|
 |
|||||||
|
|
|
|
|||||||||||||||||
|
|||||||||||||||||||
|
|
|||
|
Reader
Profile
Editor's note: Each month, we ask a Directors & Boards reader to comment on critical issues facing directors today. If you'd like to participate in this section in the future, please email Scott Chase. How do you know you are focused on the right risks? There is a duality of risk management needed to ensure that companies are operating predictably while optimizing performance. This is the focus on both strategic risk and operational risk. With today’s regulatory environment, many companies have become too centered on managing tactical, compliance related risks, without having appropriate focus on strategic risks. A tactical risk approach is generally not well aligned with the organization’s key strategic objectives around performance, predictability and growth. Focusing on the right risks to protect and manage your business requires a strategic, enterprise approach to risk management, which gives you the understanding to best manage those risks that impact your ability to perform, with both a strategic and tactical view. Including risk in the strategy planning process provides a great competitive advantage. By seeing a consolidated view of strategic objectives, performance indicators and their related risks, corporate direction and risk mitigation steps can be determined that support optimized performance with predictable operations. Effective identification of operational risks includes alignment with the corporate strategy to more successfully drive the company to its corporate goals. The Board is instrumental in driving this direction from the top down. How can a company increase the visibility of their risk profile? A holistic understanding of a company’s risk profile is critical in today’s business environment. Unfortunately, many companies tend to take a siloed approach to risk management, for example evaluating and managing risks solely with a departmental view, or looking only at a single type of risk like regulatory, financial, or operational. Viewing risks in this manner severely limits the true picture of risk to your company. A risk incident in one department may be immaterial, but if that same incident is occurring throughout the company, the issue may actually be critical. As well, the impact of an event within one initiative can have a dramatic impact on other initiatives. The lack of this kind of visibility prevents you from understanding how the risks impact the overall business, and each other. By taking an enterprise level approach to risk management, and aligning key risks across business processes and strategic initiatives, companies have much clearer visibility into their true risk profile. From this vantage point, you can make more intelligent decisions on which risks to manage, which to mitigate. And provide deeper insights into new business opportunities that may not have been visible before. What approach can a company take to prioritize and manage risks? Risk management is really about helping you protect the value that you’ve built in your business, as well as identifying and managing new growth opportunities. By assessing the true impact of risks across your business, you can dynamically prioritize the risks based on those with the greatest impact to your strategic objectives, both positively and negatively. An effective risk management process starts with identifying and planning for the risks that affect your business. Next is assessing and prioritizing the key risks, including the impact, probability, and mitigation strategy. Then, risk response and ongoing monitoring of key risks integrated with corresponding controls allow you to dynamically and confidently manage your performance within your changing business environment. Daily management of operational risks requires risk management to be integrated via systems as well as operational processes to monitor and mitigate risk events as they occur, and even proactively. This cultural and technological shift, combined with an effective risk management methodology, provides the most effective way to build and maintain an effective risk management process across your organization.
|
|
||
| Narina
Sippy is senior vice president and general manager of SAP’s Governance,
Risk and Compliance (GRC) business unit. Sippy oversees all aspects of
the GRC group’s development and growth, with direct responsibility for
product strategy, product development, solution management, field
enablement, sales and customer relations. Prior to her current role, Sippy was senior vice president of marketing and sales for SAP’s Business User Development group. Sippy oversaw all go-to-market strategies and activities – including business development, field enablement, marketing and sales – for key business user solutions in the areas of Governance, Risk and Compliance (GRC), Corporate Performance Management (CPM), and enterprise search, user interface, mobile applications, and Duet (SAP's joint offering with Microsoft), among others. Sippy also drove SAP’s multi-year effort to holistically address the increasingly strategic role of the CFO in driving business performance. Prior to her GRC and Business User Development roles, Sippy was vice president of solutions marketing at SAP and was responsible for a number of cross-projects within SAP’s Product and Technology Group (PTG). In particular, she drove pricing and packaging across SAP’s entire product portfolio, as well as interim pricing and packaging for all new products SAP acquired as a result of M&A activity. Sippy brings 15 years of experience in enterprise applications positioning, marketing and strategy development. Her tenure with SAP dates back to 1991 when she ran public relations for SAP America, Inc. and was instrumental in building the company’s profile in the United States. She later worked as part of the R/3 client-server software suite launch team. In the late 1990s, Sippy was vice president of marketing communications for SAP America, leading worldwide public relations, analyst relations, advertising, and customer, partner and employee communications programs. During this time, she also served as a senior member of SAP America’s management team. In addition to her work at SAP, Sippy spent four years at Siebel Systems, Inc, where she held a number of product marketing roles. She was vice president of industry solutions, where she oversaw the development, packaging and sales of industry-specific CRM applications. She later served as vice president of product planning and operations across all Siebel product lines, where she managed product positioning and pricing, global go-to-market and product launch programs, competitive intelligence, analyst relations, and general business planning. In addition to Siebel, Sippy has also worked as an independent consultant where she provided strategic marketing and business consulting services to a wide range of start-ups and well-established enterprise software companies. Sippy holds a Bachelor of Arts in Mass Communications and a Minor in Art History from Boston University. Copyright © 2008 Directors & Boards, P.O. Box 41966 Philadelphia, PA 19101-1966. All rights reserved. Contact the webmaster. < Privacy Notice > |
||||
