CATEGORY:

Risk Management, Training

TAGS:

, ,

Organizational Strategic Decision Making

Join us for a two-day seminar April 12-13 where you can learn abut this mission critical program

When it comes to running a public entity, many issues can potentially derail the most dedicated and well-intentioned special district. It may seem impossible to circumvent all of the risks that pose a threat to your organization.

However, the Pool has good news for its members. This year, we are sponsoring a two-day workshop on organizational strategic decision making, also known as Enterprise Risk Management (ERM). Organizational strategic decision making is not a static solution; it’s a continuous process that assesses all of the issues your organization may encounter.

Developed by top risk managers from around the world, ISO 31000 is worldwide standard of risk management, and has been widely implemented in both the public and private sectors: cities, public entities, and international corporations. Enterprise Risk Management provides the tools necessary to fill a glaring void in decision making that traditional methods and processes could not. If you’re unsure whether ERM will benefit your district, we ask you to consider the following:

Have you addressed the following critical issues in your organization:

  • How to achieve organizational objectives
  • Business continuation plan for key personnel
  • AKA: Disaster Recovery
  • Plan for predictable catastrophic incidents
  • Transition from compliance based safety to building a positive safety culture
  • Every financial audit requires a statement on ERM within your organization

Have you taken into account the following considerations?

  • Proactive management of organizational risk
  • Preparation process for the next generation of leaders
  • This is a well known international management standard ISO 31000 that is not going away

How can ERM Benefit Us?

In an installment of its Risk Series, the IBM Center for The Business of Government published a compelling case for the implementation of ERM in the federal government precisely because of the culture inherent in public sector organizations: where employees comply with regulations and only do the bare minimum in order to get by. This poses one of the greatest challenges to a public entity that attempts to adopt some form of traditional risk management, turning the process into “a large empty gesture of compliance with a set of documented actions rather than a meaningful process that adds value to decisions.”1 Risk management at its core is intended to strengthen decision making, and ERM takes it a step further.

Essentially, ERM creates a framework that involves every single person in your organization, no exceptions. Through this framework, a district can set achievable objectives and everyone can work in concert towards those goals. This framework assists your organization with business continuation plans for key personnel, plans for predictable catastrophic incidents, and ensures that “managing risk is naturally incorporated into managing and not as a separate activity.” (source: Implementing ERM Using ISO 31000, 2016). ERM is designed to provide guidelines your district can tailor towards its operations, objectives, and projects.

An Example of ERM at Work

A water and sanitation district recently discovered that its SCADA system had been hacked and its data stolen. During the incident investigation, the district discovered that the cyber criminal had acquired access through a phishing email a manager had inadvertently opened. As it had never experienced a cyber-incident before and outsources its IT needs through a third-party vendor, the district was unsure how to prevent similar occurrences from happening in the future, short of warning employees to regularly vet their emails. Their IT vendor could not provide any direction regarding cyber-crime prevention.

The water and sanitation district reached out to an IT security agency located in the area and hosted a safety meeting on cyber prevention. The district’s board members, management, employees, IT vendor, and outside consultants attended in order to come up with standard operating procedures for email correspondence, Internet usage, and backing up data. Cyber prevention became a top priority for the district and as a result, no cyber incidents have occurred since.

How Do You Learn More about ERM?

  1. Free 40-minute mission critical ERM Principles webinar streaming available anytime @ csdpool.com/erm
  2. The CSD Pool is working with Colorado risk management organizations to host a 2-day Workshop on how to implement ERM.

A 2-day workshop will be presented by PRIMA’s ERM national training faculty, Wendel Bosen and Dorothy Gjerdrum on April 12 and 13 and will be held in Lakewood, Colorado at West Metro Fire Protection District’s training facility.

The cost is $50 for Pool members, $500 for sponsors, and $600 for all others. A continental breakfast and lunch will be provided for attendees on both days. For more details about this event, email csdpool@mcgriff.com.

Source:

1. http://thomas-stanton.com/wp-content/uploads/2012/09/Improving-Government-Decision-Making-through-Enterprise-Risk-Management.pdf

Both comments and trackbacks are currently closed.