Summit Preview: Enterprise Risk Management and the Risk-Intelligent Organization

To learn more about the Executive Summit agenda, visit

In recent years MAPI member companies have embraced the Enterprise Risk Management (ERM) concept. In most general terms, ERM entails those methods and processes of coordinated risk management used by an organization that place great emphasis on cooperation across departments and business units to enable the enterprise to manage its full range of risks as a whole. This holistic approach helps an organization identify, analyze, manage, and monitor risk comprehensively. ERM provides a framework for effectively managing uncertainty, addressing risk, and seizing opportunities as they present themselves. As a systematic, integrated approach to managing all risks facing an organization—including risks arising from such diverse causes as economic cycles, technology advances, political and regulatory developments, demographic changes, social or cultural trends, and ecological concerns—ERM is intended to enable an enterprise to better appreciate its resiliency to the key risks it might encounter and to manage those exposures to the degree desired by its senior management. Increasingly, ERM involves Board oversight and supervision of these methods and processes of coordinated risk management.

This important subject will be addressed at the MAPI Executive Summit (May 15-17, 2013, the Peninsula Hotel, Chicago, IL) by Steve Stich, Chief Risk Officer, Oshkosh Corporation. Mr. Stich is the principal architect of one of the most sophisticated, yet practical, ERM programs seen in the MAPI membership. He will explain how the ERM goal at Oshkosh is to change the paradigm of the organization to make risk management a “way of doing business.” The company’s ERM program has evolved for over a decade and, as such, continues to be a journey rather than a destination. Mr. Stich will describe how this journey started with the full support of the company’s executive leadership team and the approval of its Board. It is designed to identify and communicate information about the major threats to, and the opportunities presented for, the organization. He will stress the need for an ERM “champion” within the company to establish a risk appetite, a standard, and a process and who will coax and coach use of the program.

At Oshkosh, everyone within the organization recognizes their responsibility to identify key risks and opportunities and the need to communicate such information through established channels so that the proper resources can be deployed to address the root causes of challenges. By changing the risk paradigm and making risk management a way of doing business, an organization can become “risk intelligent.”