Challenges in Enterprise Risk Management Practices

Hyderabad, 28th August 2021: IMT Hyderabad organized a virtual session for the batch of PGDM Executive program students on "Challenges in Enterprise Risk Management Practices" on 28th August 2021. The event was presided by the Guest of Honour, Mr. Ramkumar Narayanan, Global Practice Head – Data Privacy – Cybersecurity & Risk Services, Wipro Limited. The event began with a brief introduction of the speaker to the batch, including the various roles he undertook in his extensive corporate career.

The speaker began by elaborating on the cascading impacts of the ongoing COVID 19 pandemic and its effect on the financial & operational resilience of organizations. He explained that COVID 19 on a larger scale has accelerated digitization and increased the momentum of going globally remote. He exemplified that the pandemic has caused a loss of $3.7T in labor income resulting in a 4.4?crease in world output, forcing about 9.4% of the world population into extreme poverty. He accentuated that the challenges presented by the pandemic call for tighter information security, enhanced firewall protection, and supply chain rationalization. He also highlighted certain pertinent global risks such as geopolitical shifts, including trade tensions, climate change, sustainability, and the need for greener technologies for technology enablement. He mentioned the importance of the implementation of disruptive technologies such as artificial intelligence and the internet of things and spotlighted their ability in possessing the potential to make or break organizations.

The speaker laid specific emphasis on integrating risk management into the existing decision-making and existing processes. He mentioned that the current business processes are inconsistent, being overly complex. Managing risks has often been visualized as a support function wherein business units are constantly required to provide information to the risk managers instead of the other way around. He elucidated that enterprise risk management is about managing risks and about managing strategic and operational decisions keeping the risks in mind. He exemplified that integrating risk management includes documenting the risk appetite, identifying significant risks, running risk simulations, documenting the entire decision-making process, and remunerating based on the risk-adjusted measures.

The speaker also explained the role of cognitive bias in the decision-making process by mentioning that decision-makers tend to ignore the risks once it's known that they have a significant impact on a particular decision. He elaborated that decision-makers significantly underestimate or overestimate probabilities and even tend to miss certain significant risks. He highlighted certain cognitive biases such as personal deformation, overconfidence, confirmation bias, and normalcy bias as critical factors for missing identifying overall risks. He emphasized that risk managers cannot afford to ignore the effect cognitive biases have on the decision-making and quality of risk analysis. He also suggested using different risk assessment methodologies, providing training & awareness, information validation, integrating risk analysis into the business processes & using quantitative risk analysis to reduce the subjectivity as crucial elements in overcoming the cognitive bias in decision making. He also enlightened the pragmatic challenges in enterprise risk management, such as targeting digital businesses with emerging new entry points, evolving threats, data breaches, etc.

His session was followed by a quick question-and-answer session to quell the student's curiosity. The session concluded with the speaker summarizing the limitations of unsuitable models of risk management techniques.