Introduction
Unpredictable business trends had raised a need to formulate apt methods for managing uncertainties that can have significant effects on an organization. Enterprise Risk Management (ERM) is a method that is used for determining uncertainties and opportunities that influence the accomplishment of business goals. It involves the identification of internal and external factors that lead to the success or failure of the business. This essay provides an insight into enterprise risk management as a tool for assessing the future of a business.
How Enterprise Risk Management is similar or different from Basic Risk Management
Risk management refers to the process of identifying, assessing, monitoring, and mitigating unforeseen uncertainties that can result in business failure. It involves seeking unanticipated factors that are likely to affect the performance of employees at different organizational levels (Brannan & Taylor, 2006). However, this technique also entails the identification of opportunities that can promote the overall accomplishment of business goals. Both basic and enterprise risk management strategies share common practices such as identification of unpredictable events and/or solutions that can affect the organization. However, enterprise risk management takes a broader perspective of determining the possibilities that pose danger to business operations. It encompasses the identification of risks in every unit of the enterprise. It also takes an entity-level view of the risk (Simona-Iulia, 2014).
According to COSO (2004), enterprise risk management focuses on the determination of threats and opportunities to ensure the success of the organization. It also promotes activities that lay emphasis on the attainment of the organization’s objectives in overlapping categories. Furthermore, ERM aims at enhancing business strategies. Basic risk management only deals with the protection of physical and financial assets (Hall, 2010).
Explanation of figure 5 on page 9 of the Brannan and Taylor (2006) paper on ERM
The figure elaborates on the JCAHO accreditation. It shows how ERM can be incorporated to the JCAHAO factors. All risks that are associated with the National Patient Safety Goals (NPSGS) are depicted in the figure. It also provides an illustration of how they link with ERM. In addition, it shows the JCAHO top ten items that are applied in hospital accreditation.
The ERM fusion model shows how ERM can unite and incorporate the risk factors that are associated with the National Patient Safety Goals (NPSGs). From the figure, the National Patient Safety Goals (NPSGs) are patient identification, slips and falls, communication, medication safety, reduce infections, and reconcile medications. Lastly, the top ten items that can affect hospital accreditation are violations of a patient’s confidentiality, expired medications, use of non-verified equipment, unfamiliarity with ERM procedures, insufficient or non-existent documentation, and improper storage or clustered areas. Others include bypassing informed consent, inability to validate physicians or staff competency, unfamiliarity with the NPSGs, and inability to articulate unit PI processes among others (Brannan & Taylor, 2006).
Application of the JCAHO patient safety goals together with the ERM fusion model provides a framework for assessing and monitoring the processes in a health care setting (Brannan & Taylor, 2006). The ERM fusion model can be used to assess the risks that affect organizational operations. It is a vital tool for evaluating compliance of the organization with the NPSGs. Moreover, the JCAHO advocates for patient safety. As a result, medical practitioners should comply with its accreditation to ensure effectiveness and efficiency in patient handling. This situation minimizes the potential risks that are faced by the organization (Brannan & Taylor, 2006).
Explanation of Figure 2 –Risk Heat Map- on page 6 of the University of Regina document
The figure represents a simple heat map for assessing risks that are encountered by organizations. It represents qualitative data in two dimensions (3×3) only. The probability of risk occurrence is shown on the horizontal axis, while its potential impact on an organization is indicated on the vertical axis. Risk occurrence is rated remote (the lowest percentage), possible, and probable (shows the highest percentage). The potential impact is rated low, medium, and high. The colors are used to show data representation values and risk areas (Brannan & Taylor, 2006). A risk is assessed based on its likeliness of occurrence and its potential impact on the activities of the organization (Risk = Likelihood x Potential Impact).
According to the CGMA (2012), this tool can be used to determine risks in different areas of the organization. Furthermore, it can be applied in communication of risks to different members of the organizations with a view of developing appropriate mitigation measures. Therefore, the risk heat map is a resourceful framework for assessing the impacts of a risk on an organization since it incorporates relevant decisions in formulation of mitigation measures (Hall, 2010).
Five JCAHO’s actions that will make or break you (Brannan & Taylor) analyzed according to the Risk Heat Map criteria (Figure 2 University of Regina)
Insufficient/non-existent documentation
Proper documentation ensures safety and easy retrieval of information. Failure to maintain and keep documents properly leads to loss of information. Insufficient or non-existent documentation is less likely to occur (Hall, 2010).
Violations of Patient’s Confidentiality
Maintaining patient privacy and confidentiality is an essential value of medical practitioners. Violation of a patient’s confidentiality has medium impact on health promotion. However, this situation has less chances of occurrence.
By-passing Informed Consent
Organizational decisions are formulated from an informed point of view. Improperly made resolutions affect the progress of an organization. Therefore, the management should make apt decisions have positive effects on the organization. Information that is likely to influence the operations of the health enterprise should be considered during decision-making processes. In this case, bypassing informed consent is not likely to occur. However, its occurrence usually has a great impact on the operations of the organization.
Inability to Validate Physician/Staff Competency
Competency is essential in medical practice. Incompetent doctors and nurses often cause medical errors. Therefore, the skills of physicians should be nurtured to ensure patient safety. Inability to validate staff competency can be rated on the risk heat map to determine the likelihood of unforeseen events that can affect the operations of the organization negatively (Lundqvist, 2014).
Expired Medications/Supplies
Administration of expired medications and/or supplies is an unethical practice amongst some medical practitioners. This practice poses risks to the health of patients. However, the figure indicates less likelihood of administering expired medications and/or supplies to the patients. However, in case it occurs, the accompanying level of damage is very high.
- By-passing informed consent
- Insufficient and/or non-existent documentation
- Violations of patient’s confidentiality
- Inability to validate physician/staff competency
- Expired medications and/or supplies
Conclusion
ERM redesigns assessment of risks in an organization. This situation ensures protection of both tangible and non-tangible assets whilst focusing on strategy setting. Risks can be assessed using the ERM fusion model together with JCAHO factors. The JCHAO factors for hospital accreditation can be analyzed using the risk heat map based on the probability of occurrence and impact on the objectives of the organization.
Reference List
Brannan, W., & Taylor, J. (2006). A Model for Enterprise Risk Management within a Healthcare Organization. Web.
CGMA. (2012). CGMA Tools: How to communicate risks using a heat map. Web.
COSO. (2004). Enterprise Risk Management, Integrated Framework. Web.
Hall, Sharon. (2010). The role of risk management in Healthcare operations. Web.
Lundqvist, S. (2014). An Exploratory Study of Enterprise Risk Management: Pillars of ERM. Journal of Accounting, Auditing & Finance, 29(3), 393-429.
Simona-Iulia, C. (2014). Comparative Study Between Traditional and Enterprise Risk Management – A Theoretical Approach. Annals of the University of Oradea, Economic Science Series, 23(1), 276-282.