risk consulting case study

• Predict! Software Suite
• Training and Coaching
• Predict! Risk Controller
• Rapid Deployment
• Predict! Risk Analyser
• Predict! Risk Reporter
• Predict! Risk Visualiser
• Predict! Cloud Hosting
• BOOK A DEMO
• Risk Vision
• Win Proposals with Risk Analysis
• Case Studies
• Video Gallery
• White Papers
• Upcoming Events
• Past Events

Fehmarnbelt case study

. . . . . learn more

Lend Lease case study

ASC case study

Tornado IPT case study

LLW Repository case study

OHL case study

Babcock case study

HUMS case study

UK Chinook case study

• EMEA: +44 (0) 1865 987 466
• Americas: +1 (0) 437 269 0697
• APAC: +61 499 520 456

Subscribe for Updates

Copyright © 2024 risk decisions. All rights reserved.

• Privacy Policy
• Cookie Policy
• Terms and Conditions
• Company Registration No: 01878114

Powered by The Communications Group

Enterprise Risk Management Case Studies: Heroes and Zeros

By Andy Marker | April 7, 2021

• Share on Facebook
• Share on LinkedIn

Link copied

We’ve compiled more than 20 case studies of enterprise risk management programs that illustrate how companies can prevent significant losses yet take risks with more confidence.   

Included on this page, you’ll find case studies and examples by industry , case studies of major risk scenarios (and company responses), and examples of ERM successes and failures .

Enterprise Risk Management Examples and Case Studies

With enterprise risk management (ERM) , companies assess potential risks that could derail strategic objectives and implement measures to minimize or avoid those risks. You can analyze examples (or case studies) of enterprise risk management to better understand the concept and how to properly execute it.

The collection of examples and case studies on this page illustrates common risk management scenarios by industry, principle, and degree of success. For a basic overview of enterprise risk management, including major types of risks, how to develop policies, and how to identify key risk indicators (KRIs), read “ Enterprise Risk Management 101: Programs, Frameworks, and Advice from Experts .”

Enterprise Risk Management Framework Examples

An enterprise risk management framework is a system by which you assess and mitigate potential risks. The framework varies by industry, but most include roles and responsibilities, a methodology for risk identification, a risk appetite statement, risk prioritization, mitigation strategies, and monitoring and reporting.

To learn more about enterprise risk management and find examples of different frameworks, read our “ Ultimate Guide to Enterprise Risk Management .”

Enterprise Risk Management Examples and Case Studies by Industry

Though every firm faces unique risks, those in the same industry often share similar risks. By understanding industry-wide common risks, you can create and implement response plans that offer your firm a competitive advantage.

Enterprise Risk Management Example in Banking

Toronto-headquartered TD Bank organizes its risk management around two pillars: a risk management framework and risk appetite statement. The enterprise risk framework defines the risks the bank faces and lays out risk management practices to identify, assess, and control risk. The risk appetite statement outlines the bank’s willingness to take on risk to achieve its growth objectives. Both pillars are overseen by the risk committee of the company’s board of directors.  

Risk management frameworks were an important part of the International Organization for Standardization’s 31000 standard when it was first written in 2009 and have been updated since then. The standards provide universal guidelines for risk management programs.  

Risk management frameworks also resulted from the efforts of the Committee of Sponsoring Organizations of the Treadway Commission (COSO). The group was formed to fight corporate fraud and included risk management as a dimension. 

Once TD completes the ERM framework, the bank moves onto the risk appetite statement. 

The bank, which built a large U.S. presence through major acquisitions, determined that it will only take on risks that meet the following three criteria:

• The risk fits the company’s strategy, and TD can understand and manage those risks. 
• The risk does not render the bank vulnerable to significant loss from a single risk.
• The risk does not expose the company to potential harm to its brand and reputation. 

Some of the major risks the bank faces include strategic risk, credit risk, market risk, liquidity risk, operational risk, insurance risk, capital adequacy risk, regulator risk, and reputation risk. Managers detail these categories in a risk inventory. 

The risk framework and appetite statement, which are tracked on a dashboard against metrics such as capital adequacy and credit risk, are reviewed annually. 

TD uses a three lines of defense (3LOD) strategy, an approach widely favored by ERM experts, to guard against risk. The three lines are as follows:

• A business unit and corporate policies that create controls, as well as manage and monitor risk
• Standards and governance that provide oversight and review of risks and compliance with the risk appetite and framework 
• Internal audits that provide independent checks and verification that risk-management procedures are effective

Enterprise Risk Management Example in Pharmaceuticals

Drug companies’ risks include threats around product quality and safety, regulatory action, and consumer trust. To avoid these risks, ERM experts emphasize the importance of making sure that strategic goals do not conflict. 

For Britain’s GlaxoSmithKline, such a conflict led to a breakdown in risk management, among other issues. In the early 2000s, the company was striving to increase sales and profitability while also ensuring safe and effective medicines. One risk the company faced was a failure to meet current good manufacturing practices (CGMP) at its plant in Cidra, Puerto Rico. 

CGMP includes implementing oversight and controls of manufacturing, as well as managing the risk and confirming the safety of raw materials and finished drug products. Noncompliance with CGMP can result in escalating consequences, ranging from warnings to recalls to criminal prosecution. 

GSK’s unit pleaded guilty and paid $750 million in 2010 to resolve U.S. charges related to drugs made at the Cidra plant, which the company later closed. A fired GSK quality manager alerted regulators and filed a whistleblower lawsuit in 2004. In announcing the consent decree, the U.S. Department of Justice said the plant had a history of bacterial contamination and multiple drugs created there in the early 2000s violated safety standards.

According to the whistleblower, GSK’s ERM process failed in several respects to act on signs of non-compliance with CGMP. The company received warning letters from the U.S. Food and Drug Administration in 2001 about the plant’s practices, but did not resolve the issues. 

Additionally, the company didn’t act on the quality manager’s compliance report, which advised GSK to close the plant for two weeks to fix the problems and notify the FDA. According to court filings, plant staff merely skimmed rejected products and sold them on the black market. They also scraped by hand the inside of an antibiotic tank to get more product and, in so doing, introduced bacteria into the product.

Enterprise Risk Management Example in Consumer Packaged Goods

Mars Inc., an international candy and food company, developed an ERM process. The company piloted and deployed the initiative through workshops with geographic, product, and functional teams from 2003 to 2012. 

Driven by a desire to frame risk as an opportunity and to work within the company’s decentralized structure, Mars created a process that asked participants to identify potential risks and vote on which had the highest probability. The teams listed risk mitigation steps, then ranked and color-coded them according to probability of success. 

Larry Warner, a Mars risk officer at the time, illustrated this process in a case study . An initiative to increase direct-to-consumer shipments by 12 percent was colored green, indicating a 75 percent or greater probability of achievement. The initiative to bring a new plant online by the end of Q3 was coded red, meaning less than a 50 percent probability of success. 

The company’s results were hurt by a surprise at an operating unit that resulted from a so-coded red risk identified in a unit workshop. Executives had agreed that some red risk profile was to be expected, but they decided that when a unit encountered a red issue, it must be communicated upward when first identified. This became a rule. 

This process led to the creation of an ERM dashboard that listed initiatives in priority order, with the profile of each risk faced in the quarter, the risk profile trend, and a comment column for a year-end view. 

According to Warner, the key factors of success for ERM at Mars are as follows:

• The initiative focused on achieving operational and strategic objectives rather than compliance, which refers to adhering to established rules and regulations.
• The program evolved, often based on requests from business units, and incorporated continuous improvement. 
• The ERM team did not overpromise. It set realistic objectives.
• The ERM team periodically surveyed business units, management teams, and board advisers.

Enterprise Risk Management Example in Retail

Walmart is the world’s biggest retailer. As such, the company understands that its risk makeup is complex, given the geographic spread of its operations and its large number of stores, vast supply chain, and high profile as an employer and buyer of goods. 

In the 1990s, the company sought a simplified strategy for assessing risk and created an enterprise risk management plan with five steps founded on these four questions:

• What are the risks?
• What are we going to do about them?
• How will we know if we are raising or decreasing risk?
• How will we show shareholder value?

The process follows these five steps:

• Risk Identification: Senior Walmart leaders meet in workshops to identify risks, which are then plotted on a graph of probability vs. impact. Doing so helps to prioritize the biggest risks. The executives then look at seven risk categories (both internal and external): legal/regulatory, political, business environment, strategic, operational, financial, and integrity. Many ERM pros use risk registers to evaluate and determine the priority of risks. You can download templates that help correlate risk probability and potential impact in “ Free Risk Register Templates .”
• Risk Mitigation: Teams that include operational staff in the relevant area meet. They use existing inventory procedures to address the risks and determine if the procedures are effective.
• Action Planning: A project team identifies and implements next steps over the several months to follow.
• Performance Metrics: The group develops metrics to measure the impact of the changes. They also look at trends of actual performance compared to goal over time.
• Return on Investment and Shareholder Value: In this step, the group assesses the changes’ impact on sales and expenses to determine if the moves improved shareholder value and ROI.

To develop your own risk management planning, you can download a customizable template in “ Risk Management Plan Templates .”

Enterprise Risk Management Example in Agriculture

United Grain Growers (UGG), a Canadian grain distributor that now is part of Glencore Ltd., was hailed as an ERM innovator and became the subject of business school case studies for its enterprise risk management program. This initiative addressed the risks associated with weather for its business. Crop volume drove UGG’s revenue and profits. 

In the late 1990s, UGG identified its major unaddressed risks. Using almost a century of data, risk analysts found that extreme weather events occurred 10 times as frequently as previously believed. The company worked with its insurance broker and the Swiss Re Group on a solution that added grain-volume risk (resulting from weather fluctuations) to its other insured risks, such as property and liability, in an integrated program. 

The result was insurance that protected grain-handling earnings, which comprised half of UGG’s gross profits. The greater financial stability significantly enhanced the firm’s ability to achieve its strategic objectives. 

Since then, the number and types of instruments to manage weather-related risks has multiplied rapidly. For example, over-the-counter derivatives, such as futures and options, began trading in 1997. The Chicago Mercantile Exchange now offers weather futures contracts on 12 U.S. and international cities. 

Weather derivatives are linked to climate factors such as rainfall or temperature, and they hedge different kinds of risks than do insurance. These risks are much more common (e.g., a cooler-than-normal summer) than the earthquakes and floods that insurance typically covers. And the holders of derivatives do not have to incur any damage to collect on them.

These weather-linked instruments have found a wider audience than anticipated, including retailers that worry about freak storms decimating Christmas sales, amusement park operators fearing rainy summers will keep crowds away, and energy companies needing to hedge demand for heating and cooling.

This area of ERM continues to evolve because weather and crop insurance are not enough to address all the risks that agriculture faces. Arbol, Inc. estimates that more than $1 trillion of agricultural risk is uninsured. As such, it is launching a blockchain-based platform that offers contracts (customized by location and risk parameters) with payouts based on weather data. These contracts can cover risks associated with niche crops and small growing areas.

Enterprise Risk Management Example in Insurance

Switzerland’s Zurich Insurance Group understands that risk is inherent for insurers and seeks to practice disciplined risk-taking, within a predetermined risk tolerance. 

The global insurer’s enterprise risk management framework aims to protect capital, liquidity, earnings, and reputation. Governance serves as the basis for risk management, and the framework lays out responsibilities for taking, managing, monitoring, and reporting risks. 

The company uses a proprietary process called Total Risk Profiling (TRP) to monitor internal and external risks to its strategy and financial plan. TRP assesses risk on the basis of severity and probability, and helps define and implement mitigating moves. 

Zurich’s risk appetite sets parameters for its tolerance within the goal of maintaining enough capital to achieve an AA rating from rating agencies. For this, the company uses its own Zurich economic capital model, referred to as Z-ECM. The model quantifies risk tolerance with a metric that assesses risk profile vs. risk tolerance. 

To maintain the AA rating, the company aims to hold capital between 100 and 120 percent of capital at risk. Above 140 percent is considered overcapitalized (therefore at risk of throttling growth), and under 90 percent is below risk tolerance (meaning the risk is too high). On either side of 100 to 120 percent (90 to 100 percent and 120 to 140 percent), the insurer considers taking mitigating action. 

Zurich’s assessment of risk and the nature of those risks play a major role in determining how much capital regulators require the business to hold. A popular tool to assess risk is the risk matrix, and you can find a variety of templates in “ Free, Customizable Risk Matrix Templates .”

In 2020, Zurich found that its biggest exposures were market risk, such as falling asset valuations and interest-rate risk; insurance risk, such as big payouts for covered customer losses, which it hedges through diversification and reinsurance; credit risk in assets it holds and receivables; and operational risks, such as internal process failures and external fraud.

Enterprise Risk Management Example in Technology

Financial software maker Intuit has strengthened its enterprise risk management through evolution, according to a case study by former Chief Risk Officer Janet Nasburg. 

The program is founded on the following five core principles:

• Use a common risk framework across the enterprise.
• Assess risks on an ongoing basis.
• Focus on the most important risks.
• Clearly define accountability for risk management.
• Commit to continuous improvement of performance measurement and monitoring. 

ERM programs grow according to a maturity model, and as capability rises, the shareholder value from risk management becomes more visible and important. 

The maturity phases include the following:

• Ad hoc risk management addresses a specific problem when it arises.
• Targeted or initial risk management approaches risks with multiple understandings of what constitutes risk and management occurs in silos. 
• Integrated or repeatable risk management puts in place an organization-wide framework for risk assessment and response. 
• Intelligent or managed risk management coordinates risk management across the business, using common tools. 
• Risk leadership incorporates risk management into strategic decision-making. 

