Legally requested risk management activities by far do not fulfill the requirements on a consistent and value-creating risk management. Instead, the effort is often held down to the minimum level that ensures receiving the “tick in the box” by accountants.
Risk management requires the identification and evaluation of chances and risks; they describe a potential deviation from the expected value (not from the planned value). The evaluation of chances and risks is often influenced by the personal interest of the respondents being asked for their evaluations. In this paper, four options will be discussed to address this topic.
It is essential for a sustainable enterprise risk management to cover “all risk-relevant issues and considerations.” This includes the financial risk management as well as operationally oriented issues of threat management and contingency plans within crisis management. An integrated approach will be presented in the second part of this paper. It will be shown that risk management is more than combining several processes and methods; it is much more a company-wide approach that enables an open dealing with chances and risks, requiring a change in culture, governance and decision rules across the whole organization.
