Management Accounting: ERM Implementation Review, June 2018

Verified

Added on 2021/05/30

AI Summary

This report examines the Enterprise Risk Management (ERM) implementation at Entropic Communications Inc., a fabless semiconductor company. The report details the reasons for implementing ERM, including addressing business, intellectual property, and international operation risks, as well as pressure from the SEC. It analyzes the benefits of ERM using the COSO framework, such as improved risk response and systematic risk management, while also acknowledging limitations. The report suggests enhancements to make the ERM process more effective, including increased management involvement, improved risk scoring, and a focus on risk correlations. Finally, it concludes that ERM provides enduring benefits, evolving with technology and data analysis, and will continue to be essential for companies in the future, emphasizing the importance of adapting to technological advancements and cost-effective risk management.

RUNNING HEAD: MANAGEMENT ACCOUNTING
Enterprise Risk Management

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Management accounting 2
MEMO
TO: The Reader
FROM: Student
DATE: 5th June 2018
SUBJECT: Reviewing ERM implementation at Entropic Communications Inc.
Introduction
Enterprise Risk Management is one of the leading tool used for addressing and measuring the
risks. As per the Sarbanes-Oxley Act passed in 2002, companies are required to produce and
maintain an annual internal control report for verifying the effectiveness of their internal
control procedures. In order to meet these compliance companies started using the Internal
Control Framework developed by the Committee of Sponsoring Organizations of the
Treadway Commission (COSO). In 2004, COSO developed the process of ERM which
measures a wide range of risk starting from operational risks to strategic risks. It also defines
other financial and compliance risks.
The process was adopted by Entropic Communication Inc. which was a fabless
semiconductor company engaged in selling hardware devices and outsourcing the fabrication
of the device to a specific manufacturer. The company was exposed to so many risks and due
to several other reasons, it implemented ERM in its organization.
Requirement 1
Entropic being a growing semiconductor company was exposed to so many internal and
external risks. In order to deal with them Lance Bridges, Entropic’s VP/general counsel, had
taken the responsibility of implementing Enterprise Risk Management in the organization.
Following are the reasons for implementing a formal ERM process:

Management accounting 3
 Improve risk response decisions
The company had so many business risks, intellectual property risks and risks related to
international operations and common stock. It was very important for Entropic’s management
to select appropriate risk responses which will help in avoiding, reducing and sharing the risk.
ERM help in developing a set of actions that will align the company’s overall risks with its
risk tolerances and risk appetite. It also improves the decisions taken related to risk response.
In most of the cases, mitigation plans were developed to reduce the risk at Entropic.
Company's legal and IT department collaborated to develop a document retention policy. As
a result of which, ERM stimulated a high-level compliance in the company's Human
Resource Department.
 Managing risks within risk appetite
Risk appetite basically means the amount and type of risk a company is willing to take in
order to meet its strategic objectives. ERM helps Entropic Communications to manage all
types of its risk according to its strategic goals and objectives. Risks are been properly
analyzed considering their impact and decisions related to their management are been taken.
A simple two-dimensional scoring method was developed which was used by all the
departments to rate the risks.
 Pressure from SEC to create a risk management process
Entropic was obliged to make amendments in its rules required by the Securities Exchange
Commission. As per the amendments, the company was required to make new and revised
disclosures. Entropic receives pressure from SEC to install a risk management process which
will describe the board's role in risk oversight. This arises the need of implementing
Enterprise Risk Management process.
 Address risks systematically

