Risk means uncertainty about the occurrence or not of a loss, and the way to control risks is through a strong governance and its effective management. Corporate risk management can be defined as a continuous activity conducted by all the departments in a company towards the evaluation of the probability and impacts of all potential risks to which it is exposed, prioritizing them based on risk analysis techniques, aiming that they are eliminated or mitigated to acceptable levels in accordance with the risk appetite and retention policies demonstrated by the company. Opportunities may be generated from an effective risk management, bringing competitive advantages. The effectiveness to identify, mitigate and manage risks is already being evaluated by rating agencies and by financial institutions. In such situation, an effective control management may have a tangible impact on a company’s evaluation.
Governance and risk management complete each other. Implementing effective internal control systems and to communicate a solid risk management to the shareholders, to the stakeholders and to the market in general are more and more being considered as an excellent market practice. There are financial institutions and rating agencies evaluating governance and risk management and, when well rated, will generate tangible positive impacts on a company’s evaluation. Below are some of the services related to ERM:
- Identification of how the company is prepared to respond to risks and if the existing policies, procedures and resources are adequate and correctly allocated;
- Implementation of policies and procedures on ERM – Enterprise Risk Management
- Implementation of risk matrices;
- Customized and structured workshops to identify, classify and prioritize risks.