are of the same industry, they will differ on business objectives and strategies.
He advised against companies copying another company’s risk business model. Instead, he proposed adopting a generic framework applicable to the company.
Based on a Paul J. Sobel risk management guide, Robles suggested a framework which will allow companies an enterprise-wide approach on risk management.
He said objectives to be set should focus on different categories like strategic and operations management, reporting and compliance with laws and regulations.
"But don’t limit to these categories," he said.
It is also important that the objectives set will drive the vision and mission of the company. With an ERM, the company benefits from a strengthened internal control system as well as prevention of fraud, he said. (DME)
(As published in Sun Star Cebu, 6 May 2008.)