During SearchCompliance.com’s August virtual trade show, Enterprise Risk Management: Mitigation Strategies for Today's Global Enterprise, industry experts discussed how companies can alleviate the increased risks of business in a global economy. A recurring theme was the importance of engaging every person in the company -- right up to the CEO -- in establishing an effective enterprise risk management strategy.
Requires Free Membership to View
When you become a member, my editorial team will provide you with expert insight for creating and maintaining a manageable compliance infrastructure. From targeted tips to webcasts and discussion forums, we have you covered.
Scot Petersen, Editorial Director, SearchCIO-Midmarket.com
As part of the event, SearchCompliance.com contributor and analyst Adrian Bowles delivered a session examining the C-level executive's role in sustainable risk management and where sustainability fits into an enterprise risk management strategy. Bowles’ session drew a lot of great questions from attendees, many of which couldn’t be answered during the live event due to time constraints. Here, Bowles responds to some of those queries.
What advice can you give to firms that produce products that are seen as inherently
nonsustainable or threatening to the environment? For examples, petroleum companies or those that
offer services such as leisure cruises?
Adrian Bowles: I don’t want to judge a particular process or product -- I think we’ll have
cars running on gasoline for many more years, for example, and I’m personally having trouble
weaning myself from my motorcycle habit. But I would encourage firms to look at their
complete ecosystem and make sure their net carbon footprint is not increasing. We would also
recommend that they consider the risk/reward scenarios of beginning activities or investments to
offset their carbon production or excessive energy
use. It may be appropriate to make changes within their current ecosystem. They could also even
buy carbon credits or support environmental activities, especially in areas that may become markets
for them down the road.
When would you expect to see a completely integrated enterprise risk
management/sustainability tool set, like you described in your recommendations?
Bowles: Real integration of risk
management and sustainability systems will require a new common set of analytics. We should see
mature offerings in that market in two to three years. For now, it is a combination of do it
yourself (with some assembly required) and solutions driven by professional services. That will
change.
Can you give an example of a firm showing economic improvements based on
sustainability investments uncovered by the risk management approach that you're
advocating?
Bowles: Some of the leading tech vendors offer products or services in both the risk
management and sustainability domains, and take this kind of integrated approach.
For example, IBM's "smarter buildings" initiative was based on risk management issues and proven internally, particularly at their headquarters and their Rochester, Minn., facilities. Now they are working with cities throughout the United States and internationally, based on the lessons learned in those engagements.
Another tech vendor that has done a great job with enterprise risk management and internal sustainability is SAP. They have made sustainability part of the corporate culture, and with their enterprise risk management expertise and products it is easy to see how they justified significant investments internally, such as their LEED-certified U.S. headquarters at the same time they were rolling out products to the market. Growing their sustainability portfolio is a big part of their future.
We also mentioned Wal-Mart, which has been transformed from a pariah in some people's eyes to a sustainability leader that pushes suppliers relentlessly to improve. This was likely in response to risks from customers and NGOs [nongovernmental organizations], but now it is part if the culture.
Cloud computing, particularly a well-run public cloud, should have sustainable economies of scale that reduce the carbon footprint for all users.
How long does it take to see payback from an enterprise risk management strategy that
specifically addresses sustainability?
Bowles: With an incremental approach (starting with energy
management, for example), you could expect to start seeing savings in a few months. If you look
at a broad program that includes supply chain monitoring and changes in the ecosystem, it could
take two to three years to finish implementation -- although some of the benefits would accrue
almost immediately. I would estimate that with that size investment, a full payback could take the
entire length of the implementation, plus six months to a year. This is assuming that the
implementation is staged and prioritized so that early dividends continue throughout the life of
the program.
How might moving to a cloud computing approach affect our enterprise risk management and
sustainability strategies?
Bowles: Cloud computing, particularly a well-run public cloud, should have sustainable
economies of scale that reduce the carbon footprint for all users. For a private
cloud , especially for a large organization, the same holds
true.
The risk question is interesting -- some will move to a public cloud because there is a reasonable perception or assumption that a well-established public cloud vendor will provide a more stable and secure environment than all but the biggest firms could create on their own. As we’ve seen with recent failures, however, that may not always be the case. The long-term prognosis is great for risk-reduction using cloud computing, but the onus is still on the customer to spell out the disaster recovery or business continuity requirements in a service-level agreement. The reputational risks also cannot be delegated to a cloud provider.
You say that the markets regulate faster than government. But can we be sure that these
regulations are actually good for the economy?
Bowles: Regulation by the market over the long term should result in economic benefits, but
short-term results could vary. If we assume that consumers behave rationally, their self-interest
includes a balance of economic and social benefits.
Adrian Bowles has more than 25 years of experience as an analyst, practitioner and academic in IT, with a focus on IT strategy and management. He is the founder of SIG411 LLC, an advisory services firm in Westport, Conn., and director of the Sustainability Leadership Council.
This was first published in October 2011
Join the conversationComment
Share
Comments
Results
Contribute to the conversation