ERM

ITS 835 Chapter 3

ERM at Mars, Incorporated: ERM for Strategy and Operations

Enterprise Risk Management

Professor Miguel Buleje

Introduction

• Mars’ ERM history • Phase 1 – Crash and Burn • Phase 2 - Success

• Global rollout • Reporting • Operating workshops

• Technology • Aggregation • Template evolution

• Conclusion

Mars’ ERM History

• Mars, Incorporated • Privately held -> migration to non-family management

• Decentralized management

• Leadership had legacy commitment to risk management • ERM was viewed as an evolution

• COSO versus bespoke approach for ERM • COSO – Committee of Sponsoring Organizationsstructure • Bespoke (custom & optimized to MARS), this approach won

• Phase 1 • Failed due to being impractical and overly complex • Technological dependent and would require full migration to new

layer of SW.

• Phase 2 • Simpler and targeted from SW/ Tech side.

Planning Workshops

• Success by having planning workshops. • Desire to align senior management goals with ERM • Started with simple template

• Operating plan initiative sheet, by risk independent. • Objective • Score (1-9) • Risk column (list of risk) • Risk treatment column (respond to any risk)

• Management team met to define and rank/ rationalize • Risks • Risk treatments

• Changed label from “mitigations”. As risk can be opportunities.

Global Rollout

• Used lessons learned from pilot

• Each unit has specific requirements, and require tailoring of the template.

• Interviewing GM and CFO together saved subsequent interview time (Optimized approach to get view of the units operation)

• Workshops helped to identify

• Gaps in risk management readiness

• High-risk initiatives

• Ongoing activities with unexpected high risk

• Workshops helped reduce overall risk foot print @ MARS

Reporting (Important for Success of Workshop)

• Color-coding adds • Urgency

• Clarity

• Groups are defined • Clusters

• Score represents • Confidence of meeting

goals

Reporting, cont’d.

Reporting, cont’d.

Reporting, cont’d. (new reporting to include quantifiable KPI)

Operating Workshops

• Several ongoing changes/ risk discussed from prior workshops.

• Technology

• Early implementation failed due to technology.

• Phase 2 was technology agnostic

• 1) Word -> Excel ( early use MS Word)

• 2) Excel -> Purpose-Built Software (designed for ERM)

• ERM supports aggregation

• More complete view of organizational impact of risk

• Continual template evolution (as process evolved)

• Added "risk treatment owners" and "due dates"

Summary

• Mars received an award for their ERM

• Corporate Executive Boards’ “Force of Ideas Award” for ERM

• Key factors for ERM success

• ERM process alignment with Mars’ principles

• Focus on meeting objectives

• Operational

• Strategic

• Flexible

• Realistic