Sr' Enterprise Risk Manager

1
ERM and Operational Risk Predicting the Future
Without Data
Beaumont W. Vance
Sr. Enterprise Risk Manager Sun Microsystems,
Inc.
Editor Risk Management Reports www.riskreports.co
m
2
CAUTION These plants are covered in sharp spikes
that may puncture the skin if touched DO NOT
HANDLE
Seen in the entrance to the Health and Safety
Laboratory, Buxton The Health and Safety
Laboratory (HSL) is Britain's leading industrial
health and safety facility with over 30 years of
research experience across all sectors. Operating
as an agency of the Health and Safety Executive
(HSE), we support their mission to protect
people's health and safety by ensuring risks in
the changing workplace are properly controlled.
courtesy of John Adams, author of Risk
3
Risk Management Goal

• To reduce the uncertainty (volatility)
  surrounding future outcomes

4
ERM Finance Led the Way

• Portfolio view became holistic view
• Aggregation of small risks
• Risk adjusted calculations
• Volatility used to measure possible deviation
  from expected outcomes
• Hiring of specialists PhDs and CROs

5
Operational ERM Breakdown

• Portfolio view difficult
• Calculations difficult
• No historical data
• Bottom line little or no quantifiable data

6
ERM Frameworks

• Relied on existence of fictional and flawed
  concepts of risk tolerance
• Assumption 1 all things are quantified
• Assumption 2 Historical data is the only way to
  quantify
• Assumption 3 No numbers failure of model
• Assumption 4 We have all the answers

7
Models Built Around Risk ID

• Damage to reputation
• Failure to meet financial targets
• Loss of key personnel
• Economy crashes
• Entry of new competition in the market
• Typical Question What on earth am I supposed to
  do with these???

8
Report Majority Of Americans Unprepared For
Apocalypse SEPTEMBER 13, 2006 ISSUE 4237
from The Onion
"Our survey of households in seven U. S. regions
demonstrated that few citizens have bothered to
equip themselves with fireproof suits and
extinguishers to deal with volcanic upheaval,
solar flares, or the Lord's purifying flame,"
Malthusian Institute director James Olheiser
said. "Almost no one is prepared for a sudden
shift in the Earth's polarity or the eating of
the Sun and moon by evil wolves Skol and Hati
during Ragnarok."
9
ERM Rocket Science?

• The Columbia mission lifted off on January 16,
  2003, for a 17-day science mission featuring
  numerous microgravity experiments. Upon
  reentering the atmosphere on February 1, 2003,
  the Columbia orbiter suffered a catastrophic
  failure due to a breach that occurred during
  launch when falling foam from the External Tank
  struck the Reinforced Carbon panels on the
  underside of the left wing. The orbiter and its
  seven crewmembers dies approximately 15 minutes
  before Columbia was scheduled to touch down at
  Kennedy Space Center.

10
Complex Systems

• Sun Microsystems 13 billion in revenue, 37,000
  employees, 120 countries
• A company is just a complex system
• Risk arises from uncertainty and is a challenge
  mostly because of complexity
• It is easy to figure out what will go wrong with
  a stapler

11
Revenue target missed
Supply Chain Disruption
Failure to monetize RD
Sales execution
How can you break determine what drives risk and
uncertainty in a complex strategic risk?
11
a key risk driver
12
Revenue target missed
Supply Chain Disruption
Failure to monetize RD
CDP execution
Sole source supplier down
Loss of trade license
Inability to obtain components
Production too slow for demand
By talking to the risk owners, the risk drivers
can begin to be filled in.
12
a key risk driver
13
Revenue target missed
Loss of service revenue
Supply Chain Disruption
Failure to monetize RD
CDP execution
Sole source supplier down
?
Loss of trade license
Inability to obtain components
Production too slow for demand
?
Geo. Contcentrated Suppliers
No Bus. Cont. Plan
Mfg. Bankruptcy
Decrease in inventory
High defect rate
Mfg selection mistake
Natural hazard
Process breakdown
Political unrest
Misalignment of BU's
Error in product planning or design
Breakdown in Goal process
13
a key risk driver
14
Next Steps

• Once the drivers are identified, you can create
  tools, measure KRIs, create mitigation plans,
  etc.
• Much of the value in Operational ERM comes from
  finding actionable, assignable risk drivers

15
Wisdom of the Crowds

• In 1906, Francis Galton discovered the principal
  in a contest to guess the weight of a dressed Ox
• Avg. guess 1197
• Actual weight 1198
• Iowa Electronic Market accurate to 1.37 on
  Presidential elections
• Challenger stock market predicted culpability

16
Capital Expense
Quantifying Uncertainty
Defects
17
Expected Values
Capital Expense
Quantifying Uncertainty
18
Decision Tools
19
Beware Biases!

• Kahneman and Tversky Nobel in 2003
• 200 identified biases
• Ex. Anchoring Bias
• Ex. Expert Bias
• Biases can be used to nullify bias, or they can
  wreck your data

20
Operational ERM

• Solutions to many challenges already exist
• There must be more exploration into other
  professions (e.g. engineering, project
  management, behavioral psychology)
• Risk Management principles are universal,
  solutions arent always

21
(No Transcript)
22
Thank you for your time and attention

• Email Beaumont.Vance_at_sun.com
• Newsletter www.riskreports.com
• Blog http//www.prmia.org/Weblogs/General/Beaumon
  t_Vance/
• Column www.riskandinsurance.com