The International Federation of Risk & Insurance Management Associations (IFRIMA) has released best practice guidelines on how businesses can use enterprise risk management to meet their objectives.
The guidelines were issued following the end of a two-year strategic planning period, as the organisation aims to position itself as an active partner in global risk management.
IFRIMA stressed that risk managers needed to be in senior positions within an organisation to ensure the success of risk management programmes.
“Risk is inevitable in today's business environment,” said IFRIMA president, Susan Meltzer. “It is time to get risk professionals in charge of mitigating the risks they are trained to identify and thereby leverage opportunities that benefit the whole of the company.”
The organisation said the establishment of proper risk management practices could contribute to the overall business objectives of an organisation, establish a consistent and transparent framework for corporate governance, and protect the company from adverse variances and catastrophes.
The best practice guidelines included the following suggestions:
1. Risk identification and assessment. This step includes identification of the significant risks that face the organisation including development of risk registers and risk mapping along with both quantitative and qualitative analysis of the exposures facing the organisation.
2. Risk mitigation strategies. The development of risk mitigation strategies is key to the management of risk issues and action plans need to be included in the overall business plans of the organisation to ensure successful implementation.
3. Residual risk transfer. Once all risk mitigation strategies have been evaluated and implemented as appropriate, the residual risk has to be effectively managed through a combination of insurance, hedging and other alternative techniques ensuring the best possible coverage at the lowest possible transfer cost.
4. Risk reporting. The organisation requires the ability to report on risks internally, specifically to senior management and the board of directors.
5. Monitoring. This part of the process is designed to ensure adherence to and effectiveness and relevance of policies and procedures relating to risk management.
The full guidelines are available from www.ifrima.org.