Intuit emphasizes using key risk indicators (KRIs) to understand risks, along with key performance indicators (KPIs) to gauge the effectiveness of risk management. 

Early in its ERM journey, Intuit measured performance on risk management process participation and risk assessment impact. For participation, the targeted rate was 80 percent of executive management and business-line leaders. This helped benchmark risk awareness and current risk management, at a time when ERM at the company was not mature.

Conduct an annual risk assessment at corporate and business-line levels to plot risks, so the most likely and most impactful risks are graphed in the upper-right quadrant. Doing so focuses attention on these risks and helps business leaders understand the risk’s impact on performance toward strategic objectives. 

In the company’s second phase of ERM, Intuit turned its attention to building risk management capacity and sought to ensure that risk management activities addressed the most important risks. The company evaluated performance using color-coded status symbols (red, yellow, green) to indicate risk trend and progress on risk mitigation measures.

In its third phase, Intuit moved to actively monitoring the most important risks and ensuring that leaders modified their strategies to manage risks and take advantage of opportunities. An executive dashboard uses KRIs, KPIs, an overall risk rating, and red-yellow-green coding. The board of directors regularly reviews this dashboard.

Over this evolution, the company has moved from narrow, tactical risk management to holistic, strategic, and long-term ERM.

Enterprise Risk Management Case Studies by Principle

ERM veterans agree that in addition to KPIs and KRIs, other principles are equally important to follow. Below, you’ll find examples of enterprise risk management programs by principles.

ERM Principle #1: Make Sure Your Program Aligns with Your Values

Raytheon Case Study U.S. defense contractor Raytheon states that its highest priority is delivering on its commitment to provide ethical business practices and abide by anti-corruption laws.

Raytheon backs up this statement through its ERM program. Among other measures, the company performs an annual risk assessment for each function, including the anti-corruption group under the Chief Ethics and Compliance Officer. In addition, Raytheon asks 70 of its sites to perform an anti-corruption self-assessment each year to identify gaps and risks. From there, a compliance team tracks improvement actions. 

Every quarter, the company surveys 600 staff members who may face higher anti-corruption risks, such as the potential for bribes. The survey asks them to report any potential issues in the past quarter.

Also on a quarterly basis, the finance and internal controls teams review higher-risk profile payments, such as donations and gratuities to confirm accuracy and compliance. Oversight and compliance teams add other checks, and they update a risk-based audit plan continuously.

ERM Principle #2: Embrace Diversity to Reduce Risk

State Street Global Advisors Case Study In 2016, the asset management firm State Street Global Advisors introduced measures to increase gender diversity in its leadership as a way of reducing portfolio risk, among other goals. 

The company relied on research that showed that companies with more women senior managers had a better return on equity, reduced volatility, and fewer governance problems such as corruption and fraud. 

Among the initiatives was a campaign to influence companies where State Street had invested, in order to increase female membership on their boards. State Street also developed an investment product that tracks the performance of companies with the highest level of senior female leadership relative to peers in their sector. 

In 2020, the company announced some of the results of its effort. Among the 1,384 companies targeted by the firm, 681 added at least one female director.

ERM Principle #3: Do Not Overlook Resource Risks

Infosys Case Study India-based technology consulting company Infosys, which employees more than 240,000 people, has long recognized the risk of water shortages to its operations. 

India’s rapidly growing population and development has increased the risk of water scarcity. A 2020 report by the World Wide Fund for Nature said 30 cities in India faced the risk of severe water scarcity over the next three decades. 

Infosys has dozens of facilities in India and considers water to be a significant short-term risk. At its campuses, the company uses the water for cooking, drinking, cleaning, restrooms, landscaping, and cooling. Water shortages could halt Infosys operations and prevent it from completing customer projects and reaching its performance objectives. 

In an enterprise risk assessment example, Infosys’ ERM team conducts corporate water-risk assessments while sustainability teams produce detailed water-risk assessments for individual locations, according to a report by the World Business Council for Sustainable Development .

The company uses the COSO ERM framework to respond to the risks and decide whether to accept, avoid, reduce, or share these risks. The company uses root-cause analysis (which focuses on identifying underlying causes rather than symptoms) and the site assessments to plan steps to reduce risks. 

Infosys has implemented various water conservation measures, such as water-efficient fixtures and water recycling, rainwater collection and use, recharging aquifers, underground reservoirs to hold five days of water supply at locations, and smart-meter usage monitoring. Infosys’ ERM team tracks metrics for per-capita water consumption, along with rainfall data, availability and cost of water by tanker trucks, and water usage from external suppliers. 

In the 2020 fiscal year, the company reported a nearly 64 percent drop in per-capita water consumption by its workforce from the 2008 fiscal year. 

The business advantages of this risk management include an ability to open locations where water shortages may preclude competitors, and being able to maintain operations during water scarcity, protecting profitability.

ERM Principle #4: Fight Silos for Stronger Enterprise Risk Management

U.S. Government Case Study The terrorist attacks of September 11, 2001, revealed that the U.S. government’s then-current approach to managing intelligence was not adequate to address the threats — and, by extension, so was the government’s risk management procedure. Since the Cold War, sensitive information had been managed on a “need to know” basis that resulted in data silos. 

In the case of 9/11, this meant that different parts of the government knew some relevant intelligence that could have helped prevent the attacks. But no one had the opportunity to put the information together and see the whole picture. A congressional commission determined there were 10 lost operational opportunities to derail the plot. Silos existed between law enforcement and intelligence, as well as between and within agencies. 

After the attacks, the government moved toward greater information sharing and collaboration. Based on a task force’s recommendations, data moved from a centralized network to a distributed model, and social networking tools now allow colleagues throughout the government to connect. Staff began working across agency lines more often.

Enterprise Risk Management Examples by Scenario

While some scenarios are too unlikely to receive high-priority status, low-probability risks are still worth running through the ERM process. Robust risk management creates a culture and response capacity that better positions a company to deal with a crisis.

In the following enterprise risk examples, you will find scenarios and details of how organizations manage the risks they face.

Scenario: ERM and the Global Pandemic While most businesses do not have the resources to do in-depth ERM planning for the rare occurrence of a global pandemic, companies with a risk-aware culture will be at an advantage if a pandemic does hit. 

These businesses already have processes in place to escalate trouble signs for immediate attention and an ERM team or leader monitoring the threat environment. A strong ERM function gives clear and effective guidance that helps the company respond.

A report by Vodafone found that companies identified as “future ready” fared better in the COVID-19 pandemic. The attributes of future-ready businesses have a lot in common with those of companies that excel at ERM. These include viewing change as an opportunity; having detailed business strategies that are documented, funded, and measured; working to understand the forces that shape their environments; having roadmaps in place for technological transformation; and being able to react more quickly than competitors. 

Only about 20 percent of companies in the Vodafone study met the definition of “future ready.” But 54 percent of these firms had a fully developed and tested business continuity plan, compared to 30 percent of all businesses. And 82 percent felt their continuity plans worked well during the COVID-19 crisis. Nearly 50 percent of all businesses reported decreased profits, while 30 percent of future-ready organizations saw profits rise. 

Scenario: ERM and the Economic Crisis  The 2008 economic crisis in the United States resulted from the domino effect of rising interest rates, a collapse in housing prices, and a dramatic increase in foreclosures among mortgage borrowers with poor creditworthiness. This led to bank failures, a credit crunch, and layoffs, and the U.S. government had to rescue banks and other financial institutions to stabilize the financial system.

Some commentators said these events revealed the shortcomings of ERM because it did not prevent the banks’ mistakes or collapse. But Sim Segal, an ERM consultant and director of Columbia University’s ERM master’s degree program, analyzed how banks performed on 10 key ERM criteria. 

Segal says a risk-management program that incorporates all 10 criteria has these characteristics: 

• Risk management has an enterprise-wide scope.
• The program includes all risk categories: financial, operational, and strategic. 
• The focus is on the most important risks, not all possible risks. 
• Risk management is integrated across risk types.
• Aggregated metrics show risk exposure and appetite across the enterprise.
• Risk management incorporates decision-making, not just reporting.
• The effort balances risk and return management.
• There is a process for disclosure of risk.
• The program measures risk in terms of potential impact on company value.
• The focus of risk management is on the primary stakeholder, such as shareholders, rather than regulators or rating agencies.

In his book Corporate Value of Enterprise Risk Management , Segal concluded that most banks did not actually use ERM practices, which contributed to the financial crisis. He scored banks as failing on nine of the 10 criteria, only giving them a passing grade for focusing on the most important risks. 

Scenario: ERM and Technology Risk  The story of retailer Target’s failed expansion to Canada, where it shut down 133 loss-making stores in 2015, has been well documented. But one dimension that analysts have sometimes overlooked was Target’s handling of technology risk. 

A case study by Canadian Business magazine traced some of the biggest issues to software and data-quality problems that dramatically undermined the Canadian launch. 

As with other forms of ERM, technology risk management requires companies to ask what could go wrong, what the consequences would be, how they might prevent the risks, and how they should deal with the consequences. 

But with its technology plan for Canada, Target did not heed risk warning signs. 

In the United States, Target had custom systems for ordering products from vendors, processing items at warehouses, and distributing merchandise to stores quickly. But that software would need customization to work with the Canadian dollar, metric system, and French-language characters. 

Target decided to go with new ERP software on an aggressive two-year timeline. As Target began ordering products for the Canadian stores in 2012, problems arose. Some items did not fit into shipping containers or on store shelves, and information needed for customs agents to clear imported items was not correct in Target's system. 

Target found that its supply chain software data was full of errors. Product dimensions were in inches, not centimeters; height and width measurements were mixed up. An internal investigation showed that only about 30 percent of the data was accurate. 

In an attempt to fix these errors, Target merchandisers spent a week double-checking with vendors up to 80 data points for each of the retailer’s 75,000 products. They discovered that the dummy data entered into the software during setup had not been altered. To make any corrections, employees had to send the new information to an office in India where staff would enter it into the system. 

As the launch approached, the technology errors left the company vulnerable to stockouts, few people understood how the system worked, and the point-of-sale checkout system did not function correctly. Soon after stores opened in 2013, consumers began complaining about empty shelves. Meanwhile, Target Canada distribution centers overflowed due to excess ordering based on poor data fed into forecasting software. 

The rushed launch compounded problems because it did not allow the company enough time to find solutions or alternative technology. While the retailer fixed some issues by the end of 2014, it was too late. Target Canada filed for bankruptcy protection in early 2015. 

Scenario: ERM and Cybersecurity System hacks and data theft are major worries for companies. But as a relatively new field, cyber-risk management faces unique hurdles.

For example, risk managers and information security officers have difficulty quantifying the likelihood and business impact of a cybersecurity attack. The rise of cloud-based software exposes companies to third-party risks that make these projections even more difficult to calculate. 

As the field evolves, risk managers say it’s important for IT security officers to look beyond technical issues, such as the need to patch a vulnerability, and instead look more broadly at business impacts to make a cost benefit analysis of risk mitigation. Frameworks such as the Risk Management Framework for Information Systems and Organizations by the National Institute of Standards and Technology can help.  

Health insurer Aetna considers cybersecurity threats as a part of operational risk within its ERM framework and calculates a daily risk score, adjusted with changes in the cyberthreat landscape. 

Aetna studies threats from external actors by working through information sharing and analysis centers for the financial services and health industries. Aetna staff reverse-engineers malware to determine controls. The company says this type of activity helps ensure the resiliency of its business processes and greatly improves its ability to help protect member information.

For internal threats, Aetna uses models that compare current user behavior to past behavior and identify anomalies. (The company says it was the first organization to do this at scale across the enterprise.) Aetna gives staff permissions to networks and data based on what they need to perform their job. This segmentation restricts access to raw data and strengthens governance. 

Another risk initiative scans outgoing employee emails for code patterns, such as credit card or Social Security numbers. The system flags the email, and a security officer assesses it before the email is released.

Examples of Poor Enterprise Risk Management

Case studies of failed enterprise risk management often highlight mistakes that managers could and should have spotted — and corrected — before a full-blown crisis erupted. The focus of these examples is often on determining why that did not happen. 

ERM Case Study: General Motors

In 2014, General Motors recalled the first of what would become 29 million cars due to faulty ignition switches and paid compensation for 124 related deaths. GM knew of the problem for at least 10 years but did not act, the automaker later acknowledged. The company entered a deferred prosecution agreement and paid a $900 million penalty. 

Pointing to the length of time the company failed to disclose the safety problem, ERM specialists say it shows the problem did not reside with a single department. “Rather, it reflects a failure to properly manage risk,” wrote Steve Minsky, a writer on ERM and CEO of an ERM software company, in Risk Management magazine. 

“ERM is designed to keep all parties across the organization, from the front lines to the board to regulators, apprised of these kinds of problems as they become evident. Unfortunately, GM failed to implement such a program, ultimately leading to a tragic and costly scandal,” Minsky said.

Also in the auto sector, an enterprise risk management case study of Toyota looked at its problems with unintended acceleration of vehicles from 2002 to 2009. Several studies, including a case study by Carnegie Mellon University Professor Phil Koopman , blamed poor software design and company culture. A whistleblower later revealed a coverup by Toyota. The company paid more than $2.5 billion in fines and settlements.

ERM Case Study: Lululemon

In 2013, following customer complaints that its black yoga pants were too sheer, the athletic apparel maker recalled 17 percent of its inventory at a cost of $67 million. The company had previously identified risks related to fabric supply and quality. The CEO said the issue was inadequate testing. 

