Lenovo Enterprise Risk Management Program
As we look into
Lenovo’s annual report1
we find that Lenovo has embedded its Enterprise Risk Management (ERM) program
as part of its strategic planning process across all major functions of the
Company. We see in figure 2.6, Lenovo’s
risk exposure is segregated primarily into: Business Risk, Cyber Attack and
Security Risk, Financial Risk, Intellectual Property(IP) Risk, Supply Risk and
Human Capital Risk and also its strategies to offset those risks.
In figure 2.7, we see the ERM framework established at Lenovo. We see
that the business functions are required to identify material risks that may
impact the strategic objectives they represent. Further the risks are monitored
and reviewed by each business function level and also at a group level. In the
process the ERM team coordinates risk identification and assessment process.
ERM appraises the Audit Committee on the status of the identified risks along
with the actions which are taken to manage the identified risks.
Analyzing ERM Approaches
Some of the
similarities on the ERM approaches that we find is that at a high-level all
three organization identifies that the following is there key exposure: Business
Continuity, Reputational risk, Cyber Attack and Security Risk, Financial Risk,
IP risk, Supply Risk, Human Capital Risk and Regulatory Risk.
While reviewing the past 5 years of 10K we also see
that over the last five years there has been changes on risk positions on some risks
as new ones gets identified. For example: AAPL dropped its risk for US on single
cellular network carrier to provide service for iPhone as AAPL made iPhone
available on all major cellular network in the continent of US. Also
considering reports of recent data breeches and its long lasing impacts to
organization’s business performance, AAPL has added, “Breach of Company’s information technology systems may materially
damage business, partner and customer relationships” to its list of major
Although each company formulates its mitigation plan
in an effort to offset its potential business risk, computer industry remains
as one of the largest industry which relies heavily on innovation to create product
differentiators and stay ahead of its completion. But at the same time,
predicting how the technology landscape of the future would look like is not
something a single organization or an individual can accurately determine.