I’ve been working on a column about corporate risk management intended to cull risk management insights from the beyond-business realm (an endeavor that led me to “possibility management” and other variations on traditional risk management).

At least I was doing so until Aberdeen Group Senior Analyst Nasreen Quibria sent me a white paper draft that yanked me back into the domain of corporate risk management.

The report, currently titled “The Executive Enterprise Risk Management (ERM) Agenda,” clearly and authoritatively presents the current state of global ERM.

(Full disclosure: I’m not on Aberdeen Group’s payroll, I instinctively groan at the word “analyst,” and — gosh darn it – I wish I had written this paper.)

The report examines ERM adoption (drivers, progress, and benefits, among other facets), lays out a process for achieving best-in-class risk-management performance, and offers a three-tiered maturity class framework.

The framework crisply defines what separates best-in-class risk-management “performers” from average and laggard companies on the basis of:

• Accuracy of cash flow forecasts;

• Improvements in risk-detection/assessment effectiveness; and

• Revenue loss in past 12 months.

That guidance alone is eye-opening.

Yet, the report also contains survey results generated from 210 companies around the world. Here are just a few of the findings I found interesting:

• Companies with best-in-class risk management capabilities are much more likely (than average and lagging companies) to incorporate predictive analytics into risk measuring/monitoring processes; clearly assess risk status; and link incentive compensation to “prudent” risk-management behaviors.

• 80 percent of surveyed companies increased their focus on risk management in the past 12 months (31 percent “significantly increased” their risk focus).

• “New regulatory requirements” – i.e., compliance – do not figure among the three most common catalysts for launching formal ERM initiatives.

What are the primary drivers of ERM adoption? A desire to protect the company’s brand and sustain competitive advantage, as well as the ongoing economic volatility.

Those two findings really wowed me.

While the highly improbable economic events in 2008 and 2009 may have stimulated a more intense, or renewed, focus on corporate risk management, the primary drivers of ERM adoption are hardly black swans. Companies always need to protect their brands and sustain their competitive advantage. Plus, many forms of global volatility appear likely to remain with us for years if not decades.

In other words, you do not need to look too far afield to see that corporate risk management – whether it goes by “ERM” or “possibility management” – will remain a top business priority for the foreseeable future. ###