12 of 13 people found the following review helpful
on September 20, 2005
James Lam has written a remarkably clear and relevant portrayal of how [enterprise] risk management can be used to deliver real value in any business.
During the past year, I developed a course for the Executive MBA program at Villanova University. After reviewing several books on the subject, I chose this one because of its clear and comprehensive coverage of the subject matter.
I would highly recommend this book to anyone with a serious interest in understanding risk management from a holistic perspective. This includes risk professionals as well as those involved in line and staff functions.
17 of 21 people found the following review helpful
on February 4, 2005
You bought Jorion, Pearson, and Hull; you slammed headfirst into the quantitative quagmire of risk management, and you may even have passed the Financial Risk Manager exam, sponsored by the Global Association of Risk Professionals, but are you prepared to become your company's "Risk Champion?" Can you explain to laymen why loss distributions are not normal? Can you illustrate the "sweet spot" in the profit/risk tradeoff? If you aren't quite there yet, pick up James Lam's new book, Enterprise Risk Management, From Incentives to Controls. It's a book you can read on the five hour flight from New York to Los Angeles, and its melodies will linger in your memory. This book has changed the way I communicate with people both in and outside the risk management profession. Read it with a highlighter in your hand, and keep the book within easy reach.
5 of 5 people found the following review helpful
on January 31, 2008
A well-written guide to enterprise risk management from somebody who knows it first hand. The book covers all of the relevant topics within ERM: concepts and processes, governance, risk transfer, analytics, risk types, and applications to the business (lessons learned, case studies, etc.).
The book is tilted towards banking and energy and could use an update on how ERM has become vogue among corporations in almost every other sector. It could also include more information on operational risk and Sarbanes-Oxley requirements, as well as more recent info on the topic from leading risk organizations and projects (COSO and others). It is not a one stop shop on the subject - hence just four stars.
If you have a chance to work with risk managers and/or risk consultants, see the latest dashboard tools, or sit in on risk assessment and ranking exercises, I believe you'll get much more from the book. There is a lot of "dot-connecting" that needs to go on with ERM.
And a special endorsement...I once received a very attractive offer from a leading Fortune 500 company for an enterprise risk manager position. I had just a little experience with ERM, but I used material from this book to get me through six probing interviews. Very few books can help a candidate quite the way this one helped me.
2 of 2 people found the following review helpful
on April 4, 2012
A little under ten years ago I reviewed "Enterprise Risk Management: From Incentives to Controls" by James Lam in Risk Professionals, the flagship magazine of the Global Association of Risk Professionals (GARP). In the book, Lam made ten predictions for the future of risk management. Ten years later, it is interesting to revisit his predictions and ask how many have come to pass.
Here are the predictions with my comments:
1. Enterprise Risk Management (ERM) will become the industry standard for risk management.
Not just yet, but it's on its way. Among the key findings in a recent Accenture 2011 Global Risk Management Study was, "More than 80 percent of the survey respondents overall have a ERM program in place or plan to have one in the next two years."
The study was based on a survey of C- level executives from 397 companies across ten industries in Europe, North America, Latin America and Asia. Similar studies confirm the same trend. There is not enough space, here, to name them all.
2. The CRO will become prevalent in risk intensive businesses.
As Lam states in his book, "The rise of the CRO goes hand-in-hand with the trend toward ERM". Again from the same study above, "Companies are establishing C-level oversight of the risk management function."
About two thirds of all survey respondents have a Chief Risk Officer operating with that title. Another 20 percent have an executive in the role fulfilling those responsibilities. Thus the criticality of risk management is being recognized by the way the function is staffed and led. That said, there is still a chasm between the traditional risk management model and ERM. A comprehensive, enterprise wide focus on managing risk is an ongoing struggle for most organizations because of the behavioral changes to overcome the conventional management of risk in silos, which companies have had in place for a long time. For that reason, ERM has been pursued by visionary companies rather than by the mainstream of companies. In short, ERM is prevalent in all the major banks across the globe. The hedge fund community in particular is increasingly implementing an ERM model in light of increasing regulation and the broker-dealer market continues to define and establish the ERM model as well.
3. Audit committees will evolve into risk committees.
In January 2012, the committee of Sponsoring Organizations of the Treadway Commission (COSO) issued its draft ERM - Integrated Framework to be finalized later this year. The new Framework will play a key role in the internal audit function. The Institute of Internal auditors (IIA) says internal auditors should assist both management and the audit committee in their risk management responsibilities and oversight roles by examining, evaluating, reporting, and recommending improvements on the adequacy and effectiveness of management's risk processes. However, the IIA has taken a stand on what roles internal auditing should not undertake: setting the risk appetite, imposing risk management processes, management assurance on risks, taking decisions on risk responses, implementing risk responses on management's behalf, accountability for risk management. These activities should be direct from the top of the organization. Audit committees have evolved and continue to evolve into risk committees.
