Key to ISO 31000 Success – Theme 2: Build Enterprise Risk Management Using Incremental Steps
One perceived barrier to launching Enterprise Risk Management is the perception that Enterprise Risk Management is overly complex and requires a major and costly effort to implement. Related to this perception is the belief that an organization must implement all of the components of Enterprise Risk Management in one single effort for it to work and bring any tangible value to the organization. Experience suggests otherwise.
In practice, some organizations, especially smaller organizations, have achieved Enterprise Risk Management successes by taking an incremental, step-by-step approach to enhancing their risk management capabilities to provide a more enterprise- wide view over time rather than undertaking one massive launch effort. They start with a simple process and build from there using incremental steps rather than trying to make a quantum leap to fully implement a complete Enterprise Risk Management process.
By doing so, they are able to:
- Identify and implement key practices to achieve immediate, tangible results.
- Provide an opportunity to change and further tailor Enterprise Risk Management processes.