As pools and their public entity members consider utilizing enterprise risk management (ERM) concepts, they should think both about the value of the process overall and the details of effective implementation. Fortunately, with a tool now being developed by two risk pools, engaging in ERM may soon be an easier and more valuable process for public entities to perform.
AGRiP Executive-Level QEI Patron Origami Risk recently published a blog post advocating an ERM approach that, among other things, (1) aligns with organizational objectives, (2) includes both the upsides and downsides of risk, and (3) avoids relying on static risk assessment “snapshots.”
When implemented in this way, ERM is much more than the “heat maps” traditionally associated with it as a decision-making process. This broader form of ERM is particularly useful in the public entity environment, where competing values and objectives, as well as limited budgets, are the norm.
This perspective is favored by both Citycounty Insurance Services (CIS) and the Virginia Risk Sharing Association (VRSA), two pools using ERM to guide their internal decisions. Steve Craig, VRSA’s managing director, cites two examples of ERM in action at VRSA: decision processes for quoting a prospective high-risk member and exposing additional assets to equity risk.
Now, to help their public entity members also reap the benefits of ERM done right, CIS and VRSA have teamed up to develop ERM software specifically designed for use by pools and public entities of all kinds. Their collaboration, which is already well under way, is bringing forward funding and insight from both pools to benefit their members. Scott Moss, CIS’s property/casualty trust director, sees the software as a way to break through members’ perceptions of ERM as hard to accomplish or lacking a tangible, valuable outcome.
The software tool will allow pool members to evaluate new programs and projects through an ERM lens, produce action plans to take advantage of opportunities, and mitigate threats to the success of their undertaking. For Moss, the process is in keeping with his definition of ERM as an organization-wide approach to assure all decisions are risk-based and that risks align with organizational objectives.
A member entity using the tool will input relevant information, including organizational objectives. From there, the entity will be able to look holistically at any project decision by inputting 11 types of information into the software:
- The department/division for the project and its objectives
- The organizational objectives that apply to the project
- The project team
- The governance interest (known as “risk appetite” in ERM)
- The management interest (known as “risk tolerance” in ERM)
- Internal influences
- External influences
- An action plan for those opportunities
- A treatment plan for those threats
At each step, a brief video will help users understand the inputs needed and how they contribute to the overall ERM assessment.
Outputs will include a project plan for the decisions, analysis of how decisions align with departmental and organizational objectives, expected budget and staffing, and an estimated dollar amount for unknown contingencies.
Moss estimates running a decision through the software will take 30 to 45 minutes.
The software’s framework is complete, and it is now up to both pools to customize the program to meet their needs. For example, the software allows each pool to include its own branding and ERM terminology in the system. Additional work to customize reporting is also anticipated.
For more information about this collaborative project, contact Scott Moss or Steve Craig.