How to Create a Successful ERM Program from the Ground Up
Steven Minsky | July 30, 2015
In 2015, Amair Saleem was named the Global Risk Management Professional of the Year by the Institute of Risk Management. Saleem manages safety, risks, and regulations for Dubai’s Roads and Transport Authority (RTA), which serves many of the same functions the U.S.’s DOT does. So what has made Saleem such a preeminent risk management expert?
According to The Wall Street Journal’s “Risk & Compliance Journal,” the Dubai RTA sees more than a million passengers every day and manages 40 departments, which offer services ranging from road construction to public transport operation to licensing distribution. “We are functioning at far broader scope,” Saleem says, “and not at a purely operational risk environment level.” He explains that the RTA’s main engine is a risk management engine, and that the organization also uses sibling systems to mitigate risks related to assets, quality control, security, fraud, and even health and safety.
Put another way, Saleem says, “Risk management sits at the nexus or the hub of all that and drives these other processes.” Effective Enterprise Risk Management software must break down any barriers between department silos; as Saleem advocates, a healthy risk culture should be ingrained throughout the organization.
Through standardization and transparency, Saleem is able to take a risk-based approach to prioritizing concerns. Though all risks are assessed individually through a common approach, the risk group at RTA is able to devote a greater amount of time and resources to especially complex or automated systems – or processes with high business impact profiles – such as the rail system.
Part of what makes the RTA’s risk management program so effective, Saleem says, is that everyone, from board members to relatively green managers, thinks “about risk in a direct way as how it influences their own operations, their projects and their reputation.” It’s an outlook that LogicManager shares; “the people who could best identify the risks…were those at the ground level.”
Another approach to adopting a successful ERM program was put in place at the Port Authority of New York & New Jersey, as seen in this profile of Morgan Keane, who is involved with the RIMS Risk Management Society.