Analysts raised concerns about the company’s controls, including oversight of factories and product quality. A case study by Stanford University professors noted that Lululemon’s episode illustrated a common disconnect between identifying risks and being prepared to manage them when they materialize. Lululemon’s reporting and analysis of risks was also inadequate, especially as related to social media. In addition, the case study highlighted the need for a system to escalate risk-related issues to the board. 

ERM Case Study: Kodak 

Once an iconic brand, the photo film company failed for decades to act on the threat that digital photography posed to its business and eventually filed for bankruptcy in 2012. The company’s own research in 1981 found that digital photos could ultimately replace Kodak’s film technology and estimated it had 10 years to prepare. 

Unfortunately, Kodak did not prepare and stayed locked into the film paradigm. The board reinforced this course when in 1989 it chose as CEO a candidate who came from the film business over an executive interested in digital technology. 

Had the company acknowledged the risks and employed ERM strategies, it might have pursued a variety of strategies to remain successful. The company’s rival, Fuji Film, took the money it made from film and invested in new initiatives, some of which paid off. Kodak, on the other hand, kept investing in the old core business.

Case Studies of Successful Enterprise Risk Management

Successful enterprise risk management usually requires strong performance in multiple dimensions, and is therefore more likely to occur in organizations where ERM has matured. The following examples of enterprise risk management can be considered success stories. 

ERM Case Study: Statoil 

A major global oil producer, Statoil of Norway stands out for the way it practices ERM by looking at both downside risk and upside potential. Taking risks is vital in a business that depends on finding new oil reserves. 

According to a case study, the company developed its own framework founded on two basic goals: creating value and avoiding accidents.

The company aims to understand risks thoroughly, and unlike many ERM programs, Statoil maps risks on both the downside and upside. It graphs risk on probability vs. impact on pre-tax earnings, and it examines each risk from both positive and negative perspectives. 

For example, the case study cites a risk that the company assessed as having a 5 percent probability of a somewhat better-than-expected outcome but a 10 percent probability of a significant loss relative to forecast. In this case, the downside risk was greater than the upside potential.

ERM Case Study: Lego 

The Danish toy maker’s ERM evolved over the following four phases, according to a case study by one of the chief architects of its program:

• Traditional management of financial, operational, and other risks. Strategic risk management joined the ERM program in 2006. 
• The company added Monte Carlo simulations in 2008 to model financial performance volatility so that budgeting and financial processes could incorporate risk management. The technique is used in budget simulations, to assess risk in its credit portfolio, and to consolidate risk exposure. 
• Active risk and opportunity planning is part of making a business case for new projects before final decisions.
• The company prepares for uncertainty so that long-term strategies remain relevant and resilient under different scenarios. 

As part of its scenario modeling, Lego developed its PAPA (park, adapt, prepare, act) model. 

• Park: The company parks risks that occur slowly and have a low probability of happening, meaning it does not forget nor actively deal with them.
• Adapt: This response is for risks that evolve slowly and are certain or highly probable to occur. For example, a risk in this category is the changing nature of play and the evolution of buying power in different parts of the world. In this phase, the company adjusts, monitors the trend, and follows developments.
• Prepare: This category includes risks that have a low probability of occurring — but when they do, they emerge rapidly. These risks go into the ERM risk database with contingency plans, early warning indicators, and mitigation measures in place.
• Act: These are high-probability, fast-moving risks that must be acted upon to maintain strategy. For example, developments around connectivity, mobile devices, and online activity are in this category because of the rapid pace of change and the influence on the way children play. 

Lego views risk management as a way to better equip itself to take risks than its competitors. In the case study, the writer likens this approach to the need for the fastest race cars to have the best brakes and steering to achieve top speeds.

ERM Case Study: University of California 

The University of California, one of the biggest U.S. public university systems, introduced a new view of risk to its workforce when it implemented enterprise risk management in 2005. Previously, the function was merely seen as a compliance requirement.

ERM became a way to support the university’s mission of education and research, drawing on collaboration of the system’s employees across departments. “Our philosophy is, ‘Everyone is a risk manager,’” Erike Young, deputy director of ERM told Treasury and Risk magazine. “Anyone who’s in a management position technically manages some type of risk.”

The university faces a diverse set of risks, including cybersecurity, hospital liability, reduced government financial support, and earthquakes.  

The ERM department had to overhaul systems to create a unified view of risk because its information and processes were not linked. Software enabled both an organizational picture of risk and highly detailed drilldowns on individual risks. Risk managers also developed tools for risk assessment, risk ranking, and risk modeling. 

Better risk management has provided more than $100 million in annual cost savings and nearly $500 million in cost avoidance, according to UC officials. 

UC drives ERM with risk management departments at each of its 10 locations and leverages university subject matter experts to form multidisciplinary workgroups that develop process improvements.

APQC, a standards quality organization, recognized UC as a top global ERM practice organization, and the university system has won other awards. The university says in 2010 it was the first nonfinancial organization to win credit-rating agency recognition of its ERM program.

Examples of How Technology Is Transforming Enterprise Risk Management

Business intelligence software has propelled major progress in enterprise risk management because the technology enables risk managers to bring their information together, analyze it, and forecast how risk scenarios would impact their business.

ERM organizations are using computing and data-handling advancements such as blockchain for new innovations in strengthening risk management. Following are case studies of a few examples.

ERM Case Study: Bank of New York Mellon 

In 2021, the bank joined with Google Cloud to use machine learning and artificial intelligence to predict and reduce the risk that transactions in the $22 trillion U.S. Treasury market will fail to settle. Settlement failure means a buyer and seller do not exchange cash and securities by the close of business on the scheduled date. 

The party that fails to settle is assessed a daily financial penalty, and a high level of settlement failures can indicate market liquidity problems and rising risk. BNY says that, on average, about 2 percent of transactions fail to settle.

The bank trained models with millions of trades to consider every factor that could result in settlement failure. The service uses market-wide intraday trading metrics, trading velocity, scarcity indicators, volume, the number of trades settled per hour, seasonality, issuance patterns, and other signals. 

The bank said it predicts about 40 percent of settlement failures with 90 percent accuracy. But it also cautioned against overconfidence in the technology as the model continues to improve. 

AI-driven forecasting reduces risk for BNY clients in the Treasury market and saves costs. For example, a predictive view of settlement risks helps bond dealers more accurately manage their liquidity buffers, avoid penalties, optimize their funding sources, and offset the risks of failed settlements. In the long run, such forecasting tools could improve the health of the financial market. 

ERM Case Study: PwC

Consulting company PwC has leveraged a vast information storehouse known as a data lake to help its customers manage risk from suppliers.

A data lake stores both structured or unstructured information, meaning data in highly organized, standardized formats as well as unstandardized data. This means that everything from raw audio to credit card numbers can live in a data lake. 

Using techniques pioneered in national security, PwC built a risk data lake that integrates information from client companies, public databases, user devices, and industry sources. Algorithms find patterns that can signify unidentified risks.

One of PwC’s first uses of this data lake was a program to help companies uncover risks from their vendors and suppliers. Companies can violate laws, harm their reputations, suffer fraud, and risk their proprietary information by doing business with the wrong vendor. 

Today’s complex global supply chains mean companies may be several degrees removed from the source of this risk, which makes it hard to spot and mitigate. For example, a product made with outlawed child labor could be traded through several intermediaries before it reaches a retailer. 

PwC’s service helps companies recognize risk beyond their primary vendors and continue to monitor that risk over time as more information enters the data lake.

ERM Case Study: Financial Services

As analytics have become a pillar of forecasting and risk management for banks and other financial institutions, a new risk has emerged: model risk . This refers to the risk that machine-learning models will lead users to an unreliable understanding of risk or have unintended consequences.

For example, a 6 percent drop in the value of the British pound over the course of a few minutes in 2016 stemmed from currency trading algorithms that spiralled into a negative loop. A Twitter-reading program began an automated selling of the pound after comments by a French official, and other selling algorithms kicked in once the currency dropped below a certain level.

U.S. banking regulators are so concerned about model risk that the Federal Reserve set up a model validation council in 2012 to assess the models that banks use in running risk simulations for capital adequacy requirements. Regulators in Europe and elsewhere also require model validation.

A form of managing risk from a risk-management tool, model validation is an effort to reduce risk from machine learning. The technology-driven rise in modeling capacity has caused such models to proliferate, and banks can use hundreds of models to assess different risks. 

Model risk management can reduce rising costs for modeling by an estimated 20 to 30 percent by building a validation workflow, prioritizing models that are most important to business decisions, and implementing automation for testing and other tasks, according to McKinsey.

Streamline Your Enterprise Risk Management Efforts with Real-Time Work Management in Smartsheet

Empower your people to go above and beyond with a flexible platform designed to match the needs of your team — and adapt as those needs change. 

The Smartsheet platform makes it easy to plan, capture, manage, and report on work from anywhere, helping your team be more effective and get more done. Report on key metrics and get real-time visibility into work as it happens with roll-up reports, dashboards, and automated workflows built to keep your team connected and informed. 

When teams have clarity into the work getting done, there’s no telling how much more they can accomplish in the same amount of time.  Try Smartsheet for free, today.

Discover why over 90% of Fortune 100 companies trust Smartsheet to get work done.

• Case Interview: A comprehensive guide
• Pyramid Principle
• Hypothesis driven structure
• Fit Interview
• Consulting math
• The key to landing your consulting job
• What is a case interview?
• Types of case interview
• How to solve cases with the Problem-Driven Structure?
• What to remember in case interviews
• Case examples or building blocks?
• How do I prepare for case interviews
• Interview day tips
• How we can help

1. The key to landing your consulting job.

Case interviews - where you are asked to solve a business case study under scrutiny - are the core of the selection process right across McKinsey, Bain and BCG (the “MBB” firms). This interview format is also used pretty much universally across other high-end consultancies; including LEK, Kearney, Oliver Wyman and the consulting wings of the “Big Four”.

If you want to land a job at any of these firms, you will have to ace multiple case interviews.

It is increasingly likely that you will also have to solve online cases given by chatbots. You might need to pass these either before making it to interview or be asked to sit them alongside first round interviews.

Importantly, case studies aren’t something you can just wing . Firms explicitly expect you to have thoroughly prepared and many of your competitors on interview day will have been prepping for months.

Don’t worry though - MCC is here to help!

This article will take you through a full overview of everything you’ll need to know to do well, linking to more detailed articles and resources at each stage to let you really drill down into the details.

As well as traditional case interviews, we’ll also attend to the new formats in which cases are being delivered and otherwise make sure you’re up to speed with recent trends in this overall part of consulting recruitment.

Before we can figure out how to prepare for a case interview, though, we will first have to properly understand in detail what exactly you are up against. What format does a standard consulting case interview take? What is expected of you? How will you be assessed?

Let's dive right in and find out!

Professional help

Before going further, if this sounds like a lot to get your head around on your own, don't worry - help is available!

Our Case Academy course gives you everything you need to know to crack cases like a pro:

Case Academy Course

To put what you learn into practice (and secure some savings in the process) you can add mock interview coaching sessions with expereinced MBB consultants:

Coaching options

And, if you just want an experienced consultant to take charge of the whole selection process for you, you can check out our comprehensive mentoring programmes:

Explore mentoring

Now, back to the article!

2. What is a case interview?

Before we can hope to tackle a case interview, we have to understand what one is.

In short, a case interview simulates real consulting work by having you solve a business case study in conversation with your interviewer.

This case study will be a business problem where you have to advise a client - that is, an imaginary business or similar organisation in need of guidance.

You must help this client solve a problem and/or make a decision. This requires you to analyse the information you are given about that client organisation and figure out a final recommendation for what they should do next.

Business problems in general obviously vary in difficulty. Some are quite straightforward and can be addressed with fairly standard solutions. However, consulting firms exist precisely to solve the tough issues that businesses have failed to deal with internally - and so consultants will typically work on complex, idiosyncratic problems requiring novel solutions.

Some examples of case study questions might be:

• How much would you pay for a banking licence in Ghana?
• Estimate the potential value of the electric vehicle market in Germany
• How much gas storage capacity should a UK domestic energy supplier build?

Consulting firms need the brightest minds they can find to put to work on these important, difficult projects. You can expect the case studies you have to solve in interview, then, to echo the unique, complicated problems consultancies deal with every day. As we’ll explain here, this means that you need to be ready to think outside the box to figure out genuinely novel solutions.

2.1. Where are case interviews in the consulting selection process?

Not everyone who applies to a consulting firm will have a case interview - far from it!

In fact, case interviews are pretty expensive and inconvenient for firms to host, requiring them to take consultants off active projects and even fly them back to the office from location for in-person interviews (although this happens less frequently now). Ideally, firms want to cut costs and save time by narrowing down the candidate pool as much as possible before any live interviews.

As such, there are some hoops to jump through before you make it to interview rounds.

Firms will typically eliminate as much as 80% of the applicant pool before interviews start . For most firms, 50%+ of applicants might be cut based on resumes, before a similar cut is made on those remaining based on aptitude tests. McKinsey currently gives their Solve assessment to most applicants, but will use their resulting test scores alongside resumes to cut 70%+ of the candidate pool before interviews.