4. Economic capital will be in; VaR will be out.
With the advent of the recent economic downturn, the government bailout that injected TARP money into the banking system, and consequent regulation such as Dodd-Frank and Basel III, economic capital is certainly in and VaR is certainly out.
5. Risk transfer will be executed at the enterprise level.
Partially, this prediction was already realized "as far as hedging and insurance strategies were concerned" when Lam's book went to press. Today, management of risk transfers through assessments, systems and other tools is at the enterprise level.
6. Advanced technology will have a profound impact on risk management.
With the rise of risk systems reflecting state of the art applications that encompass regulatory requirements and beyond, this has certainly come to pass. For example, look to the latest automated risk enhancement of Credit Valuation Adjustments which ensures limits are met on a market basis.
7. A measurement standard will emerge for operational risk.
This operational metric has been formulated for reporting purposes as reported each month in regulatory reports and continues to evolve internally from an operational perspective.
8. Mark to market accounting will be the basis for financial reporting.
Remember, loans and securities make up the bulk of a bank's assets. Thus, the method you use to establish values for these securities when preparing your financial statements affects shareholders' equity and, in turn, has an effect on a bank's profit and loss statement. In light of the 2008 financial crisis, fair value accounting under FASB 157 returned to center stage with supporters and detractors of the rule. There is also a conflict between the way the U.S. regulators approach mark to market accounting and the approach of international standards under the IFRS. In effect, rules vs. principles. For our purpose here, suffice it to say that FASB and IFRS are exploring changes to the reporting and measurement of financial instruments. In effect, the jury is still out on this prediction.
9. Risk education will be a part of corporate training and college finance programs.
If you are in risk and haven't seen every major university offering a graduate degree in risk management (not to mention risk training and certification from associations such as PRMIA and GARP), then you are not from this planet.
10. The salary gap among risk professionals will continue to widen.
Depending on what specialty skill you bring to the table (CRO and all the waterfall functions that work alongside with, or support, that office, legal, compliance, quantifiable risk, subject matter risk expertise within project management, etc.), compensation has risen significantly across the risk landscape to attract and retain talent.
In short, nine out of ten predictions have come to pass. Not bad from the perspective of a ten year horizon. Well done! I hope we hear from Mr. Lam soon on his predictions for the next ten years.
13 of 19 people found the following review helpful
on August 5, 2004
This book by James Lam provides an excellent insight into this current business strategic problem. In view of all the corporate governance coming from Sarbannes-Oxley legislation and Basel II capital pronouncements, this book provides the user with the building blocks in terms of explaining how credit, market, and operational risk all tie into the big picture of enterprise risk. The author enables one to understand these risks without getting bogged down in mathematical details. He effectively brings these risks together in terms of portfolio management and then presents the reader with some risk mitigation techniques. He goes beyond other books which just concentrate on financial institutions by bringing in energy firms and nonfinancial corporations in his concluding chapters. Lam's book is a must read for anyone considering a career in risk management.
Gerald G. Wisz, Ph.D.
Adjunct Associate Professor of Finance
Polytechnic University, Brooklyn NY
Independent Risk Management Consultant
7 of 11 people found the following review helpful
on August 26, 2003
James Lam, the founder of ERisk and the pioneer for the chief risk officer concept has penned the best and most comprehensive book yet on enterprise risk management and how this emerging business practice can add practical, measurable value to any business concerned about how risks affect performance and stakeholder value.
For the first time, a true ERM expert has articulated in user friendly terms, what ERM is and how it can be applied to many different business types in many industries. This book makes clear that there is no one way to design and ERM model and that customizing it to the needs of the business will be the one way to optimize the outcomes desired.
The book is well organized and starts with a section on setting the "context" for delving into risk management; outlining the framework of a comprehensive approach; showing real world applications in various industry contexts; and closing with some prognostications on the future of the practice.
I highly recommend this book to all business managers who want to take risk management and their careers to the next level.
4 of 8 people found the following review helpful
on July 21, 2003
Excellent resource on Enterprise Risk Management.
The author draws upon his 20 years' rich real world experience to drive the subject to home. It offers valuable insight, which is rare to find elsewhere. This book is not only up to date and comprehensive, but also particularly practical.
As a risk analyst with more than 6 years experience, I highly recommend this book to those who are in this field and to those who have interests in this field.
5 of 11 people found the following review helpful
on September 24, 2003
Anyone whose career interests intersect with the risk management discipline will find this book extremely valuable in understanding the risk management discipline and viewpoint. Anyone who is considering a career in risk management will find this book a critical help for success. James Lam writes in an easy to read style and the ease with which one can grasp and understand the material might fool one into under estimating the rigor and logic James has built into his work. I recommend this book without reservation.
Edward P. Paules, Managing Director Risk Management
Investors Bank & Trust
Boston, MA 02116