Shaping a Risk Intelligent strategy
Confronting assumptions to find risk and opportunity
Discover why Boards and Directors often suffer from an incomplete understanding of strategic risk, and what they can do to avoid being blindsided by the unexpected.
This paper is written for boards of directors and senior executives – the people responsible, in their capacity as strategic leaders, for identifying and responding to the killer risks and game-changing opportunities that face an enterprise. These are the risks and opportunities often referred to as “strategic,” since managing the former and taking advantage of the latter is an essential part of an effective business strategy. In this paper, we discuss why boards and directors often suffer from an incomplete understanding of strategic risk – and what they can do to avoid being blindsided by the unexpected.
We believe that an expanded understanding of strategic risk is essential for leaders to carry out their responsibilities for risk governance, depicted at the apex of the triangle in the Risk Intelligent Enterprise™ framework. Effective risk governance requires leaders to understand that risk is integral to the pursuit of value, and to guide the enterprise in managing risk exposures so that it incurs just enough of the right kinds of risk – no more, no less – to effectively pursue its strategic goals. We hope that this publication brings you new insights on how to identify the “right” kinds of risks for your enterprise, and helps you shape a strategy that helps you make the most of the risks you choose to take.
To maintain alignment between risk exposures and business strategy, a Risk Intelligent Enterprise draws on the coordinated efforts of three levels of risk management responsibility, graphically represented as a three-layered triangle in Deloitte’s Risk Intelligent Enterprise™ framework:
- Risk governance, including strategic decision-making and risk oversight, led by the board of directors
- Risk infrastructure and management, including designing, implementing, and maintaining an effective risk management program, led by executive management
Risk ownership, including identifying, measuring, monitoring, and reporting on specific risks, led by the business units and functions
“It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so.”
– Mark Twain