Group of professionals with laptops and documents
Case Study

Public utility goes all-in on ERM implementation

Group of professionals with laptops and documents
Case Study

Public utility goes all-in on ERM implementation

When implementing an enterprise risk management (ERM) program, utilities will find that ERM theory only gets one so far. Developing and sustaining an ERM approach to strategically manage operational and financial areas can be best powered through an organization-wide commitment. Here’s an example of a Baker Tilly client who went all-in to see their ERM program to fruition.

Client need

A mid-size public electric and water utility wanted to develop a more structured approach to managing operational and financial issues and to develop tools to assist in implementing strategies that would serve the entity for the next five to 20 years. Some of the utility’s concerns included:

  • Succession planning and workforce management
  • Swings in fuel prices for generation
  • Technology risk
  • Cybersecurity risk
  • Maintaining proper level of governance
  • Financial risks, including maintaining bond rating and bond earnings coverage
  • Water quality issues
  • Meeting regulatory requirements

The utility’s management and oversight board felt implementing ERM would provide a consistent method to prioritize risk mitigation strategies and action items based on a focused and holistic analysis of key risks.

Baker Tilly solution

Following this five-step method, Baker Tilly’s specialized utilities team helped the entity implement a formal ERM program:

  1. Obtain management and oversight board buy-in
  2. Receive department head buy-in
  3. Introduce ERM at the business segment level
  4. Introduce ERM at the organization enterprise level
  5. Report and monitor

To achieve these steps, Baker Tilly first performed these activities:

  • Conducted interviews with management
  • Reviewed both internal and external documentation and facilitated workshops
  • Developed and held ERM educational sessions for management, board and departmental staff
  • Built out a risk universe of areas of concern
  • Used the risk assessment of the universe focusing on impact to the organization
  • Determined the likelihood and current mitigation effectiveness for each risk
  • Identified and prioritized the highest rated risks to the organization – discussing the ranking with management and department heads to reach consensus
  • Developed an action plan and cost-benefit analysis of highest rated risks
  • Linked the highest rated risks to the strategic plan and business goals
  • Determined and gained approval of ongoing risk monitoring, dashboards and internal reports


Using Baker Tilly’s proven ERM program development methodology allowed for ideas and input from all levels of the public utility – management, board, department heads and line managers. Representation of staff throughout the organization fostered a culture of openness and cooperation. The utility implemented its ERM program and early results have been promising.

Remaining vigilant

While ERM sounds wonderful in the land of theory and early implementation results are generally beneficial and enthusiastically received, issues may arise in sustaining an organization’s ERM program. Dedicated champions are needed to keep ERM programs from languishing dying on the vine. Large utilities generally have budget for full-time ERM staff and find greater success in maintaining or growing their programs. Mid-sized utilities that have implemented ERM commonly have a part-time dedicated champion whose other duties tend to steer resources and time away from ERM. There are success stories where this arrangement works, but it takes vigilance, support from management and drive from the oversight board to make that happen.

For more information on this topic, or to learn how Baker Tilly energy and utility specialists can help, contact our team.

Russell A. Hissom
Two men walking and talking
Next up

Alternative ERM approaches transform utilities