When I say “a four-letter word,” you think I’m going to say something bad, don’t you? For many years, risk management took that same approach. Risk was something to be avoided, transferred away, segregated and minimized. We worked hard to minimize the adverse effects of losses and claims, transfer or prevent them when possible and finance them when necessary. We treated risk like a bad, four-letter word and in some instances, we still do.
But what happens when a risk is worth taking? Can we treat risk like a good thing? When we should embrace risk or even optimize it? I can think of a personal example. Twice in my career, I have taken huge personal risks when I’ve pursued a new job that was outside of my comfort zone (one even involved a cross country move before I had the final job offer). I was excited about these opportunities – even though the outcomes were far from certain. Job changes are never without challenges, but looking back, I am grateful for taking those big risks that helped me embrace new career goals. They enabled me to achieve much more than I would have if I had played it safe
But how does this apply to public sector risk management? Insurance companies tell us that only 20-25% of public sector risks are insurable (and they are only talking about risks that are threats). That leaves 75-80% of uncertainty on the table, “unknowns” that could be opportunities. Some of that uncertainty could provide great outcomes, if the risks are worth taking. The 2009 ISO/ANSI/ASSE 31000 standard on risk management defines risk as “the effect of uncertainty on objectives.” Those effects could be good or bad or both. Taking a broad approach, an enterprise-wise approach, to risk, rather than trying to contain, transfer or prevent it, can help you understand when and how it makes sense to take on risk.
Managing risk in such a way can lead to better decision-making and can help us achieve our (personal and professional) goals. The ISO/ANSI/ASSE 31000 standard on risk management introduces a new language of risk, expanded way beyond a bad, four-letter word.
And for me, my next big career risk is taking on this blog! I hope you’ll engage with me by joining this discussion by leaving a comment. I’d love to hear what risks have you taken lately that have resulted in a positive outcome? What are some things that can result from taking an enterprise-wide approach to risk?
By: DOROTHY M. GJERDRUM, ARM-P, CIRM
Senior Managing Director of Public Sector Arthur J. Gallagher Risk Management Services
SUMMARY OF QUALIFICATIONS
• 2014 Woman to Watch - Business Insurance Magazine • 2012 Recognized by Treasury & Risk as a “Top 100” Leader in Finance and Risk • 2012 Public Sector Power Broker – Risk & Insurance Magazine • 2010 Public Sector Power Broker Finalist – Risk & Insurance Magazine • 2009 Public Sector Power Broker – Risk & Insurance Magazine • More than 20 years of public sector risk management experience • Speaker, author, leader on Enterprise Risk Management in the public sector • Chair of the US Technical Advisory Group to ISO 31000:2009 and ISO 31004
As Senior Managing Director of Gallagher Public Sector, Dorothy leads 300 Gallagher insurance brokers and specialists dedicated to public sector clients across the United States, focusing on issues of risk management, exposure identification, pool operations and enterprise risk management. In addition to leading the broker group, Dorothy provides consulting and risk management services to select Gallagher public sector and higher education clients.
Prior to joining Gallagher, Dorothy was risk manager of three self-insured pools for the New Mexico Association of Counties (NMAC). She has more than 20 years experience in public sector risk management and insurance. During her tenure at NMAC, Dorothy developed loss-sensitive contribution and allocation formulas. She partnered with her insurance broker to provide new coverage programs for members, including injunctive relief, land use and special events and the Pool’s first coverage document in order to clarify coverage exclusions and conditions of insurance. In response to rising losses, she developed individualized training sessions to address sexual harassment and management issues. She led a team that brought claims in house and developed a legal advice hotline, which saved the pools hundreds of thousands of dollars in the first year alone. As a founding board member of County Reinsurance, Limited, a captive excess insurance company formed to provide reinsurance to county association pools nationwide, Dorothy served as Board Member and Treasurer. Dorothy was also a founding member and organizer of the New Mexico PRIMA Chapter, where she organized local and regional educational opportunities for school, city, county and state risk managers and safety personnel.
Dorothy served as the Chair of the US Technical Advisory Group to ISO 31000, the international standard on the practice of risk management, and its Implementation Guide, ISO 31004 from 2008-2014. Dorothy has also served on the RIMS Standards Comparison Committee and as curriculum advisor for the National Alliance. In 2003, Dorothy partnered with the risk manager of the largest community college district in the U.S. to create an award-winning integrated program that unified traditional risk management and enterprise risk management. From 2003 on, Dorothy has presented educational sessions on ERM and its application in the public sector at regional and national conferences: RIMS (regional and national), PRIMA (regional and national), URMIA (regional and national), AGRiP, STRIMA, NACUA, the IIA GRC, Infonex and for many Gallagher client groups. She is currently co-creating education and training material on implementing ERM in the public sector using ISO 31000 for PRIMA and URMIA. ERM implementation and consulting projects include the CO School Districts Self-Insurance Pool, the City-County of San Francisco, the New Mexico Association of Counties insurance pools, FL College System Risk Management Consortium, UVM, UNC Charlotte, Johnson County Community College District in KS and Maricopa County Community College District in AZ.
AGRiP – Association of Governmental Risk Pools IRM – The Institute of Risk Management ISO 31000 Standard on the Practice of Risk Management – US Technical Advisory Group ISO 31004, the Implementation Guide to ISO 31000 PRIMA – Public Risk Management Association RIMS – Risk and Insurance Management Society
Bachelor of Arts, College of St. Catherine, St. Paul, MN ARM designation, Associate in Risk Management (ARM) designation, Insurance Institute of America ARM-P, Risk Management for Public Entities designation, Insurance Institute of America CIRM, International Certificate in Risk Management, The Institute of Risk Management
You Might Also Be Interested In
Smart City Infrastructure: A Background for Risk Management (Part 2)
Perhaps the largest looming risk in smart cities is the increase in systems that rely on connectivity. The last few years have shown us that public entities are not exempt from cybercrime. In fact, cities and municipalities seem to be prominent targets.