You'll need to be on top of your game to get as far as a case interview with a top firm. Getting through the resume screen and any aptitude tests is an achievement in itself! Also we need to note that the general timeline of an application can differ depending on a series of factors, including which position you apply, your background, and the office you are applying to. For example, an undergraduate applying for a Business Analyst position (the entry level job at McKinsey) will most likely be part of a recruitment cycle and as such have pretty fixed dates when they need to sit the pre-screening test, and have the first and second round interviews (see more on those below). Conversely, an experienced hire will most likely have a much greater choice of test and interview dates as well as more time at their disposal to prepare.

For readers not yet embroiled in the selection process themselves, let’s put case interviews in context and take a quick look at each stage in turn. Importantly, note that you might also be asked to solve case studies outside interviews as well…

2.1.1. Application screen

It’s sometimes easy to forget that such a large cut is made at the application stage. At larger firms, this will mean your resume and cover letter is looked at by some combination of AI tools, recruitment staff and junior consulting staff (often someone from your own university).

Only the best applications will be passed to later stages, so make sure to check out our free resume and cover letter guides, and potentially get help with editing , to give yourself the best chance possible.

2.1.2. Aptitude tests and online cases

This part of the selection process has been changing quickly in recent years and is increasingly beginning to blur into the traditionally separate case interview rounds.

In the past, GMAT or PST style tests were the norm. Firms then used increasingly sophisticated and often gamified aptitude tests, like the Pymetrics test currently used by several firms, including BCG and Bain, and the original version of McKinsey’s Solve assessment (then branded as the Problem Solving Game).

Now, though, there is a move towards delivering relatively sophisticated case studies online. For example, McKinsey has replaced half the old Solve assessment with an online case. BCG’s Casey chatbot case now directly replaces a live first round case interview, and in the new era of AI chatbots, we expect these online cases to quickly become more realistic and increasingly start to relieve firms of some of the costs of live case interviews.

Our consultants collectively reckon that, over time, 50% of case interviews are likely to be replaced with these kinds of cases . We give some specific advice for online cases in section six. However, the important thing to note is that these are still just simulations of traditional case interviews - you still need to learn how to solve cases in precisely the same way, and your prep will largely remain the same.

2.1.3. Rounds of Interviews

Now, let’s not go overboard with talk of AI. Even in the long term, the client facing nature of consulting means that firms will have live case interviews for as long as they are hiring anyone. And in the immediate term, case interviews are still absolutely the core of consulting selection.

Before landing an offer at McKinsey, Bain, BCG or any similar firm, you won’t just have one case interview, but will have to complete four to six case interviews, usually divided into two rounds, with each interview lasting approximately 50-60 minutes .

Being invited to first round usually means two or three case interviews. As noted above, you might also be asked to complete an online case or similar alongside your first round interviews.

If you ace first round, you will be invited to second round to face the same again, but more gruelling. Only then - after up to six case interviews in total, can you hope to receive an offer.

2.2. Differences between first and second round interviews

Despite case interviews in the first and second round following the same format, second/final round interviews will be significantly more intense . The seniority of the interviewer, time pressure (with up to three interviews back-to-back), and the sheer value of the job at stake will likely make a second round consulting case interview one of the most challenging moments of your professional life.

There are three key differences between the two rounds:

• Time Pressure : Final round case interviews test your ability to perform under pressure, with as many as three interviews in a row and often only very small breaks between them.
• Focus : Since second round interviewers tend to be more senior (usually partners with 12+ years experience) and will be more interested in your personality and ability to handle challenges independently. Some partners will drill down into your experiences and achievements to the extreme. They want to understand how you react to challenges and your ability to identify and learn from past mistakes.
• Psychological Pressure: While case interviews in the first round are usually more focused on you simply cracking the case, second round interviewers often employ a "bad cop" strategy to test the way you react to challenges and uncertainty.

2.3. What skills do case interviews assess?

Reliably impressing your interviewers means knowing what they are looking for. This means understanding the skills you are being assessed against in some detail.

Overall, it’s important always to remember that, with case studies, there are no strict right or wrong answers. What really matters is how you think problems through, how confident you are with your conclusions and how quick you are with the back of the envelope arithmetic.

The objective of this kind of interview isn’t to get to one particular solution, but to assess your skillset. This is even true of modern online cases, where sophisticated AI algorithms score how you work as well as the solutions you generate.

If you visit McKinsey , Bain and BCG web pages on case interviews, you will find that the three firms look for very similar traits, and the same will be true of other top consultancies.

Broadly speaking, your interviewer will be evaluating you across five key areas:

2.1.1.One: Probing mind

Showing intellectual curiosity by asking relevant and insightful questions that demonstrate critical thinking and a proactive nature. For instance, if we are told that revenues for a leading supermarket chain have been declining over the last ten years, a successful candidate would ask:

“ We know revenues have declined. This could be due to price or volume. Do we know how they changed over the same period? ”

This is as opposed to a laundry list of questions like:

• Did customers change their preferences?
• Which segment has shown the decline in volume?
• Is there a price war in the industry?

2.1.2. Structure

Structure in this context means structuring a problem. This, in turn, means creating a framework - that is, a series of clear, sequential steps in order to get to a solution.

As with the case interview in general, the focus with case study structures isn’t on reaching a solution, but on how you get there.

This is the trickiest part of the case interview and the single most common reason candidates fail.

We discuss how to properly structure a case in more detail in section three. In terms of what your interviewer is looking for at high level, though, key pieces of your structure should be:

• Proper understanding of the objective of the case - Ask yourself: "What is the single crucial piece of advice that the client absolutely needs?"
• Identification of the drivers - Ask yourself: "What are the key forces that play a role in defining the outcome?"

Our Problem Driven Structure method, discussed in section three, bakes this approach in at a fundamental level. This is as opposed to the framework-based approach you will find in older case-solving

Focus on going through memorised sequences of steps too-often means failing to develop a full understanding of the case and the real key drivers.

At this link, we run through a case to illustrate the difference between a standard framework-based approach and our Problem Driven Structure method.

2.1.3. Problem Solving

You’ll be tested on your ability to identify problems and drivers, isolate causes and effects, demonstrate creativity and prioritise issues. In particular, the interviewer will look for the following skills:

• Prioritisation - Can you distinguish relevant and irrelevant facts?
• Connecting the dots - Can you connect new facts and evidence to the big picture?
• Establishing conclusions - Can you establish correct conclusions without rushing to inferences not supported by evidence?

2.1.4. Numerical Agility

In case interviews, you are expected to be quick and confident with both precise and approximated numbers. This translates to:

• Performing simple calculations quickly - Essential to solve cases quickly and impress clients with quick estimates and preliminary conclusions.
• Analysing data - Extract data from graphs and charts, elaborate and draw insightful conclusions.
• Solving business problems - Translate a real world case to a mathematical problem and solve it.

Our article on consulting math is a great resource here, though the extensive math content in our MCC Academy is the best and most comprehensive material available.

2.1.5. Communication

Real consulting work isn’t just about the raw analysis to come up with a recommendation - this then needs to be sold to the client as the right course of action.

Similarly, in a case interview, you must be able to turn your answer into a compelling recommendation. This is just as essential to impressing your interviewer as your structure and analysis.

Consultants already comment on how difficult it is to find candidates with the right communication skills. Add to this the current direction of travel, where AI will be able to automate more and more of the routine analytic side of consulting, and communication becomes a bigger and bigger part of what consultants are being paid for.

So, how do you make sure that your recommendations are relevant, smart, and engaging? The answer is to master what is known as CEO-level communication .

This art of speaking like a CEO can be quite challenging, as it often involves presenting information in effectively the opposite way to how you might normally.

To get it right, there are three key areas to focus on in your communications:

• Top down : A CEO wants to hear the key message first. They will only ask for more details if they think that will actually be useful. Always consider what is absolutely critical for the CEO to know, and start with that. You can read more in our article on the Pyramid Principle .
• Concise : This is not the time for "boiling the ocean" or listing an endless number possible solutions. CEOs, and thus consultants, want a structured, quick and concise recommendation for their business problem, that they can implement immediately.
• Fact-based : Consultants share CEOs' hatred of opinions based on gut feel rather than facts. They want recommendations based on facts to make sure they are actually in control. Always go on to back up your conclusions with the relevant facts.

Being concise and to the point is key in many areas, networking being one for them. For more detail on all this, check out our full article on delivering recommendations .

Prep the right way

3. types of case interview.

While most case interviews share a similar structure, firms will have some differences in the particular ways they like to do things in terms of both the case study and the fit component.

As we’ll see, these differences aren’t hugely impactful in terms of how you prepare. That said, it's always good to know as much as possible about what you will be going up against.

3.1. Different case objectives

A guiding thread throughout this article and our approach in general will be to treat each case as a self-contained problem and not try to pigeonhole it into a certain category. Having said that, there are of course similarities between cases and we can identify certain parameters and objectives.

Broadly speaking, cases can be divided into issue-based cases and strategic decision cases. In the former you will be asked to solve a certain issue, such as declining profits, or low productivity whereas in the latter you will be ask whether your client should or should not do something, such as enter a specific market or acquire another company. The chart below is a good breakdown of these different objectives:

3.2. How do interviewers craft cases

While interviewers will very likely be given a case bank to choose from by their company, a good number of them will also choose to adapt the cases they would currently be working on to a case interview setting. The difference is that the latter cases will be harder to pigeonhole and apply standard frameworks to, so a tailored approach will be paramount.

If you’ve applied for a specific practice or type of consulting - such as operational consulting, for example - it’s very likely that you will receive a case geared towards that particular area alongside a ‘generalist’ consulting case (however, if that’s the case, you will generally be notified). The other main distinction when it comes to case interviews is between interviewer-led and candidate-led.

3.3. Candidate-led cases

Most consulting case interview questions test your ability to crack a broad problem, with a case prompt often going something like:

" How much would you pay to secure the rights to run a restaurant in the British Museum? "

You, as a candidate, are then expected to identify your path to solve the case (that is, provide a structure), leveraging your interviewer to collect the data and test your assumptions.

This is known as a “candidate-led” case interview and is used by Bain, BCG and other firms. From a structuring perspective, it’s easier to lose direction in a candidate-led case as there are no sign-posts along the way. As such, you need to come up with an approach that is both broad enough to cover all of the potential drivers in a case but also tailored enough to the problem you are asked to solve. It’s also up to you to figure out when you need to delve deeper into a certain branch of the case, brainstorm or ask for data. The following case from Bain is an excellent example on how to navigate a candidate-led case.

3.4. Interviewer-led cases

This type of case - employed most famously by McKinsey - is slightly different, with the interviewer controlling the pace and direction of the conversation much more than with other case interviews.

At McKinsey, your interviewer will ask you a set of pre-determined questions, regardless of your initial structure. For each question, you will have to understand the problem, come up with a mini structure, ask for additional data (if necessary) and come to the conclusion that answers the question. This more structured format of case also shows up in online cases by other firms - notably including BCG’s Casey chatbot (with the amusing result that practising McKinsey-style cases can be a great addition when prepping for BCG).

Essentially, these interviewer-led case studies are large cases made up of lots of mini-cases. You still use basically the same method as you would for standard (or candidate-led) cases - the main difference is simply that, instead of using that method to solve one big case, you are solving several mini-cases sequentially. These cases are easier to follow as the interviewer will guide you in the right direction. However, this doesn’t mean you should pay less attention to structure and deliver a generic framework! Also, usually (but not always!) the first question will ask you to map your approach and is the equivalent of the structuring question in candidate-led cases. Sometimes, if you’re missing key elements, the interviewer might prompt you in the right direction - so make sure to take those prompts seriously as they are there to help you get back on track (ask for 30 seconds to think on the prompt and structure your approach). Other times - and this is a less fortunate scenario - the interviewer might say nothing and simply move on to the next question. This is why you should put just as much thought (if not more) into the framework you build for interviewer-led cases , as you may be penalized if you produce something too generic or that doesn’t encompass all the issues of the case.

3.5. Case and fit

The standard case interview can be thought of as splitting into two standalone sub-interviews. Thus “case interviews” can be divided into the case study itself and a “fit interview” section, where culture fit questions are asked.

This can lead to a bit of confusion, as the actual case interview component might take up as little as half of your scheduled “case interview”. You need to make sure you are ready for both aspects.

To illustrate, here is the typical case interview timeline:

• First 15-30 minutes: Fit Interview - with questions assessing your motivation to be a consultant in that specific firm and your traits around leadership and teamwork. Learn more about the fit interview in our in-depth article here .
• Next 30-40 minutes: Case Interview - solving a case study
• Last 5 minutes: Fit Interview again - this time focussing on your questions for your interviewer.

Both the Case and Fit interviews play crucial roles in the finial hiring decision. There is no “average” taken between case and fit interviews: if your performance is not up to scratch in either of the two, you will not be able to move on to the next interview round or get an offer.

NB: No case without fit

Note that, even if you have only been told you are having a case interview or otherwise are just doing a case study, always be prepared to answer fit questions. At most firms, it is standard practice to include some fit questions in all case interviews, even if there are also separate explicit fit interviews, and interviewers will almost invariably include some of these questions around your case. This is perfectly natural - imagine how odd and artificial it would be to show up to an interview, simply do a case and leave again, without talking about anything else with the interviewer before or after.

3.5.1 Differences between firms

For the most part, a case interview is a case interview. However, firms will have some differences in the particular ways they like to do things in terms of both the case study and the fit component.

3.5.2. The McKinsey PEI

McKinsey brands its fit aspect of interviews as the Personal Experience Interview or PEI. Despite the different name, this is really much the same interview you will be going up against in Bain, BCG and any similar firms.

