In a world of increasing complexity and uncertainty, companies must manage risk more rigorously than ever. To do so, it is imperative that a company is structured to provide the clearest controls on risks and deliver transparent reporting to stakeholders. Passively complying with rules and regulations is no longer an option. This fully updated fourth edition provides a unique assessment of the potential areas of risk that can face an organization in the modern business world, drawing on expert advice from leading consultants, lawyers, regulators and risk management specialists.
Half title pg......Page 1
Title pg......Page 3
Imprint......Page 4
Contents......Page 15
Foreword......Page 25
Contributors’ notes......Page 28
Introduction......Page 45
Part 1 Risk Management Strategy and Corporate Governance......Page 47
1.1 Evolution in risk management......Page 49
Standards......Page 51
European directives......Page 52
The latest changes and developments in risk management in Europe......Page 53
Your dialogue with the insurance industry......Page 54
Introduction......Page 56
Getting the balance right......Page 57
The role of the board in practice......Page 58
The objectives of the CIMA Strategic Scorecard......Page 59
The four dimensions of the scorecard......Page 60
The scorecard in practice......Page 61
Current developments......Page 62
Conclusion......Page 63
Background......Page 64
Company law......Page 66
The Combined Code......Page 67
The Listing Rules, Disclosure Rules and Prospective Rules......Page 69
Guidelines from shareholder groups......Page 70
The UK and United States compared – the international dimension......Page 71
Current developments – where corporate governance law is going......Page 72
Introduction......Page 75
Drivers of risk management for small businesses......Page 79
Risk management for small businesses......Page 80
Conclusion – why a small business should develop a strategic risk management strategy......Page 84
1.5 Risk management: failing to address the current risk agenda......Page 85
Time for a deSOX......Page 87
Airing the dirty linen in public......Page 88
‘The end is nigh’......Page 90
A new start, not a conclusion......Page 92
Part 2 Good Practice in Implementing Risk Management Strategies......Page 95
2.1 Enterprise risk management and business performance optimization......Page 97
Identifying value drivers......Page 98
ERM and EVA: opportunities for improving business performance......Page 99
Conclusion......Page 102
Introduction......Page 103
Why collect information in a scorecard form?......Page 104
Framework to create the environment to get it done......Page 105
How did we achieve this?......Page 106
Conclusion......Page 112
Risk and risk management......Page 114
Integration of risk in the company......Page 115
Implementation of an integrated CRM......Page 117
Aggregation of chances and risks for the allocation of risk capital......Page 121
Conclusion......Page 123
Board accountability......Page 125
Identifying responsibility......Page 126
Contracts......Page 127
Case study: Airbus (delivering a product)......Page 129
Procuring a service or product......Page 130
Case study: Terminal Five (procurement of services)......Page 131
Conclusion......Page 132
Management adage......Page 134
Management systems......Page 135
Measurement......Page 138
Assessment......Page 139
Assessment programmes......Page 145
Summary......Page 147
Heritage can count for (almost) nothing......Page 148
Case study: Kodak comes through with flying colours......Page 152
Three golden rules of reputation protection......Page 153
Part 3 Risk Issues in Operational Management......Page 155
Introduction......Page 157
The characteristics of operational risk......Page 160
Managing operational risk......Page 162
Conclusion......Page 165
3.2 Origins of risk in the supply chain......Page 166
Implications of risk......Page 167
Tackling supply chain risk......Page 168
Conclusion......Page 171
Specifi c risks of syndication......Page 173
What are syndicated services?......Page 174
Client risks......Page 176
Exclusion zones and contention......Page 179
Summary......Page 180
Conclusion......Page 182
3.4 Quality risk......Page 183
Managing quality risks......Page 184
Understanding the customer need......Page 185
Establishing capability......Page 188
The importance of management systems......Page 189
Introduction......Page 191
The five pillars......Page 194
Culture and behaviours......Page 197
A new model......Page 198
3.6 Consolidating operational risk......Page 199
Describing the overall risk of the organization......Page 200
This chapter has only scratched the surface…......Page 203
3.7 Managing the sticks and the stones: bouncing back from a crisis......Page 205
The aftermath......Page 206
An integrated approach......Page 207
A survival strategy......Page 208
Bouncing back......Page 210
