DOCSLIB.ORG

Extended Enterprise: Managing Risk in Complex 21St Century Organisations Resources for Practitioners Our Supporters

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Extended Enterprise: Managing Risk in Complex 21St Century Organisations Resources for Practitioners Our Supporters Institute of Risk Management Extended Enterprise: Managing risk in complex 21st century organisations Resources for practitioners Our supporters ©2014 The Institute of Risk Management. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise without the express permission of the copyright owner. Permission will generally be granted for use of the material from this document on condition that the source is clearly credited as being the Institute of Risk Management. IRM does not necessarily endorse the views expressed or the products described by individual authors within this document. extended enterprise resources for practitioners Contents Our Project Team ............................................................................................................................................................................ 2 Foreword ....................................................................................................................................................................................... 3 Chapter 1: Extended enterprise - an overview ......................................................................................................................... 4 Chapter 2: Modelling the extended enterprise ..................................................................................................................... 14 Chapter 3: Leadership, management and governance in the extended enterprise ......................................................... 26 Chapter 4: Assurance for the extended enterprise ............................................................................................................... 36 Chapter 5: Questions for the Board......................................................................................................................................... 38 Chapter 6: Building trust across an extended enterprise ..................................................................................................... 43 Chapter 7: Risk, innovation and the extended enterprise .................................................................................................... 53 Chapter 8: Partnerships, collaboration and shared services in the public and third sectors ........................................... 67 Chapter 9: Risk capability in the extended enterprise .......................................................................................................... 80 Chapter 10: Risk communication in the 21st Century extended enterprise ....................................................................... 85 Chapter 11: Standards and assurance ..................................................................................................................................... 95 Chapter 12: Supplier assurance - advancing from assessment to risk management ......................................................103 Chapter 13: IT and cloud computing .....................................................................................................................................108 Chapter 14: A practical approach to managing supply chain for the sector-level extended enterprise ......................115 Chapter 15: Relationship risk management: perception or pragmatism ..........................................................................122 Case study 1: Joint risk management for mutual benefit ....................................................................................................126 Case study 2: Heathrow Terminal 5 - a new paradigm for major programme risk management ...................................127 Case study 3: Total Place - whole systems leadership .........................................................................................................133 1 extended enterprise resources for practitioners Our project team IRM would like to thank our own extended enterprise which has come together to draft and review this guidance. Those that took on the task of writing individual chapters and case study authors are also named against their sections. Neil Allan SIRM, Systemic Consult Ltd & University of Bristol, UK Richard Anderson FIRM, Anderson Risk, UK, IRM Chairman Mike Bartlett FIRM, Network Rail, UK Jeremy Bendall, Bendall Advisory, NZ Darren Brooks, BAE Applied Intelligence, UK Andy Bulgin FIRM, AB Risk Consulting, UK Philip Coley CIRM, Zurich Risk Engineering, UK Colette Dark MIRM, Gallagher Bassett, UK Christos Ellinas, Systemic Consult Ltd & University of Bristol, UK Depeche Elliot SIRM, Maclear SA Dean Fathers, Cass Business School & Nottinghamshire Healthcare, UK Steve Fowler FIRM, IRM, UK Roger Garrini, IRM Affiliate, Selex ES, UK Sarah Gordon CIRM, Satarla, UK and South Africa Louise Gravina, IRM Affiliate, Sainsbury’s, UK Jeremy Harrison FIRM, IRM, UK David E Hawkins, Institute for Collaborative Working, UK Richard Hibbert, SureCloud, UK Alex Hindson FIRM, Amlin AG, Switzerland John Joyce SIRM, Allianz Insurance, UK Patrick Kiryowa, IRM Student, Eskom Uganda Mike Morley Fletcher, IRM Affiliate, ARC & Associates, UK Peter Neville-Lewis MIRM, Principled Consulting, UK Jeremy Philpott MIRM, Lloyd’s Banking Group, UK Dan Roberts SIRM, First Central Insurance Management, UK Keith Smith FIRM, RiskCovered, UK, IRM Director ManMohan Sodhi, Cass Business School, UK Jake Storey, IRM Affiliate, Gearbulk, UK Amelia Stubbs, IRM Affiliate, Korn Ferry Whitehead Mann, UK IRM Director Colin Tester SIRM, AXA, UK John Thirlwell, Institute of Operational Risk, UK Steve Treece FIRM, Health & Social Care Information Centre, UK Elliot Varnell, IRM Affiliate, Pension Insurance Corporation, UK David Welbourn, Eutropia Ltd and Cass Business School (Visitor), UK Nick Wildgoose, Zurich, UK Carolyn Williams MIRM, IRM, UK Thanks also to many others who have helped with resources, comments, references and support and who responded to our consultation documents. 