Sound-Up Governance

Each week, we will release two illustrated definitions of corporate governance jargon in order of increasing complexity. In this instalment we have the definition of "Enterprise Risk". Check the episode thumbnail for an illustration by Nate Schmold.

Originally published May 8, 2023

What is Sound-Up Governance?

The real impact of corporate governance isn't about compliance or structure or policies, it's about the conditions that impact decision-making. Sound-Up Governance features fresh perspectives to help boards and executives to be a bit better tomorrow than they were yesterday.

One really simple way to make sure that you never lose any money is to never make any money in the first place. Just like a sure fire way to make sure you never eat at a restaurant you don’t like is never to go to any restaurants. Or a great way to make sure you never wear an ugly hat is to avoid hats altogether. The problem with all those examples is that not trying a thing is also a pretty solid way to make sure *good* things don’t happen, like eating the best meal of your life while wearing an unbearably sexy hat. Anyway, the chance that something bad might happen is called “risk”. The moment you start a corporation, you’ve created a bunch of risks – the most obvious one being that your corporation will, well, be bad and die.

“Enterprise risk” is basically just a dorky way to refer to the risks that come along with a corporation existing. Usually you’ll hear about enterprise risk in the context of “enterprise risk management” or ERM, which just basically means carefully thinking about and monitoring the bad stuff that might happen when your corporation does and doesn’t do stuff.

Some people make the mistake of thinking that ERM is about *minimizing* risks, but if we think about the examples at the beginning of this definition, then we realize that if we really only wanted to minimize risks we’d just stop doing anything at all. Sometimes, in fact, it’s really important for corporations to take big risks - especially when the benefit of taking those risks could be something really good, like if Reallie Steilish designed a hat that’s so cool it looks good on EVERYBODY! Designing that hat might cost a lot of money, or cause you to spend less time and energy on other successful things that are less risky. You might decide in the end that it’s not worth the risk. Or you might decide the opportunity is just too exciting to pass up. A careful ERM process could point you in either one of those directions, or in some other direction entirely!

Some types of corporations have ERM committees. A lot of the time, the audit committee is responsible for thinking about enterprise risk. Sometimes it’s the whole board. Different strokes…