McKinsey does have a reputation for pushing candidates a little harder with fit or PEI questions , focusing on one story per interview and drilling down further into the specific details each time. We discuss this tendency more in our fit interview article . However, no top end firm is going to go easy on you and you should absolutely be ready for the same level of grilling at Bain, BCG and others. Thus any difference isn’t hugely salient in terms of prep.

3.6. What is different in 2023?

For the foreseeable future, you are going to have to go through multiple live case interviews to secure any decent consulting job. These might increasingly happen via Zoom rather than in person, but they should remain largely the same otherwise.

However, things are changing and the rise of AI in recent months seems pretty much guaranteed to accelerate existing trends.

Even before the explosive development of AI chatbots like ChatGPT we have seen in recent months, automation was already starting to change the recruitment process.

As we mentioned, case interviews are expensive and inconvenient for firms to run . Ideally, then, firms will try to reduce the number of interviews required for recruitment as far as possible. For many years, tests of various kinds served to cut down the applicant pool and thus the number of interviews. However, these tests had a limited capacity to assess candidates against the full consulting skillset in the way that case interviews do so well.

More recently, though, the development of online testing has allowed for more and more advanced assessments. Top consulting firms have been leveraging screening tests that better and better capture the same skillset as case interviews. Eventually this is converging on automated case studies. We see this very clearly with the addition of the Redrock case to McKinsey’s Solve assessment.

As these digital cases become closer to the real thing, the line between test and case interview blurs. Online cases don’t just reduce the number of candidates to case interview, but start directly replacing them.

Case in point here is BCG’s Casey chatbot . Previously, BCG had deployed less advanced online cases and similar tests to weed out some candidates before live case interviews began. Now, though, Casey actually replaces one first round case interview.

Casey, at time of writing, is still a relatively “basic” chatbot, basically running through a pre-set script. The Whatsapp-like interface does a lot of work to make it feel like one is chatting to a “real person” - the chatbot itself, though, cannot provide feedback or nudges to candidates as would a human interviewer.

We fully expect that, as soon as BCG and other firms can train a truer AI, these online cases will become more widespread and start replacing more live interviews.

We discuss the likely impacts of advanced AI on consulting recruitment and the industry more broadly in our blog.

Here, though, the real message is that you should expect to run into digital cases as well as traditional case interviews.

Luckily, despite any changes in specific case interview format, you will still need to master the same fundamental skills and prepare in much the same way.

We’ll cover a few ways to help prepare for chatbot cases in section four. Ultimately, though, firms are looking for the same problem solving ability and mindset as a real interviewer. Especially as chatbots get better at mimicking a real interviewer, candidates who are well prepared for case cracking in general should have no problem with AI administered cases.

3.6.1. Automated fit interviews

Analogous to online cases, in recent years there has been a trend towards automated, “one way” fit interviews, with these typically being administered for consultancies by specialist contractors like HireVue or SparkHire.

These are kind of like Zoom interviews, but if the interviewer didn’t show up. Instead you will be given fit questions to answer and must record your answer in your computer webcam. Your response will then go on to be assessed by an algorithm, scoring both what you say and how you say it.

Again, with advances in AI, it is easy to imagine these automated case interviews going from fully scripted interactions, where all candidates are asked the same list of questions, to a more interactive experience. Thus, we might soon arrive at a point where you are being grilled on the details of your stories - McKinsey PEI style - but by a bot rather than a human.

We include some tips on this kind of “one way” fit interview in section six here.

4. How to solve cases with the Problem-Driven Structure?

If you look around online for material on how to solve case studies, a lot of what you find will set out framework-based approaches. However, as we have mentioned, these frameworks tend to break down with more complex, unique cases - with these being exactly the kind of tough case studies you can expect to be given in your case interviews.

To address this problem, the MyConsultingCoach team has synthesized a new approach to case cracking that replicates how top management consultants approach actual engagements.

MyConsultingCoach’s Problem Driven Structure approach is a universal problem solving method that can be applied to any business problem , irrespective of its nature.

As opposed to just selecting a generic framework for each case interview, the Problem Driven Structure approach works by generating a bespoke structure for each individual question and is a simplified version of the roadmap McKinsey consultants use when working on engagements.

The canonical seven steps from McKinsey on real projects are simplified to four for case interview questions, as the analysis required for a six-month engagement is somewhat less than that needed for a 45-minute case study. However, the underlying flow is the same (see the method in action in the video below)

Let's zoom in to see how our method actually works in more detail:

4.1. Identify the problem

Identifying the problem means properly understanding the prompt/question you are given, so you get to the actual point of the case.

This might sound simple, but cases are often very tricky, and many candidates irretrievably mess things up within the first few minutes of starting. Often, they won’t notice this has happened until they are getting to the end of their analysis. Then, they suddenly realise that they have misunderstood the case prompt - and have effectively been answering the wrong question all along!

With no time to go back and start again, there is nothing to do. Even if there were time, making such a silly mistake early on will make a terrible impression on their interviewer, who might well have written them off already. The interview is scuppered and all the candidate’s preparation has been for nothing.

This error is so galling as it is so readily avoidable.

Our method prevents this problem by placing huge emphasis on a full understanding of the case prompt. This lays the foundations for success as, once we have identified the fundamental, underlying problem our client is facing, we focus our whole analysis around finding solutions to this specific issue.

Now, some case interview prompts are easy to digest. For example, “Our client, a supermarket, has seen a decline in profits. How can we bring them up?”. However, many of the prompts given in interviews for top firms are much more difficult and might refer to unfamiliar business areas or industries. For example, “How much would you pay for a banking license in Ghana?” or “What would be your key areas of concern be when setting up an NGO?”

Don’t worry if you have no idea how you might go about tackling some of these prompts!

In our article on identifying the problem and in our full lesson on the subject in our MCC Academy course, we teach a systematic, four step approach to identifying the problem , as well as running through common errors to ensure you start off on the right foot every time!

This is summarised here:

Following this method lets you excel where your competitors mess up and get off to a great start in impressing your interviewer!

4.2. Build your problem driven structure

After you have properly understood the problem, the next step is to successfully crack a case is to draw up a bespoke structure that captures all the unique features of the case.

This is what will guide your analysis through the rest of the case study and is precisely the same method used by real consultants working on real engagements.

Of course, it might be easier here to simply roll out one an old-fashioned framework, and a lot of candidates will do so. This is likely to be faster at this stage and requires a lot less thought than our problem-driven structure approach.

However, whilst our problem driven structure approach requires more work from you, our method has the advantage of actually working in the kind of complex case studies where generic frameworks fail - that is exactly the kind of cases you can expect at an MBB interview .

Since we effectively start from first principles every time, we can tackle any case with the same overarching method. Simple or complex, every case is the same to you and you don’t have to gamble a job on whether a framework will actually work

4.2.1 Issue trees

Issue trees break down the overall problem into a set of smaller problems that you can then solve individually. Representing this on a diagram also makes it easy for both you and your interviewer to keep track of your analysis.

To see how this is done, let’s look at the issue tree below breaking down the revenues of an airline:

These revenues can be segmented as the number of customers multiplied by the average ticket price. The number of customers can be further broken down into a number of flights multiplied by the number of seats, times average occupancy rate. The node corresponding to the average ticket price can then be segmented further.

4.2.2 Hypothesis trees

Hypothesis trees are similar, the only difference being that rather than just trying to break up the issue into smaller issues you are assuming that the problem can be solved and you are formulating solutions.

In the example above, you would assume revenues can be increased by either increasing the average ticket price or the number of customers . You can then hypothesize that you can increase the average occupancy rate in three ways: align the schedule of short and long haul flights, run a promotion to boost occupancy in off-peak times, or offer early bird discounts.

4.2.3 Other structures:structured lists

Structured lists are simply subcategories of a problem into which you can fit similar elements. This McKinsey case answer starts off by identifying several buckets such as retailer response, competitor response, current capabilities and brand image and then proceeds to consider what could fit into these categories.

Buckets can be a good way to start the structure of a complex case but when using them it can be very difficult to be MECE and consistent, so you should always aim to then re-organize them into either an issue or a hypothesis tree.

It is worth noting that the same problem can be structured in multiple valid ways by choosing different means to segment the key issues. Ultimately all these lists are methods to set out a logical hierachy among elements.

4.2.4 Structures in practice

That said, not all valid structures are equally useful in solving the underlying problem. A good structure fulfils several requirements - including MECE-ness , level consistency, materiality, simplicity, and actionability. It’s important to put in the time to master segmentation, so you can choose a scheme isn’t only valid, but actually useful in addressing the problem.

After taking the effort to identify the problem properly, an advantage of our method is that it will help ensure you stay focused on that same fundamental problem throughout. This might not sound like much, but many candidates end up getting lost in their own analysis, veering off on huge tangents and returning with an answer to a question they weren’t asked.

Another frequent issue - particularly with certain frameworks - is that candidates finish their analysis and, even if they have successfully stuck to the initial question, they have not actually reached a definite solution. Instead, they might simply have generated a laundry list of pros and cons, with no clear single recommendation for action.

Clients employ consultants for actionable answers, and this is what is expected in the case interview. The problem driven structure excels in ensuring that everything you do is clearly related back to the key question in a way that will generate a definitive answer. Thus, the problem driven structure builds in the hypothesis driven approach so characteristic of real consulting practice.

You can learn how to set out your own problem driven structures in our article here and in our full lesson in the MCC Academy course.

4.2. Lead the analysis

A problem driven structure might ensure we reach a proper solution eventually, but how do we actually get there?

We call this step " leading the analysis ", and it is the process whereby you systematically navigate through your structure, identifying the key factors driving the issue you are addressing.

Generally, this will mean continuing to grow your tree diagram, further segmenting what you identify as the most salient end nodes and thus drilling down into the most crucial factors causing the client’s central problem.

Once you have gotten right down into the detail of what is actually causing the company’s issues, solutions can then be generated quite straightforwardly.

To see this process in action, we can return to our airline revenue example:

Let’s say we discover the average ticket price to be a key issue in the airline’s problems. Looking closer at the drivers of average ticket price, we find that the problem lies with economy class ticket prices. We can then further segment that price into the base fare and additional items such as food.

Having broken down the issue to such a fine-grained level and considering the 80/20 rule(see below), solutions occur quite naturally. In this case, we can suggest incentivising the crew to increase onboard sales, improving assortment in the plane, or offering discounts for online purchases.

Our article on leading the analysis is a great primer on the subject, with our video lesson in the MCC Academy providing the most comprehensive guide available.

4.4. Provide recommendations

So you have a solution - but you aren’t finished yet!

Now, you need to deliver your solution as a final recommendation.

This should be done as if you are briefing a busy CEO and thus should be a one minute, top-down, concise, structured, clear, and fact-based account of your findings.

The brevity of the final recommendation belies its importance. In real life consulting, the recommendation is what the client has potentially paid millions for - from their point of view, it is the only thing that matters.

In a case interview, your performance in this final summing up of your case is going to significantly colour your interviewer’s parting impression of you - and thus your chances of getting hired!

So, how do we do it right?

Barbara Minto's Pyramid Principle elegantly sums up almost everything required for a perfect recommendation. The answer comes first , as this is what is most important. This is then supported by a few key arguments , which are in turn buttressed by supporting facts .

Across the whole recommendation, the goal isn’t to just summarise what you have done. Instead, you are aiming to synthesize your findings to extract the key "so what?" insight that is useful to the client going forward.

All this might seem like common sense, but it is actually the opposite of how we relay results in academia and other fields. There, we typically move from data, through arguments and eventually to conclusions. As such, making good recommendations is a skill that takes practice to master.

We can see the Pyramid Principle illustrated in the diagram below:

To supplement the basic Pyramid Principle scheme, we suggest candidates add a few brief remarks on potential risks and suggested next steps . This helps demonstrate the ability for critical self-reflection and lets your interviewer see you going the extra mile.

The combination of logical rigour and communication skills that is so definitive of consulting is particularly on display in the final recommendation.

Despite it only lasting 60 seconds, you will need to leverage a full set of key consulting skills to deliver a really excellent recommendation and leave your interviewer with a good final impression of your case solving abilities.

Our specific article on final recommendations and the specific video lesson on the same topic within our MCC Academy are great, comprehensive resources. Beyond those, our lesson on consulting thinking and our articles on MECE and the Pyramid Principle are also very useful.

4.5. What if I get stuck?

Naturally with case interviews being difficult problems there may be times where you’re unsure what to do or which direction to take. The most common scenario is that you will get stuck midway through the case and there are essentially two things that you should do:

• 1. Go back to your structure
• 2. Ask the interviewer for clarification

Your structure should always be your best friend - after all, this is why you put so much thought and effort into it: if it’s MECE it will point you in the right direction. This may seem abstract but let’s take the very simple example of a profitability case interview: if you’ve started your analysis by segmenting profit into revenue minus costs and you’ve seen that the cost side of the analysis is leading you nowhere, you can be certain that the declining profit is due to a decline in revenue.

Similarly, when you’re stuck on the quantitative section of the case interview, make sure that your framework for calculations is set up correctly (you can confirm this with the interviewer) and see what it is you’re trying to solve for: for example if you’re trying to find what price the client should sell their new t-shirt in order to break even on their investment, you should realize that what you’re trying to find is the break even point, so you can start by calculating either the costs or the revenues. You have all the data for the costs side and you know they’re trying to sell 10.000 pairs so you can simply set up the equation with x being the price.

