❚ ❚ Project management and client relationships ❚ ❚ Professional responsibility and ethics issues ❚ ❚ Regulatory and/or legislative compliance ❚ ❚ Operational/business risks: ❚ ❚ Firm governance and management approach ❚ ❚ Office space and lease agreements ❚ ❚ Business interruption/natural disasters ❚ ❚ Staffing levels ❚ ❚ Subconsultant selection, management and oversight ❚ ❚ Information technology risks: ❚ ❚ Intellectual property exposures, including loss or theft of
ROB HUGHES, from page 3
After defining their firm’s risk appetite, or level of risk it is willing to take to achieve its growth and sustainability objective, the ERM team can proceed to identify and quantify its risks. One way to do this involves holding a firm-wide exercise or workshop to get input from everyone involved, and then to organize and analyze all the information captured. Keep in mind, this approach may be more time-intensive for firms with multiple offices in varied locations. Depending on your firm’s size, the ERM team might gather the necessary information through one-on-one interviews with key leaders of the firm or by having all employees participate in an online firm-wide survey. Although such surveys can be completed quickly, the quality of responses may not be optimal and the lack of face time forgoes the opportunity to create an ERM culture. Once critical risks are identified, they can be examined individually, assigned relative monetary values and probability of occurrence. Each risk can be weighted and mapped graphically for comparison. One approach uses a statistical scattergram with a horizontal axis ranging from low to high probability of occurrence and a vertical axis showing the potential financial impact of a loss event. In setting priorities, higher impact events with higher probabilities are the most critical to assess carefully and mitigate or manage. For analyzing individual risks, some firms use key risk indicators, which help track the potential presence, level, or trend of a risk. For instance, a spike in “days outstanding” for accounts receivable may signal issues with billing, collections, or individual client relationships. To identify key risk indicators, you can check the firm’s applications for management liability and professional liability insurance. They typically have questions about significant potential risks and can help the firm see if it has the best practice, procedure, or system in place. Examining risk in a wider context may also identify off- setting risks. If certain events might result in a decrease in billings in one area of a firm’s business, it may be offset by increased activity in another. For instance, COVID-19 may have led some owners to postpone some projects, but may have triggered increases in others, such as those in healthcare. To facilitate effective risk analysis, some firms categorize risks into groups, such as: ❚ ❚ Strategic risks:
client blueprints and schematics ❚ ❚ Data security and ethical walls ❚ ❚ Third-party suppliers and outsourcing ❚ ❚ Human resources risks: ❚ ❚ Retaining key design professionals and staff ❚ ❚ Compensation practices ❚ ❚ Benefits plans and adequacy/cost ❚ ❚ Training and development ❚ ❚ Financial risks: ❚ ❚ Cash flow and capital requirements ❚ ❚ Financial controls ❚ ❚ Uninsured and under-insured losses ❚ ❚ Pension obligations ❚ ❚ Client insolvency ❚ ❚ Fraud/embezzlement of firm and client assets ❚ ❚ Accounts receivable/fee disputes
A key element of ERM involves establishing risk measurements to monitor results. For example, in assessing the firm’s financial risks, some measures might include billing trends, receivables over 90 days, credit line utilization, and pay down rate. In addition, some ERM teams conduct formal annual “risk audits” to assess performance against key risk metrics, which helps determine if the firm was able to reduce potential hazards. ERM provides a formal process for firms to examine their critical risks in context, and implement cost-effective risk management and risk-financing solutions that yield measurable results. An experienced risk advisor can help you determine the most effective ways to deploy ERM within your firm. ROB HUGHES, senior vice president and partner, Ames & Gough. He can be reached at email@example.com. AUTHOR’S NOTE: Some ideas and processes mentioned in this article were gleaned from: Fraser, John and Simpkins, Betty J. Enterprise Risk Management: Today’s Leading Research and Best Practices for Tomorrow’s Executives . Hoboken, New Jersey: John Wiley & Sons, Inc., 2010.
❚ ❚ Practice disciplines ❚ ❚ Target client base ❚ ❚ Geographic focus (projects or offices) ❚ ❚ Organic growth vs. M&A ❚ ❚ Reputational issues ❚ ❚ Practice management risks: ❚ ❚ Contract hygiene
© Copyright 2021. Zweig Group. All rights reserved.
THE ZWEIG LETTER MARCH 29, 2021, ISSUE 1385
Made with FlippingBook Annual report