Part 4 Risks for Financial and Corporate Managers......Page 213
How insurance can and should play a part in mitigating the operational risks faced by funds and fund managers......Page 215
4.2 Top priorities for internal......Page 220
Raise the bar – live up to heightened expectations......Page 221
Revisit the charter and reporting relationship - validate purpose and position......Page 222
Communicate – sharpen dialogue with senior management and the audit committee......Page 223
Act as a change agent – facilitate positive change......Page 224
Drive effi ciency – ‘work smarter’......Page 225
Build talent – attract, develop and retain the best......Page 226
Strengthen quality processes – focus on continuous improvement......Page 227
Measure performance – add value......Page 228
Conclusion......Page 229
4.3 Regulatory risk – senior managers, systems and controls in financial services firms......Page 231
Case study: The risks (1) – L Limited (fined £63,000)......Page 232
Case study: The risks (2) – Mr N......Page 236
ARROW II visits......Page 238
The Markets in Financial Instruments Directive (MiFID)......Page 239
Preface......Page 241
The cost of confl ict......Page 242
Is there any good news?......Page 244
How to get there......Page 245
Conclusion......Page 248
Introduction......Page 249
Standard exclusion provisions......Page 250
Post-notification matters......Page 253
Conclusion......Page 254
HM Revenue and Customs in the UK......Page 255
US regulatory framework......Page 256
A framework for taxation risk management......Page 258
Tax shouldn’t be taxing…......Page 262
Introduction......Page 263
Quality of performance – products and services......Page 265
Quantity delivered......Page 268
Time for performance......Page 269
Conclusions......Page 270
Part 5 Risks in Innovation and Expansion......Page 273
Introduction......Page 275
Managing risk within an innovation project......Page 276
Managing the risk of innovation investment......Page 281
Shaping the private market......Page 290
A discretionary spend?......Page 296
Conclusion......Page 298
Introduction......Page 300
The numbers......Page 302
Case study: Parallel trading......Page 303
IP protection recommendations......Page 305
Conclusions......Page 306
Assessing the risks......Page 308
Warranty protection – risk allocation and transfer......Page 310
Risk transfer......Page 311
Competitive advantage......Page 312
Part 6 Employment and Human Relations Issues......Page 315
6.1 Management fraud – your boss is involved......Page 317
What the DDA covers......Page 322
Dealing with access to your premises......Page 325
Checklist of issues......Page 328
Introduction......Page 329
The migration from defined benefit to defined contribution......Page 330
Trust versus contract arrangements......Page 331
The trustee professional......Page 332
Trustee protection......Page 333
Introduction......Page 335
What is meant by the term ‘stress’......Page 337
The potential benefi ts from taking action......Page 339
The law on stress......Page 340
Who should be involved......Page 345
Making the strategy work and reaping the benefits......Page 347
Yes, it will affect you......Page 350
Justification......Page 351
Recruitment......Page 352
Enhanced redundancy pay......Page 353
Retirement......Page 354
Part 7 Areas of Risk in IT Management and Usage......Page 357
Introduction......Page 359
Business drivers......Page 360
IT risk in a changing business environment......Page 361
Risk assessment process......Page 364
Summary......Page 367
7.2 Replicating data for business continuity......Page 368
The power of replication......Page 369
The disaster-tolerant solution......Page 370
Case study: Elsevier......Page 371
Case study: Shoosmiths......Page 373
7.3 Information security governance and The Wealth of Nations......Page 374
Relate this principle to information security......Page 375
How this may best be done......Page 376
The context: why wireless?......Page 380
The advent of wireless......Page 381
Managing wireless risks......Page 382
Prepare for the wireless future......Page 384
7.5 The evolution of biometrics: why increased security could present the greatest risk of all......Page 387
Defining ‘biometrics’......Page 388
The biometric recognition process......Page 389
How identification technology can improve risk management......Page 391
Risks of biometrics......Page 392
Conclusion......Page 394
Part 8 Aspects of Environmental Risk......Page 397
8.1 Managing environmental risks: a survey of international developments......Page 399
Legal system......Page 400
Existing OH&S management......Page 405
Key issues......Page 407
Conclusion......Page 410
Introduction......Page 412
Consequences of climate change......Page 413
Implications......Page 416
Conclusion......Page 417
Appendix: Contributors’ contact list......Page 418
Index......Page 425
Index of advertisers......Page 431