2 extended enterprise resources for practitioners Foreword Each year the Institute of Risk Management (the IRM) to extend beyond the areas within the organisation’s undertakes a major study expanding the limits of immediate control. Our study looks at how these understanding and consensus about risk management. issues interact and explores some tools and Previously we have produced critically welcomed techniques that can help us understand and address guidance on Risk Appetite and Tolerance, on Risk the extended enterprise challenge. Culture and on Cyber Risk. This document - ‘Resources for Practitioners’ comprises This time we are examining how we manage risk in a series of chapters written by different members of today’s complex organisations, their value chains and our project group. Some chapters provide academic networks of relationships - what many call the ‘extended analysis; others focus on highly practical applications enterprise’. We’re looking at how all organisations are and experience. affected by the way that others in their value chain and network manage risk and the complexities that can arise The group has also produced a shorter document from these relationships. which distils the contents of this detailed resource pack into an executive summary with a particular I am grateful to the IRM members and other experts (all focus on the questions that boards, assisted by their named in this document) who came together to produce risk professionals, should be asking about risk in their this work over the past 18 months. I would also like to own extended enterprises. This executive summary is thank the wider group of IRM members, practitioners and available for free download from IRM’s website and academics who have commented on the work, attended those of its partner organisations for this project. our workshops and otherwise supported the group. As with all our thought leadership work, we have tackled Extended enterprise is about far more than ‘supply a new subject where practice is still being developed. chain risk management’ (although that is an important We have suggestions to make, based on practitioner component): we are looking beyond supply into and academic input, but we don’t believe this will be the the complex network of relationships that underpin last word on the subject - we expect to see new ideas public and private economic activity in modern emerging and welcome comments. economies. In fact our work grew to focus on the nature of complex 21st century organisations in a Thanks are also due to our very patient sponsors, world of ‘VUCA’ (volatility, uncertainty, complexity SureCloud. As well as contributing their expertise and ambiguity) and how risk can be managed in that to the content, their support has made possible the context. Outsourced services, IT security, supplier design and print of these documents. As a not for profit assessments, joint ventures and partnerships, organisation, IRM is reliant on enlightened industry alliances and informal arrangements, together with support like this to help us maximise our investment in the speed of change can all present challenges. And the development and delivery of world-class education management of risk in the value chain can only ever and professional development activities. be as effective as the management of the weakest link Richard Anderson, Chairman in it. Likewise, concern about values and ethics needs SureCloud is proud to support this thought-provoking study which
Load more

Recommended publications
  • Audit Firm Culture: Challenge. Trust. Transformation. Summary | August 2021 1
    Audit Firm Culture: PracticeChallenge. Note Trust. 14 Transformation. August 2021 Conference summary August 2021 Contents Page Conference overview 2 Building an audit firm culture that supports high quality audit 3-5 The role of the audit committee 6-8 The importance of a culture of challenge 9-11 Embedding and measuring organisational culture 12-14 Audit firm culture, audit quality and the role of the regulator 15-16 Appendix – Panellists’ biographies 17-23 FRC | Audit Firm Culture: Challenge. Trust. Transformation. Summary | August 2021 1 Conference overview Overview Audit firm culture is a critical component of an audit firm’s ability to deliver high quality audits in the public interest. One key attribute of a good, healthy audit culture is auditors being able to challenge effectively and exercise professional scepticism when performing audits. The need for a culture of scepticism and challenge in the audit profession was also highlighted by Sir Donald Brydon in his Review of the Quality and Effectiveness of Audit. In the week of 21 June 2021, the FRC hosted a series of virtual sessions to engage with a wide range of stakeholders in exploring the overall theme of creating a culture of challenge within audit firms to restore trust in the profession as part of the wider transformation journey. More than 1,500 participants attended the conference – a mix of audit professionals, audit committee chairs, directors, academics, culture experts, international regulators and other stakeholders. The conference focused on the following themes in five individual sessions: • Building an audit firm culture that supports high quality audit • The role of the audit committee • The importance of a culture of challenge • Embedding and measuring organisational culture • Audit firm culture, audit quality and the role of the regulator This document summarises some of the themes that were discussed at the conference.
