The Chicken or the Egg:
A study of Risk Management and
Strategic Planning
Presented by Raven Henderson
Raven Lane, LLC
Raven Henderson, CPA, CIA, CFSA
www.ravenhenderson.com
[email protected]
571-283-1878
Learning Objectives
 Understand the relationship between Risk
Management and Strategic Planning
 Learn tools to apply internal and external risks
in a strategic analysis to help build better
strategic plans
 Examine Enterprise Risk Frameworks,
Strength, Weakness, Opportunity, and
Treats (SWOT) techniques, and Risk
Management concepts
What is Risk?
Identify Risk Events
What could go wrong?
Who could we fail?
Where are we vulnerable?
What resources do we need to protect?
What must go right for us to succeed?
How could our operations be disrupted?
How do we know if we are achieving our
objectives?
Identify Risk Events
What information must we rely on?
What decisions require the most judgment?
What activities are the most complex?
What activities are regulated?
What is our greatest legal exposure?
How could someone convert assets?
How successful will be at managing
change?
How will we retain critical resources?
What is Risk Management?
The Tools:
ERM
SWOT
Risk Management Concepts
COSO ERM
Enterprise risk management is a process,
effected by an entity’s board of directors,
management and other personnel, applied in
strategy setting and across the enterprise,
designed to identify potential events that may
affect the entity, and manage risk to be
within its risk appetite, to provide reasonable
assurance regarding the achievement of
entity objectives.
COSO ERM
SWOT Analysis
SWOT Matrix
Strengths
(Internal Analysis)
Weaknesses
(Internal Analysis)
Opportunities
Threats
(External Analysis)
(External Analysis)
SO Strategies
ST Strategies
Capitalize on internal
strengths to maximize
opportunities.
Draw on internal strengths to
reduce external threats.
WO Strategies
WT Strategies
Overcome internal
weaknesses to maximize
opportunities.
Reduce internal weaknesses to
guard against external threats.
Risk Management Checkpoints
 Management Policy
–
–
–
–
–
–
Soundness, rationality, and integrity of policy
Clarity and permeability of policy
Understanding of risk management
Basic strategy for risk management
Diversification of risks
Countermeasures for identified risks
 Internal Control
– Organization, delegation of authority, and reporting
– Separation of responsibilities
– Staff recruiting and training
Risk Management Checkpoints
 Profit and Loss Management
–
–
–
–
Monitoring
Distribution of resources
Pricing
Competition
 Compliance and Disclosure
– Management understanding of legal compliance and
action to achieve it
– Establishment and implementation of a framework
– Actively disclose financial information and restraints
 Contingency Plan
Words of Caution:
Don’t do these by yourself
Don’t use these for the next 10 years
Don’t expect these to provide all the
answers
Questions?
[email protected]
571-283-1878