Enterprise Risk Management (ERM)

linked to Business Performance

Linking ERM to Business Performance

Business Performance objectives fall into four broad categories as follows:

  • Revenue/value definition objectives, reflecting purpose and stakeholder needs,
  • Revenue/value creation objectives, reflecting resource allocation, partner, ecosystem needs,
  • Revenue/value delivery objectives, reflecting operational needs,
  • Revenue/value sustainability objectives, reflecting long term viability needs.

Each category has its revenue/value creation and preservation dimension.

An easy way to approach the topic of revenue/value creation and preservation is to think in terms of a defined business objective and to ask:

  • what can help me achieve/exceed my objective
  • what can stop me or slow me down towards achieving/exceeding my objective

Those things which are well understood are best assessed in SoluxR ERM.

Those things about which there is limited information and which are therefore not well understood (but which are nevertheless on the horizon as possible causes for concern) are best assessed in SoluxR Emerging Risks.

The purpose of SoluxR ERM is to provide guidance indicators of likely business performance on the road ahead. For example, where can the business safely speed up to exceed achievement of objectives, or where should it perhaps slow down, and double-check in case it hits a bump on the road ahead. In the case of ERM, consistently reliable good quality information is, assuming competent systems, always available.

An Uncertain World Summarised:

  1.   WHO concerns that COVID-19 is just the start of a recurring cycle of extremely dangerous annual global pandemics,
  2.   Run-away weather events fuelling concerns about the environment and planetary health,
  3.   Multi-polar geopolitical tensions exasperated by misinformation/fake news through social media,
  4.   Technology advances impacting traditional business and operating models and associated AI displacement of jobs,
  5.   Persistent cybersecurity attacks targeting company secrets and personal data,

The combined effect of these and other global threats and emerging risk sources is:

1.  Reducing the amount of time available to understand, let alone first identify risks, before they occur,
2.  Increasing the interconnected and interdependent nature of systems and processes, particularly across supply chains and partner ecosystems, creating contagion effects where risk               events in one area can connect with others or cause new risks to appear,
3.  Making it harder to quantify risk impacts across financial and reputational ‘integrated capitals’; and others for example environmental, manufacturing and human capitals

The Challenge:

Each threat and risk scenario needs to be understood and monitored. COVID-19 lessons have so far taught us that weaknesses include:

  • Poor risk management capabilities
  • Lack of organisational agility to respond to crisis
  • Poor business continuity and contingency planning
  • Poor resilience within the deeply interconnected and independent ecosystems across the globe resulting in systems failures across supply chain and other critical activities 

Using Agile Risk Management (ARM) practices SoluxR delivers results at scale, in less time, at less cost, more effectively and more reliably than other methods.

Immediate results begin to emerge when practical issues are addressed against internationally proven and accepted guidance assessing organisational risk, for example:

Objective Setting:

  1.   Listing organisational, business unit, or functional objectives against which decision-makers identify issues, challenges and opportunities which need to be factored into decision making    on an ongoing basis,
  2.   Considering the effect of uncertainty on objectives i.e. ISO 31000 definition of risk,
  3.   Evaluating levels of risk the organisation is prepared to accept in the pursuit of objectives i.e. risk appetite,
  4.   Deciding on risk treatments in accordance with attitude to risk,

Integrated with:

5.  SWOT analysis: Organisational Strengths, Weaknesses, Opportunities and Threats,
6.  Impacts across financial, human, reputational, manufacturing, natural and IP capitals

Powerful insights from such automated assessments conducted across large numbers of front-line decision makers have a hugely positive impact on the quality of thinking and decision making.


Dynamic links are distributed across the organisation, and its associated ecosystem of partners and suppliers to:

7.   Initially map and scope the risk landscape. The more links that are shared across the front line decision-makers the more automated assessments are undertaken. And, the more complete the enterprise-wide picture of risks associated with the achievement of business objectives.
8.   Thereafter decision-makers undertake more cadenced assessments which over time produce automated trend analysis leading to deeper insights and enhanced scenario development and stress testing,9.Consistently reliable enterprise-wide cadenced (front-line) assessments conducted over even 2-3 quarter’s results in a pooling of information on trends and insights leading to an organisational ability to anticipate and respond to changing conditions ahead of less adaptive competitors.