The effective management of risk has become a key boardroom issue. Companies now realize that, while financial integrity and business continuity are still of primary importance, these must be considered alongside practical business risks, such as branding and reputation, business development, employment practices, product liability, health and safety, fraud, intellectual property, customer loyalty and supply chains. Problems in any of these areas can undermine prospects for creating value and delivering earnings to forecast.

To manage business risk it is imperative that a company's board is structured to provide clear controls on risks and to delivery transparent reporting to stakeholders. Passive compliance with rules and regulations is no longer an option.

With a new foreward by Steve Fowler, CEO of the Institute of Risk Management, this practical guide to potential areas of risk within a business contains invaluable advice for directors of both large and small companies, bringin readers up to speed with the latest thinking and techniques for managing risk in a structured and integrated way.

Table of Contents :

Foreword by Steve Fowler, CEO, Institute of Risk Management

Contributors notes

Introduction

Part 1: Risk Management Strategy and Corporate Governance

1.1 Evolution in risk management

Marie-Gemma Dequae, Federation of European Risk Management Associations (FERMA)

Standards ; European directives ; The latest changes and developments in risk management in Europe ; The most recent developments in FERMA ; Your dialogue with the insurance industry

1.2 Strategic risk and good governance

Gillian Lees, Chartered Institute of Management Accountants (CIMA)

Introduction ; Getting the balance right ; The role of the board in practice ; The objectives of the CIMA Strategic ScorecardTM ; The four dimensions of the scorecard ; The scorecard in practice ; The strategic risk dimension in detail ; Current developments ; Conclusion

1.3 Corporate governance

Guy Facey, KSB Law LLP

Background ; Where the law on corporate governance is found ; Company law ; The Combined Code ; Associated guidance ; The Listing Rules, Disclosure Rules and Prospective Rules ; Guidelines from shareholder groups ; Board responsibility ; The UK and United States compared the international dimension ; Current developments where corporate governance law is going

1.4 Strategic risk management for small businesses

John Watt, Middlesex University

Introduction ; Drivers of risk management for small businesses ; Risk management for small businesses ; Conclusion why a small business should develop a strategic risk management strategy

1.5 Risk management: failing to address the current risk agenda

Andrew Fields, KPMG LLP

Time for a deSOX ; Airing the dirty linen in public ; The end is night;

A new start, not a conclusion

Part 2: Good Practice in Implementing Risk Management Strategies

2.1 Enterprise risk management and business performance optimization

James W DeLoach, Jr, Protiviti, USA

Identifying value drivers ; The EVA framework: applications for increasing enterprise value ; ERM and EVA: opportunities for improving business performance ; Conclusion

2.2 A scorecard born and embraced

Eric Bloem, Heineken International

Introduction ; Why collect information in a scorecard form? ; The first scorecard ; Framework to create the environment to get it done ; How did we achieve this? ; Conclusion

2.3 Integrated risk management at an international automobile manufacturer

Frank Stenner and Elmar Steurer, BMW Group

Risk and risk management ; Integration of risk in the company ; Implementation of an integrated CRM ; Aggregation of chances and risks for the allocation of risk capital ; Conclusion

2.4 Contract risk

Robert Chapman, Siemens Insight Consulting

Introduction ; Board accountability ; Identifying the board?s appetite for risk management ; Identifying responsibility ; Risk management applications ; Contracts ; Delivering a service or product ; Case study: Airbus (delivering a product) ; Procuring a service or product ; Case study: Terminal Five (procurement of services) ; Conclusion

2.5 Delivering improvements in risk management through measurement and assessment

Richard Archer and Alan Stanbra, DNV

Management adage:You can't manage what you can't measures ; Management systems ; Measurement ; Assessment ; Assessment programmes ; Summary

2.6 Keeping your reputation safe from risk

Kevin Taylor, Companycare Communications

Heritage can count for (almost) nothing ; Case study: Kodak comes through with flying colours ; Three golden rules of reputation protection

Part 3: Risk Issues in Operational Management

3.1 Institute of Directors risk management survey synopsis

Alena Watchorn, HSBC Insurance Brokers

Executive summary report ; Key findings

3.2 Origins of risk in the supply chain

Helen Adler

Implications of risk ; The state of play ; Tackling supply chain risk ; Conclusion

3.3 Syndication and supplier risk and the use of VSRD

Allan Gerrish, ICM Computer Group

Specific risks of syndication ; What are syndicated services?; Syndication ratios ; Voluntary supplier risk declaration an example ; Client risks ; Exclusion zones ; Exclusion zones and contention; Alternative sites, invocations and testing ; Accountability ; Summary ; Conclusion

3.4 Quality risk

Ian Hodgkinson, LRQA

Supply chain risk ; Managing quality risks ; Understanding the customer need ; Establishing capability ; The importance of management systems

3.5 Critical engineering and risk management: avoiding complacency

Paul Saville-King, Norland Managed Services

Introduction ; The five pillars ; Culture and behaviours ; A new model

3.6 Consolidating operational risk

Odd Andersen, DNV

Measuring project risk and consolidating project and programme risk ; Describing the overall risk of the organization ; This chapter has only scratched the surface

3.7 Managing the sticks and the stones: bouncing back from a crisis

Elisabeth Lewis Jones, Liquid Public Relations Ltd

The aftermath ; An integrated approach ; Company culture ; A survival strategy ; Bouncing back

Part 4: Risks for Financial and Corporate Managers

4.1 Risk without reward

Richard Coello, ACE European Group

How insurance can and should play a part in mitigating the operational risks faced by funds and fund managers

