Some questions customers ask
I define risk management as the process of identifying, assessing and managing exposures enabling leaders to pursue opportunities; managing potential threats to operations and earnings; and protecting an organization’s reputation.
At Clorox my responsibility was global property and business interruption; covering worldwide operations. This included influencing property loss prevention strategies for major construction and capital investment projects, including new construction, upgrades/modifications to existing properties, compliance driven capital improvements and construction to replace damaged properties. I procured property insurance, reviewed insurance and indemnification provisions in contracts, and managed losses in connection with construction projects. Construction projects ranged from building new manufacturing facilities, to seismic retrofit projects, to upgrades at existing facilities, to the demolition and rebuild of properties damaged due to fire and/or natural disasters. Project complexity varied from environmental issues, to fire suppression challenges, to political risk implications. All required good planning, coordination with key subject matter experts and stakeholders, strong negotiation skills and attention to detail.
I have 30+ years of loss control experience, starting my career as a Claim Adjuster. My claim management areas of expertise include general liability, product liability, workers’ compensation and subrogation. I also have deep experience managing property and business interruption losses, securities class action, and product recall claims. In addition to claims management, I led global crisis management and business continuity planning and site safety and emergency response at Clorox’s headquarters. By forming Clorox’s captive insurance subsidiary and serving as President of the captive’s Board of Directors, I expanded my knowledge of alternative risk transfer programs. Reducing property/business interruption exposures were the result of property loss prevention strategies in collaboration with Corporate Engineering and other groups to reduce property/business interruption exposures to fire, accidental and natural hazards. I served on the Mergers & Acquisition /divestiture due diligence and transition team where I assessed the potential impact of an acquisition target on the Company’s risk profile and developed strategies to address issues. I also served on a cross-functional Cyber Security team and was charged with developing a cyber risk management program. I created a cost allocation system, designed to influence leadership commitment to loss control. My experience as a claims professional provided a good foundation for my role as a Risk Manager.
I have over 10 years of experience creating and leading integrated risk programs, leveraging ISO 31000. At The Clorox Company (Clorox), I built the Enterprise Risk Management (ERM) program from scratch that influences strategic decisions and consistently drives enterprise value today. Following Target Corporation’s breach, to set the foundation for a sustainable program, I designed and implemented risk identification and assessment processes, and risk governance and escalation protocols, setting the foundation for a sustainable program.
A company’s integrated risk program should be customized to fit the organization’s culture. Different standards can be utilized to develop an organization’s risk management framework. ISO 31000 is one of those standards. I leveraged components of ISO 31000 and COSO ERM, another standard, to customize risk management frameworks and build risk management capabilities at both Clorox and Target.
All categories of risks, including strategic, operational, hazard, financial, and emerging risks were managed by my integrated risk programs. My approach was to create enterprise value through systemic processes to 1) enhance risk awareness, 2) incorporate enterprise risk considerations in planning and decision making; and 3) align strategy and business priorities with risk appetite. Key components of the programs included reporting to the Board of Directors; risk governance; defined risk appetite and tolerance; a common risk language; and systemic processes to identify, assess and manage risks.