    [Show full text]
  • The Behavioural Challenge Pwc Point of View
    www.pwc.co.uk › Embedding a culture of doing the right thing Trust: the October 2010 behavioural challenge Trust: the behavioural challenge PwC Point of view October 2010 › › Trust: the behavioural challenge Embedding a culture of doing the right thing The past two years have seen radical change in the relationship between business and society. Events ranging from the credit crunch to oil spills to ‘payment for failure’ have put businesses’ behaviour under the microscope. The widespread perception of a growing disconnection between corporate behaviour and ethical conduct has triggered a sense that global public trust in business has declined. ‘This is the second in our series of community, whose members crave between creating compliance-led papers on trust. In PwC’s first paper, a genuine sense of shared purpose processes on the one hand, and improving Our aim in this paper Trust: the overlooked asset, we explore the and belonging. Coming to work for the behaviour by embedding the right culture is to stimulate importance of trust and the complexities monthly pay cheque is no longer enough. on the other. In PwC’s view, this balance and dilemmas facing businesses as they needs to shift from compliance to culture. thinking around strive to earn and sustain it. In this second The ethicability® research also shows what more is needed paper, we focus particularly on how trust that different people in different contexts, Amid the current debate over the need has become increasingly susceptible to life stages and occupations have different for a new settlement between business to enable trust in an organisation’s culture and behaviours motivations, and different perceptions and society, we believe these issues are business to flourish.
    [Show full text]
  • Have You Seen Our Latest Reports, Read About CIMA's Accomplishments In
    October 2012 Have you seen our latest reports, read about CIMA’s accomplishments in corporate responsibility, or heard about paragraph 47 from the Rio+20? Read all about it in Ethical Lens, CIMA’s newsletter about ethics and sustainability. DIRECTOR’S MESSAGE Ethics are important to me because… “…The management of an organisation’s funds is core to its credibility in the eyes of stakeholders. Confidence in those who maintain the financial controls, standards and records is critical to that credibility and to the ability of those people to operate effectively. As the Chief Financial & Operating Officer of CIMA I must operate to the highest ethical standards.” John Windle, Chief Financial & Operating Officer NEWS Managing Responsible Business Earlier this year we saw the release of the CGMA Managing Responsible Business report. In the light of this report the Accountant, together with CIMA and AICPA, hosted a panel discussion with experts in the field of ethics and accounting. Watch the webcast of the discussion on the CGMA website. Shortly after the report’s launch in Malaysia and Singapore, CIMA SE Asia signed up to a corporate integrity pledge, drafted by the Malaysia Institute of Integrity’s (MII). So far more than 50 companies – including AirAsia, Tesco Malaysia, Google Malaysia and Shell Malaysia - have signed up to the pledge, promising to uphold a business environment that is fair, transparent and free from corruption. 1 October 2012 REPORTS Acting under pressure This report highlights the different areas where management accountants might experience pressure in the workplace, set against the wider ethical environment. The report is based on the global CGMA ethics survey responses of 1760 CIMA members and students from more than 80 markets around the world.