4.2 Top priorities for internal audit in a changing environment

Robert B Hirth, Protiviti, USA and Carmen M Rossiter, Protiviti, Canada

Raise the bar live up to heightened expectations ; Revisit the charter and reporting relationship validate purpose and position ; Rebalance internal audit activities focus on risk and stakeholder expectations ; Communicate sharpen dialogue with senior management and the audit committee ; Act as a change agent facilitate positive change ; Drive efficiency work smarter; Build talent attract, develop and retain the best ; Participate in the profession embrace the IIA Standards ; Strengthen quality processes focus on continuous improvement ; Measure performance add value ; Conclusion

4.3 Regulatory risk senior managers, systems and controls in financial services firms

Penny Sanders, KSB Law LLP

Case study: The risks (1) L Limited (fined ?63,000) ; Case study: The risks (2) Mr N ; ARROW II visits ; The Markets in Financial Instruments Directive (MiFID)

4.4 Conflicting priorities best practice in conflict management

Graham Massie, Centre for Effective Dispute Resolution (CEDR)

Preface ; A universal condition ; The cost of conflict ; Is there any good news? ; Developing a conflict management strategy ; How to get there ; Conclusion

4.5 Warranty claims managing common risks on the sale or purchase of a business Andrew Cromby, KSB Law LLP

Introduction ; Warranty claims ; Standard exclusion provisions ; Practical points to remember ; Case study ; Post-notification matters ; Conclusion

4.6 Taxation risk

Louis Cooper, Chiltern plc

HM Revenue and Customs in the UK ; US regulatory framework ; A framework for taxation risk management ; Tax shouldn?t be taxing

Part 5: Risks in Innovation and Expansion

5.1 Risk management in innovation

Clare Farrukh, James Moultrie, Rob Phaal, Francis Hunt and Rick Mitchell, Centre for Technology Management, Institute for Manufacturing, University of Cambridge

Introduction ; Managing risk within an innovation project ; Managing the risk of innovation investment

5.2 Political risks

Stephen Capon, ACE European Group

Introduction ; Shaping the private market ; A discretionary spend?; Conclusion

5.3 China: counterfeiting and brand protection

Neil Miller, Commercial Security International Limited

Introduction ; Intellectual property risk ; The numbers ; Traditional and internet infringements ; Case study: Factory overruns ; Case study: Parallel trading ; IP protection recommendations ; Recent enforcement legislation ; Conclusions

5.4 Expanding by acquisition managing the unknown and undisclosed risk

David Bredon, HSBC Insurance Brokers

Assessing the risks ; Warranty protection risk allocation and transfer ; Risk transfer ; Competitive advantage

Part 6: Employment and Human Relations Issues

6.1 Management fraud your boss is involved

Sean Holohan and John Cassey, Protiviti

6.2 Disability risk assessment of your premises

Caroline Summerfield, KSB Law LLP

Executive summary ; What the DDA covers ; Dealing with access to your premises ; Checklist of issues

6.3 Occupational pension schemes risk versus reward

Richard Coello, ACE European Group

Introduction ; The migration from defined benefit to defined contribution ; Trust versus contract arrangements ; The trustee professional ; Managing risk in an ongoing scheme ; Trustee protection

6.4 Work-related stress a hazard that organizations should not ignore

Allison Grant, KSB Law LLP and Caroline Raymond, Stress in Perspective

Introduction ; What is meant by the term stress ; The potential benefits from taking action ; The law on stress ; The elements of an effective strategy ; Who should be involved ; Making the strategy work and reaping the benefits

6.5 Age discrimination protect your business

Allison Grant, KSB Law LLP

Yes, it will affect you ; What the new legislation prohibits ; Justification ; Recruitment ; Promotion ; Service-related benefits ; Enhanced redundancy pay ; Retirement

Part 7: Areas of Risk in IT Management and Usage

7.1 Information risk management

Mike Madgin, DNV

Introduction ; Business drivers ; IT risk in a changing business environment ; Risk assessment process ; Summary

7.2 Replicating data for business continuity

Leigh Griffiths, Hewlett-Packard

The power of replication ; Smart storage systems ; The disaster-tolerant solution ; Case study: Elsevier ; Case study: Shoosmiths

7.3 Information security governance and The Wealth of Nations

Paul Williams, Protiviti

Relate this principle to information security ; How this may best be done

7.4 Risk management and wireless security

Tim Pickard, RSA

Introduction: assessing wireless risk ; The context: why wireless? ; The advent of wireless ; Serious problems ; Managing wireless risks ; Prepare for the wireless future

7.5 The evolution of biometrics: why increased security could present the greatest risk of all

Thomas Stamm, XL Group

Defining biometrics ; The biometric recognition process ; How identification technology can improve risk management ; Risks of biometrics ; Use of biometric technology ; Conclusion

Part 8: Aspects of Environmental Risk

8.1 Managing environmental risks: a survey of international developments

Karl Russek, ACE European Group

Regulatory environment ; Legal system

8.2 Managing occupational health and safety

Tony Boyle and Mike Thomas, HASTAM

Introduction ; Existing OH&S management ; Key issues ; Conclusion

8.3 The environmental and related business impacts of climate change

Deborah Evans and Anne-Marie Warris, LRQA and Anne Goodenough, University of Gloucestershire

Introduction ; Consequences of climate change ; Implications ; Conclusion

Appendix: Contributors contact list

Index

Index of advertisers