As we’ve emphasised on several occasions, your case interview will be a dialogue. As such, if you don’t know what to do next or don’t understand something, make sure to ask the interviewer (and as a general rule always follow their prompts as they are trying to help, not trick you). This is especially true for the quantitative questions, where you should really understand what data you’re looking at before you jump into any calculations. Ideally you should ask your questions before you take time to formulate your approach but don’t be afraid to ask for further clarification if you really can’t make sense of what’s going on. It’s always good to walk your interviewer through your approach before you start doing the calculations and it’s no mistake to make sure that you both have the same understanding of the data. For example when confronted with the chart below, you might ask what GW (in this case gigawatt) means from the get-go and ask to confirm the different metrics (i.e. whether 1 GW = 1000 megawatts). You will never be penalised for asking a question like that.

5. What to remember in case interviews

If you’re new to case cracking you might feel a bit hopeless when you see a difficult case question, not having any idea where to start.

In fact though, cracking case interviews is much like playing chess. The rules you need to know to get started are actually pretty simple. What will make you really proficient is time and practice.

In this section, we’ll run through a high level overview of everything you need to know, linking to more detailed resources at every step.

5.1. An overall clear structure

You will probably hear this more than you care for but it is the most important thing to keep in mind as you start solving cases, as not only it is a key evaluation criterion but the greatest tool you will have at your disposal. The ability to build a clear structure in all aspects of the case inteview will be the difference between breezing through a complicated case and struggling at its every step. Let’s look a bit closer at the key areas where you should be structured!

5.1.1 Structured notes

Every case interview starts with a prompt, usually verbal, and as such you will have to take some notes. And here is where your foray into structure begins, as the notes you take should be clear, concise and structured in a way that will allow you to repeat the case back to the interviewer without writing down any unnecessary information.

This may sound very basic but you should absolutely not be dismissive about it: taking clear and organized notes will allow what we found helps is to have separate sections for:

• The case brief
• Follow-up questions and answers
• Numerical data
• Case structure (the most crucial part when solving the case)
• Any scrap work during the case (usually calculations)

When solving the case - or, as we call it here, in the Lead the analysis step, it is highly recommended to keep on feeding and integrating your structure, so that you never get lost. Maintaining a clear high level view is one of the most critical aspects in case interviews as it is a key skill in consulting: by constantly keeping track of where you are following your structure, you’ll never lose your focus on the end goal.

In the case of an interviewer-led case, you can also have separate sheets for each question (e.g. Question 1. What factors can we look at that drive profitability?). If you develop a system like this you’ll know exactly where to look for each point of data rather than rummage around in untidy notes. There are a couple more sections that you may have, depending on preference - we’ll get to these in the next sections.

5.1.2 Structured communication

There will be three main types of communication in cases:

• 1. Asking and answering questions
• 2. Walking the interviewer through your structure (either the case or calculation framework - we’ll get to that in a bit!)
• 3. Delivering your recommendation

Asking and answering questions will be the most common of these and the key thing to do before you speak is ask for some time to collect your thoughts and get organised. What you want to avoid is a ‘laundry list’ of questions or anything that sounds too much like a stream of consciousness.

Different systems work for different candidates but a sure-fire way of being organised is numbering your questions and answers. So rather than saying something like ‘I would like to ask about the business model, operational capacity and customer personas’ it’s much better to break it down and say something along the lines of ‘I’ve got three key questions. Firstly I would like to inquire into the business model of our client. Secondly I would like to ask about their operational capacity. Thirdly I would like to know more about the different customer personas they are serving’.

A similar principle should be applied when walking the interviewer through your structure, and this is especially true of online case interviews (more and more frequent now) when the interviewer can’t see your notes. Even if you have your branches or buckets clearly defined, you should still use a numbering system to make it obvious to the interviewer. So, for example, when asked to identify whether a company should make an acquisition, you might say ‘I would like to examine the following key areas. Firstly the financial aspects of this issue, secondly the synergies and thirdly the client’s expertise’

The recommendation should be delivered top-down (see section 4.4 for specifics) and should employ the same numbering principle. To do so in a speedy manner, you should circle or mark the key facts that you encounter throughout the case so you can easily pull them out at the end.

5.1.3 Structured framework

It’s very important that you have a systematic approach - or framework - for every case. Let’s get one thing straight: there is a difference between having a problem-solving framework for your case and trying to force a case into a predetermined framework. Doing the former is an absolute must , whilst doing the latter will most likely have you unceremoniously dismissed.

We have seen there are several ways of building a framework, from identifying several categories of issues (or ‘buckets’) to building an issue or hypothesis tree (which is the most efficient type of framework). For the purpose of organization, we recommend having a separate sheet for the framework of the case, or, if it’s too much to manage, you can have it on the same sheet as the initial case prompt. That way you’ll have all the details as well as your proposed solution in one place.

5.1.4 Structured calculations

Whether it’s interviewer or candidate-led, at some point in the case you will get a bunch of numerical data and you will have to perform some calculations (for the specifics of the math you’ll need on consulting interviews, have a look at our Consulting Math Guide ). Here’s where we urge you to take your time and not dive straight into calculating! And here’s why: while your numerical agility is sure to impress interviewers, what they’re actually looking for is your logic and the calculations you need to perform in order to solve the problem . So it’s ok if you make a small mistake, as long as you’re solving for the right thing.

As such, make it easy for them - and yourself. Before you start, write down in steps the calculations you need to perform. Here’s an example: let’s say you need to find out by how much profits will change if variable costs are reduced by 10%. Your approach should look something like:

• 1. Calculate current profits: Profits = Revenues - (Variable costs + Fixed costs)
• 2. Calculate the reduction in variable costs: Variable costs x 0.9
• 3. Calculate new profits: New profits = Revenues - (New variable costs + Fixed costs)

Of course, there may be more efficient ways to do that calculation, but what’s important - much like in the framework section - is to show your interviewer that you have a plan, in the form of a structured approach. You can write your plan on the sheet containing the data, then perform the calculations on a scrap sheet and fill in the results afterward.

5.2. Common business knowledge and formulas

Although some consulting firms claim they don’t evaluate candidates based on their business knowledge, familiarity with basic business concepts and formulae is very useful in terms of understanding the case studies you are given in the first instance and drawing inspiration for structuring and brainstorming.

If you are coming from a business undergrad, an MBA or are an experienced hire, you might well have this covered already. For those coming from a different background, it may be useful to cover some.

Luckily, you don’t need a degree-level understanding of business to crack case interviews , and a lot of the information you will pick up by osmosis as you read through articles like this and go through cases.

However, some things you will just need to sit down and learn. We cover everything you need to know in some detail in our Case Academy Course course. However, some examples here of things you need to learn are:

• Basic accounting (particularly how to understand all the elements of a balance sheet)
• Basic economics
• Basic marketing
• Basic strategy

Below we include a few elementary concepts and formulae so you can hit the ground running in solving cases. We should note that you should not memorise these and indeed a good portion of them can be worked out logically, but you should have at least some idea of what to expect as this will make you faster and will free up much of your mental computing power. In what follows we’ll tackle concepts that you will encounter in the private business sector as well as some situations that come up in cases that feature clients from the NGO or governmental sector.

5.2.1 Business sector concepts

These concepts are the bread and butter of almost any business case so you need to make sure you have them down. Naturally, there will be specificities and differences between cases but for the most part here is a breakdown of each of them.

5.2.1.1. Revenue

The revenue is the money that the company brings in and is usually equal to the number of products they sell multiplied to the price per item and can be expressed with the following equation:

Revenue = Volume x Price

Companies may have various sources of revenue or indeed multiple types of products, all priced differently which is something you will need to account for in your case interview. Let’s consider some situations. A clothing company such as Nike will derive most of their revenue from the number of products they sell times the average price per item. Conversely, for a retail bank revenue is measured as the volume of loans multiplied by the interest rate at which the loans are given out. As we’ll see below, we might consider primary revenues and ancillary revenues: in the case of a football club, we might calculate primary revenues by multiplying the number of tickets sold by the average ticket price, and ancillary revenues those coming from sales of merchandise (similarly, let’s say average t-shirt price times the number of t-shirts sold), tv rights and sponsorships.

These are but a few examples and another reminder that you should always aim to ask questions and understand the precise revenue structure of the companies you encounter in cases.

5.2.1.2. Costs

The costs are the expenses that a company incurs during its operations. Generally, they can be broken down into fixed and variable costs :

Costs = Fixed Costs + Variable Costs

As their name implies, fixed costs do not change based on the number of units produced or sold. For example, if you produce shoes and are renting the space for your factory, you will have to pay the rent regardless of whether you produce one pair or 100. On the other hand, variable costs depend on the level of activity, so in our shoe factory example they would be equivalent to the materials used to produce each pair of shoes and would increase the more we produce.

These concepts are of course guidelines used in order to simplify the analysis in cases, and you should be aware that in reality often the situation can be more complicated. However, this should be enough for case interviews. Costs can also be quasi-fixed, in that they increase marginally with volume. Take the example of a restaurant which has a regular staff, incurring a fixed cost but during very busy hours or periods they also employ some part-time workers. This cost is not exactly variable (as it doesn’t increase with the quantity of food produced) but also not entirely fixed, as the number of extra hands will depend on how busy the restaurant is. Fixed costs can also be non-linear in nature. Let’s consider the rent in the same restaurant: we would normally pay a fixed amount every month, but if the restaurant becomes very popular we might need to rent out some extra space so the cost will increase. Again, this is not always relevant for case interviews.

5.2.1.3. Profit and profit margin

The profit is the amount of money a company is left with after it has paid all of its expenses and can be expressed as follows:

Profit = Revenue - Costs

It’s very likely that you will encounter a profitability issue in one of your case interviews, namely you will be asked to increase a company’s profit. There are two main ways of doing this: increasing revenues and reducing costs , so these will be the two main areas you will have to investigate. This may seem simple but what you will really need to understand in a case are the key drivers of a business (and this should be done through clarifying questions to the interviewer - just as a real consultant would question their client).

For example, if your client is an airline you can assume that the main source of revenue is sales of tickets, but you should inquire how many types of ticket the specific airline sells. You may naturally consider economy and business class tickets, but you may find out that there is a more premium option - such as first class - and several in-between options. Similarly to our football club example, there may be ancillary revenues from selling of food and beverage as well as advertising certain products or services on flights.

You may also come across the profit margin in case interviews. This is simply the percentage of profit compared to the revenue and can be expressed as follows:

Profit margin = Profit/Revenue x 100

5.2.1.4. Break-even point

An ancillary concept to profit, the break-even point is the moment where revenues equal costs making the profit zero and can be expressed as the following equation:

Revenues = Costs (Fixed costs + Variable costs)

This formula will be useful when you are asked questions such as ‘What is the minimum price I should sell product X?’ or ‘What quantity do I need to sell in order to recoup my investment?’. Let’s say in a case interview an owner of a sandwich store asks us to figure out how many salami and cheese salami sandwiches she needs to sell in order to break even. She’s spending $4 on salami and $2 for cheese and lettuce per sandwich, and believes she can sell the sandwiches at around $7. The cost of utilities and personnel is around $5000 per month. We could lay this all out in the break-even equation:

7 x Q ( quantity ) = (4+2) x Q + 5000 ( variable + fixed costs )

In a different scenario, we may be asked to calculate the break-even price . Let’s consider our sandwich example and say our owner knows she has enough ingredients for about 5000 sandwiches per month but is not sure how much to sell them for. In that case, if we know our break-even equation, we can simply make the following changes:

P ( price ) x 5000 = (4+2) x 5000 + 5000

By solving the equation we get to the price of $7 per sandwich.

5.2.1.5. Market share and market size

We can also consider the market closely with profit, as in fact the company’s performance in the market is what drives profits. The market size is the total number of potential customers for a certain business or product, whereas the market share is the percentage of that market that your business controls (or could control, depending on the case).

There is a good chance you will have to estimate the market size in one of your case interviews and we get into more details on how to do that below. You may be asked to estimate this in either number of potential customers or total value . The latter simply refers to the number of customers multiplied by the average value of the product or service.

To calculate the market share you will have to divide the company’s share by the total market size and multiply by 100:

Note, though, that learning the very basics of business is the beginning rather than the end of your journey. Once you are able to “speak business” at a rudimentary level, you should try to “become fluent” and immerse yourself in reading/viewing/listening to as wide a variety of business material as possible, getting a feel for all kinds of companies and industries - and especially the kinds of problems that can come up in each context and how they are solved. The material put out by the consulting firms themselves is a great place to start, but you should also follow the business news and find out about different companies and sectors as much as possible between now and interviews. Remember, if you’re going to be a consultant, this should be fun rather than a chore!

5.3 Public sector and NGO concepts

As we mentioned, there will be some cases (see section 6.6 for a more detailed example) where the key performance indicators (or KPIs in short) will not be connected to profit. The most common ones will involve the government of a country or an NGO, but they can be way more diverse and require more thought and application of first principles. We have laid out a couple of the key concepts or KPIs that come up below

5.3.1 Quantifiability

In many such scenarios you will be asked to make an important strategic decision of some kind or to optimise a process. Of course these are not restricted to non-private sector cases but this is where they really come into their own as there can be great variation in the type of decision and the types of field.

While there may be no familiar business concepts to anchor yourself onto, a concept that is essential is quantifiability . This means, however qualitative the decision might seem, consultants rely on data so you should always aim to have aspects of a decision that can be quantified, even if the data doesn’t present itself in a straightforward manner.

