Subscribe to our weekly Blog Digest

Rod Verhulp
Rod VerhulpVP Finance, Equinix
Like it? Share it! Facebooktwittergoogle_pluslinkedin

We feel we have a very successful enterprise risk management (ERM) program at Equinix which we will continue to improve. To understand and manage the risks required to sustain rapid growth and continue to achieve the operating results expected by our shareholders, we have identified four Critical Success Factors which have led to our successful development and operation of our ERM program:

  1. Perceived Value – Through the information provided by the ERM program, the Board and Executive Management have the information they require to make informed investment decisions. Key Risks are identified, defined and documented. Risk Profiles provide sufficient information to determine whether a Key Risk is effectively mitigated. And if there are any gaps, the Board and Management can determine whether additional investment is required or the level of risk is acceptable.
  2. Board and Executive Support – Because of the Perceived Value based on informed investment decision making, we have received the support required to allocate resources for development and operation of an effective ERM program. This includes Management Ownership of the ERM program at the VP level and the investment in the technology to support development of an ERM database and ERM reporting.
  3. Risk Ownership and Accountability – There is an Executive Owner for each Key Risk. They are responsible for developing and maintaining the Risk Profiles in our ACL GRC database. They are required to provide quarterly updates to the CEO with the Risk Scorecards generated from our ERM platform, ACL GRC. An annual update is made to the Board using the Risk Dashboard, which is also generated through the ERM platform. Each Executive’s annual performance includes an assessment of how effectively they have managed their Key Risks.
  4. Investment in Technology – Without the appropriate level of automation, an effective ERM program is much more challenging. This is due to the level of effort required to develop and maintain the Risk Profile database and ERM reporting. Done manually, this requires significant resources and is not maintainable or scalable—especially during high growth or change to a company. The use of an effective platform simplifies and standardizes the entire ERM process. We feel this is an absolute requirement for the development of an effective ERM program. We have chosen the ACL GRC platform to support our ERM program.

As stated in part one of this post, the true value of ERM at Equinix is that the process provides Management and the Board of Directors with the information they need to make informed investment decisions. This is the basis for making the case and the investment in an effective ERM program.

At Equinix, the ERM update cycle coincides with our annual Strategic Planning and Budget cycle. The information from the ERM process is a key input into our annual planning and budgeting. This is when the investment decisions are made as to the acceptable level of risk and whether additional investment is required for any of the Key Risks.

Equinix has been highly successful, and to maintain that success we know we need to continue to understand the risks associated with our business and have clear visibility as to whether those risks are being effectively managed.


To learn more about how Rod and the team at Equinix are using ACL’s data-driven platform to collaboratively manage governance, risk and compliance across the enterprise, check out the case study here.