To say that risk is an inherent component of all aspects of our lives is an understatement. With black swan events such as the pandemic and acronyms such as volatility, uncertainty, complexity and ambiguity (VUCA) and Rapid, Uncertain, Paradoxical and Tangled (RUPT) becoming part of the global business lexicon, the need for basic risk intelligence among the general populace has never been more critical. However, for business organisations, having a general understanding of traditional risk management is no longer enough; from cyber threats and supply chain disruptions to climate change and fraud risks, organisations today are susceptible to risks across a range of areas.
And to deal with this multitude of risks, companies are implementing Enterprise Risk Management (ERM) - an integrated and joined-up approach to manage risk across all departments and extended networks. With ERM, there is also a rising need for risk-intelligent professionals, especially those armed with ERM knowledge and global certification/accreditation. Before we delve into understanding the ERM career path, we have to understand its importance.
ABCs of ERM
While traditional risk management typically focused on financial risks that are specific to insurance, treasury, or investments, ERM takes a holistic view of risks that affect the entire organisation. ERM involves identifying and assessing all the risks that an organisation faces, both internal and external, and developing strategies to manage those risks. This includes risks related to financial performance, operations, compliance, reputation, procurement, sales, marketing, branding, ESG and other areas. ERM also involves creating a culture of risk awareness and continuous improvement throughout an organisation.
Most importantly, traditional risk management tends to be reactive, while ERM is proactive. Keeping in mind the geopolitical events of the past year and the looming threat of a 2023 recession, ERM will be further thrust into the spotlight, helping organisations to define their risk appetite and implement a risk culture that fuels risk-based decision-making.
Road to being a qualified ERM professional: Skills required and how to acquire them
The role of an ERM-certified professional requires a unique set of skills such as analytical thinking, problem-solving, decision-making, and the ability to understand and evaluate related events that may have cascading impacts. And while a background in fields such as business and commerce, can provide a base for these skills, it is not a prerequisite to pursuing a career in ERM. In fact, the opportunity to build a career in ERM is open to anyone who has completed grade 12. The fundamental Level ERM exam is relevant for aspiring risk leaders, entrepreneurs, family business owners, risk champions, risk consultants, process owners, functional experts, or business heads. Students from any background can pursue the ERM exams considering the wide coverage of risks (i.e. finance, technology, legal, accounting, operations, management studies, and more) and the rising importance of risk intelligence as an important skill.
One of the best ways to kickstart a career in ERM is by pursuing the multi-level certification track that is globally recognised with the latest and best ERM practices across sectors. This includes international frameworks like ISO 31000, COSO 2004 and 2017, techniques for risk identification, scenario planning, horizon scanning, evaluation of emerging risks, risk appetite and tolerance, risk treatment, risk reporting and communication, business continuity planning, internal audit and assurance and corporate governance.
The career prospects that are open upon completion of such qualifications can allow individuals to become risk-intelligent business leaders in any industry, as ERM is applicable to a wide variety of areas including Supply Chain, Cybersecurity, Marketing, and Human Resources. Some potential job titles for ERM professionals include Risk Analyst, Risk Manager, Risk Head/ Risk Director and Chief Risk Officer. There is also the opportunity to set up one’s own risk tech start-up or risk consulting business in the future. ERM professionals may work in-house within an organisation, or they may be employed by consulting firms or other service providers. Many ERM professionals are also setting up their own consultancies and offering their expertise on a contract basis.
With increasing complexity and uncertainty in the business environment, organisations are recognizing the importance of proactively identifying and managing risks. This will only drive up demand for skilled ERM professionals who can help organisations make informed decisions and take proactive steps to manage risks effectively. A career in enterprise risk management is, thus, challenging but rewarding as it offers many opportunities for growth and advancement. Now is a great time to consider this as a career path.
About the author
Hersh Shah is the CEO of the Institute of Risk Management, India Affiliate, and India Chairman of IRM Regional Group. Hersh has been delivering sessions on Enterprise Risk Management since the age of 21 and he has educated over 7000+ students from varied backgrounds.