    [Show full text]
  • Thinking Outside the Inbox Roger Steare
    Thinking outside the inbox | 1 Roger Steare 42 Thinking outside the inbox “Roger is a lighthouse, in thick fog, in the middle of a zombie apocalypse” Richard Watson, author, Digital Vs Human Thinking outside the inbox | 2 “It’s said a good creative, in art or literature or music, can step outside the everyday and look at it with new eyes. A sideways view. Roger has this uncanny ability: to look at what we do every day, in work, in play and in interactions with each other and ask ‘if this is what we do only because we have always done it - is there a better way?’ He offers an alternative. A way that can turn confrontation into community, coercion into camaraderie and business into pleasure for all, top to bottom. Too good to be true? I’d certainly recommend you take the time to read and find out.” Nick Knowles, TV presenter and RTS award-winning writer “What Roger does so well is to stimulate your thinking in ways you never imagined. If you’re tired of the status quo, bored with the platitudes, washed out by the mundane, then open your eyes, ears and heart to the world of Roger. In Roger’s writing you will find inspiration, agitation and provocation, blended with intelligence, perception and kindness. He is unique.” Tracey Groves, CEO, Intelligent Ethics Thinking outside the inbox | 3 Contents Testimonials Why have I written this book? 24 The power of listening in silence 23 Hey Google, why is my boss a control freak? 22 How board behaviour affects corporate culture 21 What are the 10 most in-demand skills for 2019? 20 What are the 7 moral principles shared by almost all societies throughout human history? 19 How workplace meetings not only make us more anxious, they also make us more stupid.
    [Show full text]
  • Virtuous Banking Placing Ethos and Purpose at the Heart of Finance
    New Economies, Innovative Markets New Economies, Innovative Markets New Economies, Innovative Markets July 2014 o Virtuous Banking Placing ethos and purpose at the heart of finance David T. Llewellyn, Roger Steare, Jessica Trevellick Edited by Adam Wildman About the Authors Professor David T. Llewellyn is a Professor of Money and Banking at Loughborough University, and is also currently Chairman of the Board of the Banking Stakeholder Group at the European Banking Authority (EBA). He has published widely in the area of financial regulation, acted as a consultant to regulatory agencies in several countries and was a Public Interest Director of the Personal Investment Authority. Professor Roger Steare is Corporate Philosopher in Residence and Professor of Organizational Ethics at the Cass Business School, City University. Roger is a leading thinker and practitioner in the development and delivery of moral leadership, governance, culture and ethics programmes for organizations such as BP, Citigroup and PwC. Roger is also the author of ethicability: How to decide what’s right and find the courage to do it. Jessica Trevellick is a Senior Researcher at ResPublica. Jessica began her career at Santander where she held positions in retail banking and asset management. She then moved to the Financial Services Authority and has worked in regulation ever since. She is interested in issues around encouraging financial planning for the future and the role of the new ‘twin peaks’ regulatory regime in protecting financial stability and consumer rights. Adam Wildman is a Research Manager at ResPublica. He co-ordinates ResPublica’s research output through the three core workstreams, and is currently focused on ways in which to create moral markets, engender ethical corporate cultures and reform the banking sector.
    [Show full text]
  • Risk Culture Resources for Practitioners the Institute of Risk Management (IRM) Is the World’S Leading Enterprise-Wide Risk Management Education Institute
    The Institute of Risk Management Risk culture Resources for Practitioners The Institute of Risk Management (IRM) is the world’s leading enterprise-wide risk management education Institute. We are independent, well-respected advocates of the risk profession, owned by our members who are practising risk professionals. IRM passionately believes in the importance of risk management and that investment in education and continuing professional development leads to more effective risk management. We provide qualifications, short courses and events at a range of levels from introductory to expert. IRM supports its members and the wider risk community by providing the skills and tools needed to put theory into practice in order to deal with the demands of a constantly changing, sophisticated and challenging business environment. We operate internationally with members and students in over 100 countries, drawn from all risk-related disciplines and a wide range of industries in the private, third and public sectors. A not-for profit organisation, IRM reinvests any surplus from its activities in the development of international qualifications, short courses and events. Protiviti (www.protiviti.com) is a global consulting firm that helps companies solve problems in finance, technology, operations, governance, risk and internal audit. Through our network of more than 70 offices in over 20 countries, we have served more than 35 percent of FORTUNE 1000 and Global 500 companies. In the UK we have worked with over 30% of the FTSE 100. We also work with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of Robert Half International Inc.
