Published in 2010 this book is intended to be a comprehensive introduction to ERM and a reference source for practitioners.
The book is separated into six parts and twenty-eight chapters. It has been written by thirty contributors and several panellists with Fraser and Simkins being both contributors and managing editors. The tone, content and jargon of the book are heavily influenced by the location and profession of the contributors; seventeen USA based, eleven Canadian based and two European based. There is a roughly equal split between academics and practitioners.
The book is intentionally mathematics free. This is probably because the book is intended to be read by general practitioners who need to be aware of the potential mathematical approaches to quantifying risks but not the actual underlying mathematics.
“Part I Overview” contains an interesting time line of the development of ERM. It discusses the concept of strategic risk management at length. This discussion includes a concept referred to as the return driven strategy framework. Personally, I was not persuaded by the discussion and suggested framework. There are simpler ways to frame business risks. Finally, there is a useful discussion on how the Board and senior management should integrate ERM into the business.
“Part II ERM Management, Culture and Control” contains a very useful introduction to ERM. The description of the CRO, the discussion of a risk-aware culture and the development of the ERM framework are all excellent. The discussion on identifying and communicating key risk indicators is the best introduction to KRIs that I have read.
“Part III ERM Tools and Techniques” is in part more of a practitioner's guide than an introductory guide. It includes a full description of how to run an ERM workshop and how to create a corporate risk profile: two important and practical issues which come early in the development of ERM for any given entity.
“Part IV Types of Risk” focuses on credit risk, market risk, operational risk and legal and reputational risk.
The risks are defined and tools and techniques for measuring and managing the risks are discussed. It was refreshing that the book included a section on the pros and cons of trying to manage market risk. The chapter entitled Credit Risk Management contains all of the important concepts and approaches to credit risk management. It also includes a brief analysis of the credit crisis and the lessons that should be learned from it. The chapter entitled Risk Management is my favourite chapter in the book. It explains the mess that the overuse of models can cause and the need for effective management. It goes on to outline what effective management could look like including a reference to Berkshire Hathaway's risk management framework.
“Part V Survey Evidence and Academic Research” contains a wealth of references to important and popular articles and books. This is an intended strength of the book. At the end of every chapter there are several dozen references in addition to those contained in Part V. This section also contains an outline of fifteen research studies citing the objectives and the conclusions. Time has passed since the research studies were completed but the conclusions remain both interesting and mixed. Some found no evidence that ERM added financial value to the firm. One study found that CEOs saw ERM as business limiting and would try to hamper its growth.
After the research studies the authors discuss the integration of ERM with other management initiatives such as strategic planning, compliance, internal audit, corporate governance and disaster recovery planning. I think that this is a key part of a successful and imbedded ERM and that the authors’ discussion is too superficial.
“Part VI Special Topics and Case Studies” contains a mixture of things that did not easily fit into the rest of the book. There is an introduction to how rating agencies assess a firm's ERM. I very much enjoyed the chapter entitled Establishing ERM Systems in Emerging Countries. It contains a wealth of information covering many different countries. I only wish that the authors had decided to make the next chapter about Establishing ERM in small and medium sized enterprises. This would have rounded off this section admirably. Obviously ERM wants to be seen as adding to shareholder value and fully integrated to the whole of the enterprise. To do this it needs to be proportionate and bespoke. It would have been interesting to have the authors’ insights on what are the most important components of ERM to focus on for small and medium sized enterprises.
In summary, there is much to like about this book. It can be read as a book and kept as a reference source. It contains very helpful chapters on workshops, risk profiling and credit risk management. It contains very interesting chapters analysing the credit crisis and the future for ERM. It contains a vast list of articles and books for further study.
Obviously no one book can be expected to cover ERM in the same way that no one book can be expected to cover business studies. This North American book is well written, introduces all of the key areas of ERM (but not the mathematics) and is not yet dated.