Let’s take a practical example. Your younger sibling asks you to help them decide which university they should choose if they want to study engineering. One way to structure your approach would be to segment the problem into factors affecting your sibling’s experience at university and experience post-university. Within the ‘at uni’ category you might think about the following:

• Financials : How much are tuition costs and accommodation costs?
• Quality of teaching and research : How are possible universities ranked in the QS guide based on teaching and research?
• Quality of resources : How well stocked is their library, are the labs well equipped etc.?
• Subject ranking : How is engineering at different unis ranked?
• Life on campus and the city : What are the living costs in the city where the university is based? What are the extracurricular opportunities and would your sibling like to live in that specific city based on them?

Within the ‘out of uni’ category you might think about:

• Exit options : What are the fields in which your sibling could be employed and how long does it take the average student of that university to find a job?
• Alumni network : What percentage of alumni are employed by major companies?
• Signal : What percentage of applicants from the university get an interview in major engineering companies and related technical fields?

You will perhaps notice that all the buckets discussed pose quantifiable questions meant to provide us with data necessary to make a decision. It’s no point to ask ‘Which university has the nicest teaching staff?’ as that can be a very subjective metric.

5.3.1 Impact

Another key concept to consider when dealing with sectors other than the private one is how impactful a decision or a line of inquiry is on the overarching issue , or whether all our branches in our issue tree have a similar impact. This can often come in the form of impact on lives, such as in McKinsey’s conservation case discussed below, namely how many species can we save with our choice of habitat.

5.4 Common consulting concepts

Consultants use basic business concepts on an every day basis, as they help them articulate their frameworks to problems. However, they also use some consulting specific tools to quality check their analysis and perform in the most efficient way possible. These principles can be applied to all aspects of a consultant’s work, but for brevity we can say they mostly impact a consultant’s systematic approach and communication - two very important things that are also tested in case interviews. Therefore, it’s imperative that you not only get to know them, but learn how and when to use them as they are at the very core of good casing. They are MECE-ness, the Pareto Principle and the Pyramid principle and are explained briefly below - you should, however, go on to study them in-depth in their respective articles.

Perhaps the central pillar of all consulting work and an invaluable tool to solve cases, MECE stands for Mutually Exclusive and Collectively Exhaustive . It can refer to any and every aspect in a case but is most often used when talking about structure. We have a detailed article explaining the concept here , but the short version is that MECE-ness ensures that there is no overlap between elements of a structure (i.e. the Mutually Exclusive component) and that it covers all the drivers or areas of a problem (Collectively Exhaustive). It is a concept that can be applied to any segmentation when dividing a set into subsets that include it wholly but do not overlap.

Let’s take a simple example and then a case framework example. In simple terms, when we are asked to break down the set ‘cars’ into subsets, dividing cars into ‘red cars’ and ‘sports cars’ is neither mutually exclusive (as there are indeed red sports cars) nor exhaustive of the whole set (i.e. there are also yellow non-sports cars that are not covered by this segmentation). A MECE way to segment would be ‘cars produced before 2000’ and ‘cars produced after 2000’ as this segmentation allows for no overlap and covers all the cars in existence.

Dividing cars can be simple, but how can we ensure MECEness in a case-interview a.k.a. a business situation. While the same principles apply, a good tip to ensure that your structure is MECE is to think about all the stakeholders - i.e. those whom a specific venture involves.

Let’s consider that our client is a soda manufacturer who wants to move from a business-to-business strategy, i.e. selling to large chains of stores and supermarkets, to a business-to-consumer strategy where it sells directly to consumers. In doing so they would like to retrain part of their account managers as direct salespeople and need to know what factors to consider.

A stakeholder-driven approach would be to consider the workforce and customers and move further down the issue tree, thinking about individual issues that might affect them. In the case of the workforce, we might consider how the shift would affect their workload and whether it takes their skillset into account. As for the customers, we might wonder whether existing customers would be satisfied with this move: will the remaining B2B account managers be able to provide for the needs of all their clients and will the fact that the company is selling directly to consumers now not cannibalise their businesses? We see how by taking a stakeholder-centred approach we can ensure that every single perspective and potential issue arising from it is fully covered.

5.4.2 The Pareto Principle

Also known as the 80/20 rule, this principle is important when gauging the impact of a decision or a factor in your analysis. It simply states that in business (but not only) 80% of outcomes come from 20% of causes. What this means is you can make a few significant changes that will impact most of your business organisation, sales model, cost structure etc.

Let’s have a look at 3 quick examples to illustrate this:

• 80% of all accidents are caused by 20% of drivers
• 20% of a company’s products account for 80% of the sales
• 80% of all results in a company are driven by 20% of its employees

The 80/20 rule will be a very good guide line in real engagements as well as case interviews, as it will essentially point to the easiest and most straightforward way of doing things. Let’s say one of the questions in a case is asking you to come up with an approach to understand the appeal of a new beard trimmer. Obviously you can’t interview the whole male population so you might think about setting up a webpage and asking people to comment their thoughts. But what you would get would be a laundry list of difficult to sift through data.

Using an 80/20 approach you would segment the population based on critical factors (age groups, grooming habits etc.) and then approach a significant sample size of each (e.g. 20), analysing the data and reaching a conclusion.

5.4.3 The Pyramid Principle

This principle refers to organising your communication in a top-down , efficient manner. While this is generally applicable, the pyramid principle will most often be employed when delivering the final recommendation to your client. This means - as is implicit in the name - that you would organise your recommendation (and communication in general) as a pyramid, stating the conclusion or most important element at the top then go down the pyramid listing 3 supporting arguments and then further (ideally also 3) supporting arguments for those supporting arguments.

Let’s look at this in practice in a case interview context: your client is a German air-conditioning unit manufacturer who was looking to expand into the French market. However, after your analysis you’ve determined that the market share they were looking to capture would not be feasible. A final recommendation using the Pyramid Principle would sound something like this: ‘I recommend that we do not enter the German market for the following three reasons. Firstly, the market is too small for our ambitions of $50 million. Secondly the market is heavily concentrated, being controlled by three major players and our 5 year goal would amount to controlling 25% of the market, a share larger than that of any of the players. Thirdly, the alternative of going into the corporate market would not be feasible, as it has high barriers to entry.Then, if needed, we could delve deeper into each of our categories

6. Case examples or building blocks?

As we mentioned before, in your case interview preparation you will undoubtedly find preparation resources that claim that there are several standard types of cases and that there is a general framework that can be applied to each type of case. While there are indeed cases that are straightforward at least in appearance and seemingly invite the application of such frameworks, the reality is never that simple and cases often involve multiple or more complicated components that cannot be fitted into a simple framework.

At MCC we don’t want you to get into the habit of trying to identify which case type you’re dealing with and pull out a framework, but we do recognize that there are recurring elements in frameworks that are useful - such as the profitability of a venture (with its revenues and costs), the valuation of a business, estimating and segmenting a market and pricing a product.

We call these building blocks because they can be used to build case frameworks but are not a framework in and of themselves, and they can be shuffled around and rearranged in any way necessary to be tailored to our case. Hence, our approach is not to make you think in terms of case types but work from first principles and use these building blocks to build your own framework. Let’s take two case prompts to illustrate our point.

The first is from the Bain website, where the candidate is asked whether they think it’s a good idea for their friend to open a coffee shop in Cambridge UK (see the case here ). The answer framework provided here is a very straightforward profitability analysis framework, examining the potential revenues and potential costs of the venture:

While this is a good point to start for your case interview (especially taken together with the clarifying questions), we will notice that this approach will need more tailoring to the case - for example the quantity of coffee will be determined by the market for coffee drinkers in Cambridge, which we have to determine based on preference. We are in England so a lot of people will be drinking tea but we are in a university town so perhaps more people than average are drinking coffee as it provides a better boost when studying. All these are some much needed case-tailored hypotheses that we can make based on the initial approach.

Just by looking at this case we might be tempted to say that we can just take a profitability case and apply it without any issues. However, this generic framework is just a starting point and in reality we would need to tailor it much further in the way we had started to do in order to get to a satisfactory answer. For example, the framework for this specific case interview doesn’t cover aspects such as the customer’s expertise: does the friend have any knowledge of the coffee business, such as where to source coffee and how to prepare it? Also, we could argue there may be some legal factors to consider here, such as any approvals that they might need from the city council to run a coffee shop on site, or some specific trade licences that are not really covered in the basic profitability framework.

Let’s take a different case , however, from the McKinsey website. In this scenario, the candidate is being asked to identify some factors in order to choose where to focus the client’s conservation efforts. Immediately we can realise that this case doesn’t lend itself to any pre-packaged framework and we will need to come up with something from scratch - and take a look at McKinsey’s answer of the areas to focus on:

We notice immediately that this framework is 100% tailored to the case - of course there are elements which we encounter in other cases, such as costs and risks but again these are applied in an organic way. It’s pretty clear that while no standard framework would work in this case, the aforementioned concepts - costs and risks - and the way to approach them (a.k.a building blocks ) are fundamentally similar throughout cases (with the obvious specificities of each case).

In what follows, we’ll give a brief description of each building block starting from the Bain example discussed previously, in order to give you a general idea of what they are and their adaptability, but you should make sure to follow the link to the in-depth articles to learn all their ins and outs.

6.1 Estimates and segmentation

This building block will come into play mostly when you’re thinking about the market for a certain product (but make sure to read the full article for more details). Let’s take our Bain Cambridge coffee example. As we mentioned under the quantity bucket we need to understand what the market size for coffee in Cambridge would be - so we can make an estimation based on segmentation .

The key to a good estimation is the ability to logically break down the problem into more manageable pieces. This will generally mean segmenting a wider population to find a particular target group. We can start off with the population of Cambridge - which we estimate at 100.000. In reality the population is closer to 150.000 but that doesn’t matter - the estimation has to be reasonable and not accurate , so unless the interviewer gives you a reason to reconsider you can follow your instinct. We can divide that into people who do and don’t drink coffee. Given our arguments before, we can conclude that 80% of those, so 80.000 drink coffee. Then we can further segment into those who drink regularly - let’s say every day - and those who drink occasionally - let’s say once a week. Based on the assumptions before about the student population needing coffee to function, and with Cambridge having a high student population, we can assume that 80% of those drinking coffee are regular drinkers, so that would be 64.000 regular drinkers and 16.000 occasional drinkers. We can then decide whom we want to target what our strategy needs to be:

This type of estimation and segmentation can be applied to any case specifics - hence why it is a building block.

6.2 Profitability

We had several looks at this building block so far (see an in-depth look here ) as it will show up in most case interivew scenarios, since profit is a key element in any company’s strategy. As we have seen, the starting point to this analysis is to consider both the costs and revenues of a company, and try to determine whether revenues need to be improved or whether costs need to be lowered. In the coffee example, the revenues are dictated by the average price per coffe x the number of coffees sold , whereas costs can be split into fixed and variable .

Some examples of fixed costs would be the rent for the stores and the cost of the personnel and utilities, while the most obvious variable costs would be the coffee beans used and the takeaway containers (when needed). We may further split revenues in this case into Main revenues - i.e. the sales of coffee - and Ancillary revenues , which can be divided into Sales of food products (sales of pastries, sandwiches etc., each with the same price x quantity schema) and Revenues from events - i.e renting out the coffee shop to events and catering for the events themselves. Bear in mind that revenues will be heavily influenced by the penetration rate , i.e. the share of the market which we can capture.

6.3 Pricing

Helping a company determine how much they should charge for their goods or services is another theme that comes up frequently in cases. While it may seem less complicated than the other building blocks, we assure you it’s not - you will have to understand and consider several factors, such as the costs a company is incurring, their general strategic positioning, availability, market trends as well as the customers’ willingness to pay (or WTP in short) - so make sure to check out our in-depth guide here .

In our example, we may determine that the cost per cup (coffee beans, staff, rent) is £1. We want to be student friendly so we should consider how much students would want to pay for a coffee as well as how much are competitors are charging. Based on those factors, it would be reasonable to charge on average £2 per cup of coffee. It’s true that our competitors are charging £3 but they are targeting mostly the adult market, whose willingness to pay is higher, so their pricing model takes that into account as well as the lower volume of customers in that demographic.

6.4. Valuation

A variant of the pricing building block, a valuation problem generally asks the candidate to determine how much a client should pay for a specific company (the target of an acquisition) as well as what other factors to consider. The two most important factors (but not the only ones - for a comprehensive review see our Valuation article ) to consider are the net present value (in consulting interviews usually in perpetuity) and the synergies .

In short, the net present value of a company is how much profit it currently brings in, divided by how much that cash flow will depreciate in the future and can be represented with the equation below:

The synergies refer to what could be achieved should the companies operate as one, and can be divided into cost and revenue synergies .

Let’s expand our coffee example a bit to understand these. Imagine that our friend manages to open a chain of coffee shops in Cambridge and in the future considers acquiring a chain of take-out restaurants. The most straightforward example of revenue synergies would be cross-selling, in this case selling coffee in the restaurants as well as in the dedicated stores, and thus getting an immediate boost in market share by using the existing customers of the restaurant chain. A cost synergy would be merging the delivery services of the two businesses to deliver both food and coffee, thus avoiding redundancies and reducing costs associated with twice the number of drivers and vehicles.

6.5. Competitive interaction

This component of cases deals with situations where the market in which a company is operating changes and the company must decide what to do. These changes often have to do with a new player entering the market (again for more details make sure to dive into the Competitive Interaction article ).