    [Show full text]
  • Salz Review. Barclays Will Consider and Decide for Itself Whether, and If So How, to Act on the Views, Findings and Recommendations Contained in This Report
    0 Salz Review An Independent Review of Barclays’ Business Practices April 2013 Salz Review An Independent Review of Barclays’ Business Practices April 2013 Salz Review An Independent Review of Barclays’ Business Practices Disclaimer This Report has been prepared by Anthony Salz with Russell Collins acting as Deputy Reviewer (the Salz Review). The Review was set up by Barclays as an independent review reporting to a non-executive committee of Barclays. The views, findings and recommendations included in this Report are entirely those of the Salz Review. Barclays will consider and decide for itself whether, and if so how, to act on the views, findings and recommendations contained in this Report. The Review's Terms of Reference and the approach to the Review are described in Appendix A. The views, findings and recommendations are based on the Salz Review's assessment of the documents provided by Barclays or others in response to requests and information gained from interviews. The Salz Review has not conducted a forensic investigation or an audit of the information made available to it. In some cases restrictions were placed on the Salz Review's access to documents or documents were redacted by Barclays, in each case for legal reasons. The Salz Review has generally assumed the veracity of information provided. Other individuals considering the same information could form a different assessment of it. Similarly, the Salz Review might have formed a different assessment had it considered other information. Accordingly, the findings of the Salz Review should not be treated as determinative of any fact, nor of the performance of, or compliance with, any legal or regulatory obligation.
    [Show full text]
  • Download Roger's Profile Here
    Roger Steare The Corporate Philosopher Roger Steare has been a Senior Advisor on He has conducted extensive empirical research People & Culture, Leadership & Learning, on both personal and professional integrity, Organisational Development, Ethics, Diversity with his MoralDNA® Profile cited in papers & Inclusion for over 20 years. Over this period published by the Chartered Management he has developed a robust, engaging professional Institute, the Chartered Insurance Institute, EY, practice based on a deep understanding of the FCA and PWC. what motivates and inspires us to do great work. Drawing on peer-reviewed research in He writes for the Financial Times and his work anthropology, moral philosophy, psychology, has been profiled in The Times, The Wall Street sociology and systems theory, he has developed Journal, Les Echos and The Guardian. His book an approach that can transform people, teams ethicability has been licensed as an e-book to over and organisations within just a few weeks. 600,000 employees across the firms he advises. His clients have included Abbvie, Bank of Roger is an accredited post-graduate faculty America, Barclays, BP, Clifford Chance, the member at Duke Corporate Education and the College of Policing, Credit Suisse, EY, Goldman FT’s Headspring Executive Development. Sachs, HSBC, KPMG, Lloyds Banking Group, Nationwide, NHS Trusts, Novartis, Openreach, “Roger has helped me consider business decisions PWC, RBS, the Royal College of Defence from a fresh perspective. His approach might be Studies, Santander and Shell. rooted in philosophy, but in reality, it is about pragmatic, profitable yet principled management He has advised regulators, other government of a business, for long-term success.” agencies and professional bodies including the Joe Garner, CEO CIPD, the DWP, the FCA, the FRC, the ICAEW, Nationwide Building Society and IOSCO.
    [Show full text]
  • Discussion Paper 18/2: Transforming Culture in Financial Services
    Transforming Culture in Financial Services Discussion Paper DP18/2 March 2018 DP18/2 Financial Conduct Authority Transforming Culture in Financial Services Disclaimer Contents The views in this paper should not Foreword 3 be interpreted as reflecting the Summary of Essays 6 views of the Financial Conduct Authority – they are solely the Overview 9 responsibility of the authors. 1 Is there a ‘right’ culture? 21 All errors and omissions are the authors’ own. 2 The role of regulation 37 You can download this Discussion 3 The role of reward, capabilities, and environment in Paper from our website: driving behaviours 60 www.fca.org.uk. All our publications 4 Leading culture change 79 are available to download from www.fca.org.uk. References 106 If you would like to receive this paper in an alternative format, please call 020 7066 9644 or email: [email protected] or write to: Editorial and Digital team Financial Conduct Authority 25 The North Colonnade Canary Wharf London E14 5HS How to navigate this document onscreen returns you to the contents list takes you to helpful References 2 Financial Conduct Authority DP18/2 Transforming Culture in Financial Services Foreword Culture in financial services is widely accepted as a key root cause of the major conduct failings that have occurred within the industry in recent history, causing harm to both consumers and markets. For markets to work and firms to be successful, it is critical that they are seen as trustworthy. Social expectations have changed, and public interest has raised questions of trust in firms, and in the industry as a whole.
