RISK MANAGEMENT
Are Boards Doing Enough To Oversight Risk Management ?
By Reuben Kisigwa
Preamble
It is not feasible to overlook the importance of Boards or Governing Bodies , which are an essential part of Corporate Governance . They are crucial to an organization ’ s success and ultimately accountable for its advancement or collapse . Good Corporate Governance must make the shift from pure risk avoidance to well-informed risk thinking .
I will refer to Boards to represent Boards of Directors and other Governing Bodies throughout this Article . The three key aspects of the Boards are Governance , Strategic Progression , and Accountability .
Governance
Board governance is the framework that regulates the composition , operation , and decision-making processes of the Board . It also offers guidelines for how to collaborate with Management to the best of its ability . It provides the procedures , guidelines , and systems to enable Boards comprehend the precise duties assigned to each member and Committee .
Strategic Progression
How the organization develops is decided by , or at least informed by , the Board . The latter can assist the Organization in addressing opportunities and potential threats by bringing significant strategic knowledge across a variety of industries . The Board should regularly conduct strategic planning , which should encompass both short and long-term objectives .
Accountability
Legally speaking , the Board must oversee and hold the organization accountable . They must guarantee that all laws and moral principles are upheld and that the organization is properly allocating its resources and managing its assets .
The crucial task of risk Management oversight is one that Boards are expected to perform as part of their fiduciary responsibilities . Although the Board ’ s agenda has on many occasions included Risk Management oversight , recent global disruptions and corporate failures have underscored how crucial it is . Risk Management oversight has become crucial for Boards of public companies , private companies , and nonprofit organizations in the wake of the Covid-19 pandemic , a growing focus on Environmental , Social , and Governance ( ESG ) issues , supply chain disruptions , a rapid pace of change in the global business environment , and evolving cyberattacks .
“
The Boards that accept the necessity of developing and improving procedures to provide a clearly defined , well-understood , and efficient oversight function are more likely to succeed in the fast-changing business and risk landscape .
Boards are quickly learning that effective risk Management oversight is more than periodic reviews of Management ’ s risk registers or heat maps and securing Management ’ s confirmations of compliance . It is about Boards developing , implementing and constantly reviewing independent structures that directly confirm and assure them that Management is assessing the nature and scope of risks applicable to their organization , designing and applying appropriate controls to minimize the risks and monitoring the controls to ensure that they are working effectively - all this within Board preapproved Risk Management infrastructure .
The Boards that accept the necessity of developing and improving procedures to provide a clearly defined , well-understood , and efficient oversight function are more likely to succeed in the fast-changing business and risk landscape .
What Is The Board ’ s Role In Risk Management ?
The assessment of risks as well as the use of resources to reduce , control , and mitigate their effects on an organization are all parts of Risk Management .
The Board ’ s role in Risk Management is crucial because that ’ s where the decision-making process begins and ends . The Board must consider carefully and frequently the major risks that could result in different consequences than anticipated , whether those consequences are positive or bad .
If we consider “ upside risk ,” there may be a danger that boards become risk-averse and miss out on great opportunities by declining to try a novel process , product or service . Risks must be identified , followed up on , and managed at all levels .
36 MAL50 / 22 ISSUE