Case Study: Sustainability's Corporate Evolution (Essay Sample)

Contents TOC \o "1-3" \h \z \u a)Explain how the COSO ERM Framework enables the organization PAGEREF _Toc42433706 \h 2i.To establish the relationship of key risks across the business PAGEREF _Toc42433707 \h 2ii.To identify, address and monitor uncertainties PAGEREF _Toc42433708 \h 4iii.To be able to downside risks PAGEREF _Toc42433709 \h 6iv.To meet the vision and mission effectively PAGEREF _Toc42433710 \h 7v.To enhance compliance and reporting PAGEREF _Toc42433711 \h 10vi.To ensure productivity is at the highest level PAGEREF _Toc42433712 \h 11vii.To provide a systematic integration of sustainability into a COSO-based ERM PAGEREF _Toc42433713 \h 12viii.To provide additional strategic and operational leverage for businesses as they seek to succeed and grow in today’s complex world. PAGEREF _Toc42433714 \h 17b)Info graphic for a (ii) PAGEREF _Toc42433715 \h 18c)References PAGEREF _Toc42433716 \h 19
* Explain how the COSO ERM Framework enables the organization
* To establish the relationship of key risks across the business
Through COSO ERM, organizations are able to holistically view risks in an integrative manner. The issue is for one to understand that the whole risk is not equivalent to the sum of the parts of the risk. Organizations need to understand the risks individual elements and how they interact as a cause of hedges that are natural and mutual amplifying risks in order to understand the risk portfolio (Purcell, 2016) .This conceptualization of the risk interaction in the business is done through breakdown silos.
One of the simplest ways that organizations consider the interaction of risks is through grouping related risks to one broad area like trying to group risks related to vendor concentration, distribution channel and sourcing into supply chain risks and then respond by assigning the risk area oversight and ownership (Roebuck, 2017). The different ways used for risk interaction capturing by the organizations to raise the level of richness and complexity of information is through bow tie diagrams, correlation matrices and risk interaction maps.
Risk interaction map-This involves the representation of the risk in a graphical way in which a list of the risks that are same are represented by the X and Y axes. Then an indicator is used to indicate the risk interactions (Purcell, 2016). In case of availability of historical data, correlation matrix expresses quantitative risk interaction. This method is mostly applicable to a certain category of risk like the market risk. however, there are some challenges of establishing the risks like the fact that the future relationship not being indicated by the cause of the previous risk ,lacking the historical data ,timeframe differences as well as the enterprise assessment requiring large number of risks.
381000000Figure 1 (Source: https://www.coso.org)
Bow tie diagram- These consists of elemnts showing chronology of events which happen as a result of an happening and is essential for idntifying and assesing risk response and the risk indicators (Purcell, 2016). They are usually qualitative diagrams or meant to dserve as models of quantitative. A bow tie is usually a cmbination of afaulty tree which is a model used for event analysis or a list of different events that can result to an harard, and event treees which are used for sequence modeling of ccurenceis from a single risk.
Figure 2 bow tie diagram (Source: https://www.coso.org)
* To identify, address and monitor uncertainties
This is done through the risk assessment process which has been put in place by the COSO Enterprise Risk Management (ERM) Framework .according to the framework, the assessment involves the process of identifying the risk and ends up at the response of the risk and this is don’t at both the individual and collectively in order for the management to focus on the most critical threats and opportunities to enable the groundwork preparation for the response of the risks (Purcell, 2016). This process of risk assessment s mostly concerned with risk measuring and prioritizing in order to manage the levels of the risks in a certain threshold that has been defined while avoiding control and using the desirable opportunities (COSO Enterprise Risk Management — Integrated Framework, 2020). There are some activities that require for the risk assessment like then an ERM is being established, an acquisition or a merger, new project startup, restructuring, periodic refreshing or even divestiture. Some risks require recurrent assessment and monitoring because they are dynamic like the market and production risks while others are static and reassessments are required periodically.
Figure 3: Risk assessment flow diagram (Source: https://www.coso.org)
Risk identification-This is the process that precedes the assessment of the risks because it gives the lists of risks involved as well as the opportunities if there. These risks when identified are grouped into categories and sub categories (Steinberg, 2015). Some of the categories include compliance, strategic, operational and financial while the subcategories can be liquidity, credit, marketed and these are sections like the capital projects, corporate functions and any other business units. This stage is used to broadly understand the risks affecting the business and through this is essential to the organization management at the business or function levels; a prioritization is required for the key risks to the bard and senior management. And this is achieved through the assessment of the risk.
Assessment criteria development-This involves coming up with a set of criteria for the risk assessment which is usually deployed to the business units, capital projects and corporate functions. The risk and opportunity assessments are usually done on the basis of their impact and the likelihood of occurrence (COSO Enterprise Risk Management — Integrated Framework, 2020). A business enterprise can recognize the risk evaluation with extra dimensions like the speed and the vulnerability.
Risk assessment-This involves the assignment of values to the identified risks and opportunities based on the criteria identified and can be done in 2 phases; phase 1 involving qualitative initial risk screening techniques then phase 2 involving quantitative analysis to the risks that are most important.
Risk interaction assessment- Since risks don’t occur in isolation which has pushed the companies to recognize the risk interaction management significance. This is after conceiving that even though some risks can be insignificant they can have potential in the process of interacting with other conditions and events which could lead to damages or even create opportunities (COSO Enterprise Risk Management — Integrated Framework, 2020). This is usually done through bowtie diagrams, aggregated probability distributions and risk interaction matrix techniques.
Risk prioritization- This involves determination of risk management priorities through compassion of the risk levels to the pre-established anticipated risk levels as well as the threshold of tolerance (Purcell, 2016). Probabilities and financial impacts are not only the basis of viewing risks but also the impact on reputation, impact on safety, health as well as the onset speed.
Risk response- The final results from the assessment process acts as the input to the responses of risk through analysis of the response options which can either be acceptance, reduction, sharing or avoidance of the risks identified (Steinberg, 2015). Analysis of cost benefit is performed, followed by formulation of a response strategy and then development of plans for the risk responses.
* To be able to downside risks
Every business face uncertainties and it’s the management’s responsibility to ascertain the amount of risk that the company can accept as it raises its value (Purcell, 2016). The business ought to identify the opportunities associated with the risks so as to enhance value. COSO ERM enables down siding of the risk through:
Opportunity seizures through consideration of risk’s capabilities and the available opportunities in the organization. Alignment of the risk appetite to the strategy through strategic alternative evaluation by the management through coming up with related objectives and risk management mechanisms. COSO ERM also helps in the enhanced decisions regarding responses to risk which include whether the organization needs to accept risk, share the risk, avoid or reduce the risks encountered. additionally, companies are able to acquire capabilities that are enhanced in order to identify any events or risk that are potential hence helping in surprise and loss or costs associated hence establishing the required responses (COSO Enterprise Risk Management — Integrated Framework, 2020). Further, the organization uses the ERM framework to identify and manage several risks in the cross enterprise giving responses to the connected impacts and integrating responses to the risks. Lastly, through gaining vigorous information about the risk management is able to successfully evaluate the capital needs of the organization and increase capital allocation.
* To meet the vision and mission effectively
The COSO ERM framework lays emphasis on helping the organization to better conceptualize how the set vision, mission and core values give foundation to understanding the risk types and amounts that are admissible during strategy setting (Steinberg, 2015). This foundation gives three different ways in which risk may arise in the process
* The possibility of objectives and strategy misalignment to the mission, vision and core val...