Management accounting 4
One of the concerns for the company was to address its all types of risk in a systematic
manner. With the adoption ERM process, this became somehow possible. Proper monitoring
was there on a semi-annual basis and the risk management matrix was monitored and updated
annually.
Requirement 2
Committee of Sponsoring Organizations categorizes ERM into four categories that are
Strategic, Operations, Reporting, and Compliance. Lance and Patrick were largely satisfied
with the ERM process. They improved the process by changing to the COSO framework in
order to identify and describe various types of risks in near future. Though in a business, risks
are categorized as per the departments but by adopting COSO framework, Entropic was able
to differentiate risks by objective which could help the company to identify the risks that
intersected multiple departments.
ERM also helped in figuring out the interrelationships of risk and analyzing the extent to
which mitigating a risk can increase others or may lead to new risks which were not
previously identified. Yes, the enterprise risk management does give benefits to the company
such as Entropic can manage all of its risks systematically and within a proper appetite. Risk
responses were also increased and also the compliance with SEC rule was also met.
However, despite such benefits, the COSO framework has some limitations also which were
identified by Lance and Patrick. Though they had an overall satisfaction with the ERM, the
process has some limits which give certain disadvantages to the company. ERM was
dismissed for some departments and all the risks cannot be addressed in the year of
implementation of ERM. Most of the severe risks were inherent to the business and cannot be
mitigated. Entropic addressed a serious business risk that was not on the ERM risk matrix.
Nevertheless, Entropic management decided to pursue the ERM process in the future.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Management accounting 5
Requirement 3
An effective ERM process is very much required for the successful management of all the
risks and uncertainties. Following changes can be made at Entropic which will make its ERM
process more effective:
 Enhancing and increasing the management role. Managers of Entropic must be
engaged in a qualitative assessment of risks and should make sure that assessing or
identifying risk at initial stage must be comprehensive and a balance should be there
between the internal and external sources of risks.
 Entropic Communications must provide or establish a strategic context which
includes companies' mission and strategic goals or objectives. The assessment of
context links these to the management of risks to which they are exposed. The
context defines the procedure, time frame and specific activity needed to be done for
managing several types of risks.
 The company should improve its two-dimensional scoring method which was used by
each department for locating items on Risk heat map. On that map, risks of Entropic
were given severity score as well as livelihood score. The organizations should make
efforts to consider or quantify correlations between the risks events.
 Entropic should identify those areas where ERM proves to be unproductive. As it was
observed that some of the departments were redundant from using the process, the
company must identify the reasons for the same.
 Changing the behavior of senior management is not an easy task and cannot be done
overnight, but such change is required for making enterprise risk management
effective and beneficial. Sponsorship from top management is much needed for
making ERM work successfully.

Management accounting 6
 The company must give a holistic view of all the risks so that the senior managers
and board can take better risk-aware decisions by focusing on the right areas.
 Before the identification of the risks in ERM process, the management of Entropic
must establish an enterprise risk structure which will allow all the departments of the
company to follow a common approach and a consistent process and plan.
 Duties and responsibility must be clearly stated and assigned to the concerned
departments and individuals. Each department must fulfill all its responsibility with
the due diligence which will lead to an effective establishment of the enterprise risks
management process in the business.
So making all the above changes, Entropic can enhance and improve its ERM process. As a
result of which, the company will be able to manage its risks more systematically and within
the appropriate risk appetite.
Requirement 4
It can be believed that the name may fade away but the underlying concepts of ERM will
survive the test of time. The process and concept of ERM will definitely provide many
enduring benefits to the companies. Enterprise Risk Management will slowly evolve with the
best practices over the time. The framework developed by COSO was aimed at enhancing the
shareholder value. It has been used by many countries and around the world successfully. All
types and sizes of organizations use ERM to identify risks, manage them within a suitable
risk appetite and support the accomplishments of objectives. Benefits provided by ERM
include increasing the range of opportunities, identification of risk entity and their
management, improving resource utilization and reducing variances in the performance.
Several other benefits are also available to the companies who implement ERM process in
their systems.

Management accounting 7
However, it’s true that organizations will face a lot of volatility, complexity, and ambiguity in
the future. They will also be exposed to so many risks related to business, property,
ownership and many others. In order to cope up with all this, companies will be requiring
ERM in their business. The process will help in managing risks in crucial times and give
them those benefits which it is supposed to provide. However, talking about the future there
are certain factors which can be derived from the enterprise risk management process of a
company. They are as follows:
 As and when more and more data get collected, the speed of analyzing it increases
and ERM needs to adopt such changes. Advance data analysis and visualization tools
will be used to make a better understanding of risks and its impact.
 ERM needs to consider the impact of future technologies and must take into account
the era of artificial intelligence and automation. It has to leverage its capabilities and
uncovered the previously unrecognized trends and relationships. It will provide more
information to manage and control risks better.
 The main concern of a business is to manage the cost of managing risks, compliance
procedures and control practices. Evolvement of enterprise risk management will
make it necessary for the companies that, activities or practices which spams risks,
compliance and control are required to be efficiently coordinated in order to give
maximum benefits to the business. It can be considered as one of the best opportunity
for ERM to prove its importance for the companies again.
 Enterprise risk management will build stronger organizations. By implementing ERM
practices in the business, companies can easily enhance its strategies and
performance. They came to know about the risks which will have a huge or great
impact on the entity in advance. By deploying ERM, companies can easily manage

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Management accounting 8
such risks earlier and can look for new opportunities. This will strengthen their
performance and overall position.
Hence, it can be said that ERM will provide enduring benefits to a broad range of companies.
Furthermore, instead of being a trend and fading away with the time, ERM needs to adopt the
changes occurring in future and should provide consistent benefits to the companies. With the
proper implementation of enterprise risk management, companies will be able to handle their
future and related risks effectively and efficiently.
Closing
It can be said that Enterprise Risk Management is a useful tool for managing various types of
risk that are associated with an organization. Furthermore, if there are any queries readers can
contact through e-mails and messages or calls.