Enterprise risk management for HR professionals

25 Mar 2024

Sherry Ann Joseph

Team around desk discussing enterprise risk management

Enterprise Risk Management (ERM) is essential to everyday business activity and organisational practices, as organisations struggle to keep abreast of the changes within the current business landscape that spans sustainability, governance, compliance, and business continuity.

Concerns about risk management are not new and organisations are expected to constantly pursue ways to manage and minimise the effect of risk. The objective of managing risk in an organisation is to decrease the probability and impact of negative events and increase the probability of positive events by identifying, prioritising and treating risks in a proactive way.

ERM takes a holistic approach to managing risks and starts at the strategic organisational level with the strategic plan and key objectives. Organisations must take into consideration the risk and opportunities from the external environment that can impact the operations of the internal environment and the risk within the internal organisation that would impact actions and activities to be undertaken for the achievement of the strategic and business goals of the organisation.

The ERM process

The COSO defines ERM as a “process, effected by an entity’s board of directors’ management and other personnel, applied in strategy-setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its appetite, to predict reasonable assurance regarding the achievement of entity objectives”.
While ERM aims at increasing the sustainability of an organisation and achieving competitive advantage, little is said on the importance of the human resource management (HRM) function in the facilitation of an organisational risk culture that starts with the inclusion of ERM in the organisational human resource management planning.

The human resource management function has moved from transactional to a strategic approach that allows for new responsibilities and functions to be developed and aligned with the organisation’s strategy. HR managers are faced with the need to manage complex situations to achieve growth, stability and survival, as organisations are exposed to intense transformation and complexities from the external and internal environment. HR managers are, therefore, required to have the foresight to anticipate the future and be prepared to respond rather than react, attracting, retaining, and making loyal, unique, and relevant talent, aligning people with the organisation’s strategic goals and direction that is supported by a culture of risk awareness throughout the organisation.

Four people at a desk discussing enterprise risk management

The success of the organisation lies in employees’ hands

Of all the sources of risk in an organisation, the risk associated with the people of the organisation has the greatest impact on the organisation. The success of the organisation lies in the hands of the employees responsible for building strategy and objectives and managing and implementing actions and activities. In other words, the organisation’s employees bring together the intricacies of operational delivery to achieve success.

Human resource risk is the probability of unfavourable events occurring, coming from people as a result of poor planning and decision-making. The management of human resource risk involves the entire human resources management system of an organisation, and includes defining, assessing and controlling all internal and external employee risk factors, changes of which can negatively influence the organisation’s activities.

Integrating Enterprise Risk Management in the HRM function

Human resource management has accelerated in scope and complexity amid globalisation, technological advancements, socioeconomic perplexity and shifting of workplace dynamics such as social cohesion erosion; diversity equity and inclusion; and mental health deterioration, making ERM a defining component of the function.

Organisations are called upon to practice sustainable HRM or green HRM practices echoing the importance of the organisation’s people and their contribution to organisational success. The risk and opportunities that come with the complexity of the business landscape, if managed effectively through the HR function, can create sustainable value for the organisation.
It is, therefore, critical for HR professionals who develop the systems and practices for the organisation’s human resource management, the managers responsible for managing the people and the employees, to operate within the boundaries of a risk awareness culture.

By integrating ERM with HRM, HR-related risks can be mitigated not only within the internal pillars of HR (acquisition, maintenance, development and retention) but externally in aligning HR risk mitigation that emanates from environmental and social factors outside of the organisation.

More Reading