Publisher: CreateSpace Independent Publishing Platform
Product Dimensions: 0.3 x 5.9 x 8.9 inches
This book describes a real world approach for business owners, executives and Boards to use in determining how business risk can affect top priority business strategies and how to develop action plans for addressing those risks through Enterprise Risk Management (ERM). It clearly explains the steps necessary to achieve an effective ERM process through a unique methodology for identifying and prioritizing risks across business functions. It provides an initial set of specific risks many functions may currently face. It also includes tools, sample reports and a case study that ties everything together providing the reader with a practical guide for implementing ERM. It is a concise tool for chief risk officers (CROs), functional executives, business owners or anyone in a leadership position who plays a role in managing risk. The emphasis is on linking ERM to the corporate strategy which is well illustrated in the case study. In addition, there is a detailed discussion of the value of ERM to the enterprise and its various stakeholders. Using this book, you can expect to be able to implement ERM with the confidence that you are managing the organizations most critical risks, enabling the enterprise to meet its strategic goals and objectives. It is a book that was intended for CROs to share with their risk committees and colleagues so all are working from a common understanding. As one reviewer stated” Straight to the Point should be shared with all functional department managers and process owners as they collaborate in identifying and mitigating risks that could preclude the success of corporate strategies. The authors’ use of a case study to illustrate their approach is an excellent practical guide for management teams implementing a results focused enterprise risk management versus just “checking the box.” Part I – ERM Guide Points: Guide Points to consider when developing an effective ERM process plan, including selling the concept, how to tie ERM to strategy, and democratizing management of enterprise risks. Part II – ERM Process Points: A unique methodology for: – Identifying risks from practical business perspectives – Leveling the playing field for prioritizing risks consistently across the enterprise – Developing business process based mitigation – Effective monitoring and reporting Part III – ERM Function by Function: Describes five major business functions that are common to most organizations emphasizing that ERM is far more than just financial risk. Part IV – Case Study: A real world based case study that follows the methods described in this book and ties it all together.
About the Authors
Al Decker is a recognized authority on Enterprise Risk Management, information security and privacy, and internal controls with more than 30 years experience in private industry and public accounting. He has served as an outside director of a private company and the CEO of a consulting firm. As a leader in his field, he has provided consultative services and training in ERM, information security and internal controls for companies worldwide.
He is currently the Managing Principal at Al Decker Associates – Enterprise Risk Management Advisors.
Prior to forming Al Decker Associates, Al was the Executive Director of Enterprise Risk Management at Electronic Data Systems (EDS), the Worldwide Executive for Security and Privacy services for IBM, and the founder and CEO of Fiderus, an independent security, privacy and risk consulting firm.
At Coopers & Lybrand L.L.P. (now PricewaterhouseCoopers), he was the founder and National Partner-in-charge of the IT Security Services practice, and the National Director of IT Audit Services.
He was also an independent director for Quadrem International Holding LLC, where he served on the board’s Audit and Security committee, inspiring and directing the company’s ERM and security programs.
Author, speaker and pundit, Mr. Decker has been quoted in leading business and trade publications, including Business Week, Information Week and The New York Times as well as appearing on CNN for his expertise in these fields. He lectures frequently on ERM, network security, computer fraud, business continuity, and other risk-related subjects for groups such as the NACD, AICPA, FEI, ISACA, the Computer Security Institute, the Institute of Internal Auditors and various industry associations.
Mr. Decker holds a B.S. in mathematics from William Paterson University of New Jersey and an MBA in accounting and finance from Rutgers University.