Skip Ribbon Commands
Skip to main content


Firms Must Navigate Roadblocks Impeding Strategic Risk Management 4/30/2010

Marsh-RIMS Survey finds strategic risk initiatives slowed by silos Divergent views on ERM and risk management priorities

NEW YORK, April 27, 2010 – Companies with strategic risk management can reap benefits in such areas as development of business strategy, regulatory compliance, and improved communication about risk across the organization. However, they often must first hurdle internal barriers.  That is one of the conclusions of a new survey, Elevating the Practice of Strategic Risk Management, released today Marsh and the Risk and Insurance Management Society, Inc. (RIMS) during the “Excellence in Risk Management VII” session at RIMS’ 2010 Annual Conference. 
“This is a time of opportunity for risk practitioners and their C-level colleagues,” says Brian C. Elowe, a managing director in the Global Risk Management Division of Marsh. “For risk and financial executives, now is the time to move their organizations along a path toward more strategic risk management.”

Although fallout from the global financial crisis and the implementation of more stringent financial regulatory requirements have given businesses the impetus to adopt enterprise-wide risk management approaches, many still face roadblocks in elevating their risk practices.

More than half of the risk management, finance and C-level executives participating in the survey cited enhancing strategic risk management as their primary focus area in 2010.  Yet, an almost equal number conceded their firms do not have an enterprise risk management (ERM) program. 

To achieve a 360-degree view of risk, many firms must hurdle such challenges as organizational silos; divergent views within their own companies about the definition of ERM and key risk issues; as well as the lack of personnel and financial resources. The survey was compiled from online responses received during the first quarter of 2010 from 418 risk managers, C-suite, finance and other executives involved in risk-related functions.

“The use of deeper analytics and other strategic tools and methods allows risk managers and financial executives to provide compelling information for the C-suite discussion about uncertainty, risk, and volatility — and to achieve greater visibility in their organizations,” said Mr. Elowe.

He added that given the imperative for more transparency around risk issues, CEOs, CFOs and others in the C-suite have an opportunity to tap into the risk management resources across their organizations to elevate the discussion and practice of risk management and broaden their outlook.

“Enterprise risk management, or strategic risk management, is no longer just a ‘nice to have,’” says Deborah Luthi, vice president of RIMS board of directors. “Regulators, customers, investors, and other key stakeholders are pressuring organizations to identify and explain how they manage the risks they face.”

Indeed, the number of organizations with a formal ERM program rose to 28 percent in 2010, from 9 percent the prior year.  However, those without an ERM program also increased to 53 percent in 2010 from 35 percent in 2009, and those in the process of building and implementing an ERM program fell significantly to 19 percent from 56 percent.

“This finding may reflect a better overall understanding of what an ERM program entails,” says Ms. Luthi.  “The increased focus by the Securities and Exchange Commission and credit rating agencies on ERM may have prompted some executives who in the past said they were building an ERM program to step back, look at the risk management initiative they have in place, and decide it really does not quite add up to ERM.”

The survey found potential communication and perception gaps between risk managers and others in an organization. As an example, 83 percent of risk managers said their organizations have a plan in place for business interruption, but only 68 percent of C-suite and 55 percent of finance executives reach the same conclusion.  Perceptions were similarly divergent on the issue of technology failure.

“Risk managers may need to revisit how they inform leadership about the plans and other measures they have in place to address their key risk issues,” says Mr. Elowe. “It could signal a need for greater discussion of risk in general across the organization.”

Lack of dedicated risk management personnel represents the biggest obstacle to improving an organization’s risk management, followed by higher priorities given to other areas, and the need to demonstrate return on risk management investment.  Among measures to expand their risk management capabilities in 2010, 56 percent of those surveyed plan to enhance their strategic or enterprise risk initiatives, up from 45 percent in 2009.  Training and education, the top priority in 2009, dropped to second this year, followed by updating technology, and improving governance structure.

The shift in priorities may reflect a heightened focus on compliance with new Securities and Exchange Commission (SEC) Rule No. 33-9089, which calls for increased disclosure of risk governance practices.  The survey found that large public companies appear to be far more prepared for the SEC rule than their smaller counterparts:  84 percent of those with annual revenue of $1 billion or more indicated they have prepared for the SEC rule, compared with 60 percent of those with annual revenue of $50 million - $1 billion, and 67 percent of those with annual revenue below $50 million.

“Showing a return on investment for an ERM program has been an issue for some firms. However, with the new SEC rule, risk executives have one more item to show in their list of areas that will benefit from having ERM in place,” says Mr. Elowe.

RIMS members can download a copy of the report, Excellence in Risk Management VII: Elevating the Practice of Strategic Risk Management, at  Others may access the report by registering at

About Marsh
Marsh has over 23,000 employees and provides advice and transactional capabilities to clients in over 100 countries. Marsh is a unit of Marsh & McLennan Companies (MMC), a global professional services firm with approximately 52,000 employees and annual revenue exceeding $10 billion. MMC also is the parent company of Guy Carpenter, the risk and reinsurance specialist; Kroll, the risk consulting firm; Mercer, the provider of HR and related financial advice and services; and Oliver Wyman, the management consultancy. MMC’s stock (ticker symbol: MMC) is listed on the New York, Chicago and London stock exchanges. MMC’s Web Site is Marsh’s Web site is


# # #

About RIMS

As the preeminent organization dedicated to educating, engaging and advocating for the global risk community, RIMS, the risk management society™, is a not-for-profit organization representing more than 3,500 corporate, industrial, service, nonprofit, charitable and government entities throughout the world. RIMS has a membership of approximately 11,000 risk practitioners who are located in more than 60 countries. For more information about the Society’s world-leading risk management content, networking, professional development and certification opportunities, visit

​ ​

For more information, contact:

Josh Salter, RIMS communications manager, (212) 655-6059 or



Access the most comprehensive directory of solution providers for risk professionals.


myCOI's suite of products provides you with the right solution to simplify the tracking process and minimize your risks of an uninsured claim and costly litigation...

RWH Myers

RWH Myers is committed to helping policyholders through business interruption and property damage claims, efficiently and accurately...


Navigant represents policyholders in the analysis of losses and preparation of complex insurance claims...