Earlier this year I wrote that directors have become much more educated in recent years about enterprise (not just financial) risk management and about their fiduciary responsibility to oversee ERM effectiveness. (See this Doug’s Note.) Directors are asking management to answer specific, substantive questions about how the company’s ERM functions and how they can (or must) become more involved. As a result, short, vague, infrequent ERM reports from management to the board are becoming a thing of the past. Management now must be more intentional in how it bridges the gap between the company’s detailed, operations-oriented risk management plan and the board’s strategic oversight perspective.

Some companies are addressing this challenge by adding a risk oversight committee to the board’s existing committee line-up. More companies are expected to follow that lead in the near future.

To continue reading, please click here.