    [Show full text]
  • Chair Mary Jo White Public Calendar January 1, 2015 to July 31, 2015
    Chair Mary Jo White Public Calendar January 1, 2015 to July 31, 2015 Thursday, January 1, 2015 New Year’s Day – Federal Holiday Friday, January 2, 2015 Out of office Saturday, January 3, 2015 6:30 pm Speaking Engagement at the Association of American Law Schools Monday, January 5, 2015 10:30 am Meeting with staff 12:00 pm Phone call with Mark Carney, Governor, Bank of England 1:00 pm Meeting with staff 2:00 pm Meeting with staff 3:30 pm Meeting with staff Tuesday, January 6, 2015 12:00 pm Meeting with staff 1:30 pm Meeting with staff 3:00 pm Meeting with staff 4:00 pm Meeting with Commissioner 5:00 pm Meeting with Commissioner Wednesday, January 7, 2015 9:00 am Meeting with staff 10:30 am Meeting with staff 11:30 am Meeting with staff 2:00 pm Meeting with staff 3:00 pm Meeting with staff 4:15 pm Meeting with staff Thursday, January 8, 2015 10:30 am Meeting with Thomas Perez, Secretary, Department of Labor 12:15 pm Meeting with candidate for a Financial Accounting Foundation position 12:30 pm Meeting with Suneel Bakhshi, Chief Executive Officer, LCH Clearnet; Michael Davie, Chief Operating Officer, LCH Clearnet; Susan Milligan, US Head of Public Affairs, LCH Clearnet; and Peter Rich, Partner, Rich Feuer Anderson 1:15 pm Meeting with staff 2:00 pm Closed Commission Meeting 3:00 pm Meeting with staff 4:00 pm Meeting with BlackRock: Barbara Novick, Vice Chairman; and Kathryn Fulton, Managing Director Friday, January 9, 2015 10:30 am Meeting with Commissioner 11:30 am Meeting with staff 12:15 pm Meeting with staff 1:00 pm Phone call with Daniel
    [Show full text]
  • ROGER STEARE Corporate Philosopher in Residence at the Cass Business School in London
    ROGER STEARE Corporate Philosopher in Residence at the Cass Business School in London Professor Roger Steare is internationally recognized as one of the leading experts advising the Boards and executive teams on building high performing, ethical organizations. His work with BP after the Gulf of Mexico disaster has been crucial to the company’s recovery plan, with Roger’s decision-making framework and leadership training endorsed within the US Department of Justice Consent Agreement of 2016. He has advised Barclays, HSBC, Lloyds Bank and RBS after the credit crisis, PPI mis-selling and Libor manipulation scandals, with his work publicly endorsed by the Financial Conduct Authority. His most recent assignments have included Senior Advisor, People & Culture at Nationwide Building Society; and he is currently working with a Big 4 audit and consulting firm on their global trust ambition. Topics Roger has worked with clients to achieve these results by basing his guidance on Academics the evidence of best practice across all sectors from around the world. He has Activists conducted extensive empirical research on both personal and professional Artificial Intelligence integrity, with his MoralDNA® Profile cited in papers published by the Chartered Culture Management Institute, the Chartered Insurance Institute, EY, the FCA and PWC. Education Roger is now working with an IBM-Watson award-winning AI software house in ESG developing an ethical AI system for talent management and corporate integrity Ethics ratings. Ethics in AI Leadership His work has also been profiled in The Times, the Financial Times, The Wall Street Philosophers Journal, Les Echos and The Guardian. His bookethicability has sold over 25,000 print copies and has been licensed as an e-book to over 600,000 employees across Society the firms he advises.
    [Show full text]