Let’s assume that our Cambridge coffee shop has now become a chain and has flagged up to other competitors that Cambridge is a blooming market for coffee. As such, Starbucks has decided to open a few stores in Cambridge themselves, to test this market. The question which might be posed to a candidate is what should our coffee chain do. One way (and a MECE one) to approach the problem is to decide between doing something and doing nothing . We might consider merging with another coffee chain and pooling our resources or playing to our strengths and repositioning ourselves as ‘your student-friendly, shop around the corner’. Just as easily we may just wait the situation out and see whether indeed Starbucks is cutting into our market share - after all, the advantages of our product and services might speak for themselves and Starbucks might end up tanking. Both of these are viable options if argued right and depending on the further specifics of the case.

6.6. Special cases

Most cases deal with private sectors, where the overarching objective entails profit in some form. However, as hinted before, there are cases which deal with other sectors where there are other KPIs in place . The former will usually contain one or several of these building blocks whereas the latter will very likely have neither. This latter category is arguably the one that will stretch your analytical and organisational skills to the limit, since there will be very little familiarity that you can fall back on (McKinsey famously employs such cases in their interview process).

So how do we tackle the structure for such cases? The short answer would be starting from first principles and using the problem driven structure outlined above, but let’s look at a quick example in the form of a McKinsey case :

The first question addressed to the candidate is the following:

This is in fact asking us to build a structure for the case. So what should we have in mind here? Most importantly, we should start with a structure that is MECE and we should remember to do that by considering all the stakeholders . They are on the one hand the government and affiliated institutions and on the other the population. We might then consider which issues might arise for each shareholder and what the benefits for them would be, as well as the risks. This approach is illustrated in the answer McKinsey provides as well:

More than anything, this type of case shows us how important it is to practise and build different types of structures, and think about MECE ways of segmenting the problem.

7. How Do I prepare for case interviews

In consulting fashion, the overall preparation can be structured into theoretical preparation and practical preparation , with each category then being subdivided into individual prep and prep with a partner .

As a general rule, the level and intensity of the preparation will differ based on your background - naturally if you have a business background (and have been part of a consulting club or something similar) your preparation will be less intensive than if you’re starting from scratch. The way we suggest you go about it is to start with theoretical preparation , which means learning about case interviews, business and basic consulting concepts (you can do this using free resources - such as the ones we provide - or if you want a more through preparation you can consider joining our Case Academy as well).

You can then move on to the practical preparation which should start with doing solo cases and focusing on areas of improvement, and then move on to preparation with a partner , which should be another candidate or - ideally - an ex-consultant.

Let’s go into more details with respect to each type of preparation.

7.1. Solo practice

The two most important areas of focus in sole preparation are:

• Mental math

As we mentioned briefly, the best use of your time is to focus on solving cases. You can start with cases listed on MBB sites since they are clearly stated and have worked solutions as well (e.g. Bain is a good place to start) and then move to more complex cases (our Case Library also offers a range of cases of different complexities). To build your confidence, start out on easier case questions, work through with the solutions, and don't worry about time. As you get better, you can move on to more difficult cases and try to get through them more quickly. You should practice around eight case studies on your own to build your confidence.

Another important area of practice is your mental mathematics as this skill will considerably increase your confidence and is neglected by many applicants - much to their immediate regret in the case interview. Find our mental math tool here or in our course, and practice at least ten minutes per day, from day one until the day before the interview.

7.2. Preparation with a partner

There are aspects of a case interview - such as asking clarifying questions - which you cannot do alone and this is why, after you feel comfortable, you should move on to practice with another person. There are two options here:

• Practicing with a peer
• Practicing with an ex-consultant

In theory they can be complementary - especially if you’re peer is also preparing for consulting interviews - and each have advantages and disadvantages. A peer is likely to practice with you for free for longer, however you may end up reinforcing some bad habits or unable to get actionable feedback. A consultant will be able to provide you the latter but having their help for the same number of hours as a peer will come at a higher cost. Let’s look at each option in more detail.

7.2.1. Peer preparation

Once you have worked through eight cases solo, you should be ready to simulate the case interview more closely and start working with another person.

Here, many candidates turn to peer practice - that is, doing mock case interviews with friends, classmates or others also applying to consulting. If you’re in university, and especially in business school, there will very likely be a consulting club for you to join and do lots of case practice with. If you don’t have anyone to practice, though, or if you just want to get a bit more volume in with others, our free meeting board lets you find fellow applicants from around the world with whom to practice. We recommend practicing around 10 to 15 ‘live’ cases to really get to a point where you feel comfortable.

7.2.2. Preparation with a consultant

You can do a lot practising by yourself and with peers. However, nothing will bring up your skills so quickly and profoundly as working with a real consultant.

Perhaps think about it like boxing. You can practice drills and work on punch bags all you want, but at some point you need to get into the ring and do some actual sparring if you ever want to be ready to fight.

Practicing with an ex consultant is essentialy a simulation of a case interview. Of course, it isn’t possible to secure the time of experienced top-tier consultants for free. However, when considering whether you should invest to boost your chances of success, it is worth considering the difference in your salary over even just a few years between getting into a top-tier firm versus a second-tier one. In the light of thousands in increased annual earnings (easily accumulating into millions over multiple years), it becomes clear that getting expert interview help really is one of the best investments you can make in your own future.

Should you decide to make this step, MyConsultingCoach can help, offering bespoke mentoring programmes , where you are paired with a 5+ year experienced, ex-MBB mentor of your choosing, who will then oversee your whole case interview preparation from start to finish - giving you your best possible chance of landing a job!

7.3. Practice for online interviews

Standard preparation for interview case studies will carry directly over to online cases.

However, if you want to do some more specific prep, you can work through cases solo to a timer and using a calculator and/or Excel (online cases generally allow calculators and second computers to help you, whilst these are banned in live case interviews).

Older PST-style questions also make great prep, but a particularly good simulation is the self-assessment tests included in our Case Academy course . These multiple choice business questions conducted with a strict time limit are great preparation for the current crop of online cases.

7.4. Fit interviews

As we’ve noted, even something billed as a case interview is very likely to contain a fit interview as a subset.

We have an article on fit interviews and also include a full set of lessons on how to answer fit questions properly as a subset of our comprehensive Case Academy course .

Here though, the important thing to convey is that you take preparing for fit questions every bit as seriously as you do case prep.

Since they sound the same as you might encounter when interviewing for other industries, the temptation is to regard these as “just normal interview questions”.

However, consulting firms take your answers to these questions a good deal more seriously than elsewhere.

This isn’t just for fluffy “corporate culture” reasons. The long hours and close teamwork, as well as the client-facing nature of management consulting, mean that your personality and ability to get on with others is going to be a big part of making you a tolerable and effective co-worker.

If you know you’ll have to spend 14+ hour working days with someone you hire and that your annual bonus depends on them not alienating clients, you better believe you’ll pay attention to their character in interview.

There are also hard-nosed financial reasons for the likes of McKinsey, Bain and BCG to drill down so hard on your answers.

In particular, top consultancies have huge issues with staff retention. The average management consultant only stays with these firms for around two years before they have moved on to a new industry.

In some cases, consultants bail out because they can’t keep up with the arduous consulting lifestyle of long hours and endless travel. In many instances, though, departing consultants are lured away by exit opportunities - such as the well trodden paths towards internal strategy roles, private equity or becoming a start-up founder.

Indeed, many individuals will intentionally use a two year stint in consulting as something like an MBA they are getting paid for - giving them accelerated exposure to the business world and letting them pivot into something new.

Consulting firms want to get a decent return on investment for training new recruits. Thus, they want hires who not only intend to stick with consulting longer-term, but also have a temperament that makes this feasible and an overall career trajectory where it just makes sense for them to stay put.

This should hammer home the point that, if you want to get an offer, you need to be fully prepared to answer fit questions - and to do so excellently - any time you have a case interview.

8. Interview day - what to expect, with tips

Of course, all this theory is well and good, but a lot of readers might be concerned about what exactly to expect in real life . It’s perfectly reasonable to want to get as clear a picture as possible here - we all want to know what we are going up against when we face a new challenge!

Indeed, it is important to think about your interview in more holistic terms, rather than just focusing on small aspects of analysis. Getting everything exactly correct is less important than the overall approach you take to reasoning and how you communicate - and candidates often lose sight of this fact.

In this section, then, we’ll run through the case interview experience from start to finish, directing you to resources with more details where appropriate. As a supplement to this, the following video from Bain is excellent. It portrays an abridged version of a case interview, but is very useful as a guide to what to expect - not just from Bain, but from McKinsey, BCG and any other high-level consulting firm.

8.1. Getting started

Though you might be shown through to the office by a staff member, usually your interviewer will come and collect you from a waiting area. Either way, when you first encounter them, you should greet your interviewer with a warm smile and a handshake (unless they do not offer their hand). Be confident without verging into arrogance. You will be asked to take a seat in the interviewer’s office, where the case interview can then begin.

8.1.1. First impressions

In reality, your assessment begins before you even sit down at your interviewer’s desk. Whether at a conscious level or not, the impression you make within the first few seconds of meeting your interviewer is likely to significantly inform the final hiring decision (again, whether consciously or not).

Your presentation and how you hold yourself and behave are all important . If this seems strange, consider that, if hired, you will be personally responsible for many clients’ impressions of the firm. These things are part of the job! Much of material on the fit interview is useful here, whilst we also cover first impressions and presentation generally in our article on what to wear to interview .

As we have noted above, your interview might start with a fit segment - that is, with the interviewer asking questions about your experiences, your soft skills, and motivation to want to join consulting generally and that firm in particular. In short, the kinds of things a case study can’t tell them about you. We have a fit interview article and course to get you up to speed here.

8.1.2. Down to business

Following an initial conversation, your interviewer will introduce your case study , providing a prompt for the question you have to answer. You will have a pen and paper in front of you and should (neatly) note down the salient pieces of information (keep this up throughout the interview).

It is crucial here that you don’t delve into analysis or calculations straight away . Case prompts can be tricky and easy to misunderstand, especially when you are under pressure. Rather, ask any questions you need to fully understand the case question and then validate that understanding with the interviewer before you kick off any analysis. Better to eliminate mistakes now than experience that sinking feeling of realising you have gotten the whole thing wrong halfway through your case!

This process is covered in our article on identifying the problem and in greater detail in our Case Academy lesson on that subject.

8.1.3. Analysis

Once you understand the problem, you should take a few seconds to set your thoughts in order and draw up an initial structure for how you want to proceed. You might benefit from utilising one or more of our building blocks here to make a strong start. Present this to your interviewer and get their approval before you get into the nuts and bolts of analysis.

We cover the mechanics of how to structure your problem and lead the analysis in our articles here and here and more thoroughly in the MCC Case Academy . What it is important to convey here, though, is that your case interview is supposed to be a conversation rather than a written exam . Your interviewer takes a role closer to a co-worker than an invigilator and you should be conversing with them throughout.

Indeed, how you communicate with your interviewer and explain your rationale is a crucial element of how you will be assessed. Case questions in general, are not posed to see if you can produce the correct answer, but rather to see how you think . Your interviewer wants to see you approach the case in a structured, rational fashion. The only way they are going to know your thought processes, though, is if you tell them!

To demonstrate this point, here is another excellent video from Bain, where candidates are compared.

Note that multiple different answers to each question are considered acceptable and that Bain is primarily concerned with the thought processes of the candidate’s exhibit .

Another reason why communication is absolutely essential to case interview success is the simple reason that you will not have all the facts you need to complete your analysis at the outset. Rather, you will usually have to ask the interviewer for additional data throughout the case to allow you to proceed .

NB: Don't be let down by your math!

Your ability to quickly and accurately interpret these charts and other figures under pressure is one of the skills that is being assessed. You will also need to make any calculations with the same speed and accuracy (without a calculator!). As such, be sure that you are up to speed on your consulting math .

8.1.4. Recommendation

Finally, you will be asked to present a recommendation. This should be delivered in a brief, top-down "elevator pitch" format , as if you are speaking to a time-pressured CEO. Again here, how you communicate will be just as important as the details of what you say, and you should aim to speak clearly and with confidence.

For more detail on how to give the perfect recommendation, take a look at our articles on the Pyramid Principle and providing recommendations , as well the relevant lesson within MCC Academy .

8.1.5. Wrapping up

After your case is complete, there might be a few more fit questions - including a chance for you to ask some questions of the interviewer . This is your opportunity to make a good parting impression.

We deal with the details in our fit interview resources. However, it is always worth bearing in mind just how many candidates your interviewers are going to see giving similar answers to the same questions in the same office. A pretty obvious pre-requisite to being considered for a job is that your interviewer remembers you in the first place. Whilst you shouldn't do something stupid just to be noticed, asking interesting parting questions is a good way to be remembered.

Now, with the interview wrapped up, it’s time to shake hands, thank the interviewer for their time and leave the room .

You might have other case interviews or tests that day or you might be heading home. Either way, if know that you did all you could to prepare, you can leave content in the knowledge that you have the best possible chance of receiving an email with a job offer. This is our mission at MCC - to provide all the resources you need to realise your full potential and land your dream consulting job!

8.2. Remote and one-way interview tips

Zoom case interviews and “one-way” automated fit interviews are becoming more common as selection processes are increasingly remote, with these new formats being accompanied by their own unique challenges.

Obviously you won’t have to worry about lobbies and shaking hands for a video interview. However, a lot remains the same. You still need to do the same prep in terms of getting good at case cracking and expressing your fit answers. The specific considerations around remote case interviews are, in effect, around making sure you come across as effectively as you would in person.

8.2.1. Connection

It sounds trivial, but a successful video case interview of any kind presupposes a functioning computer with a stable and sufficient internet connection.

Absolutely don’t forget to have your laptop plugged in, as your battery will definitely let you down mid-interview. Similarly, make sure any housemates or family know not to use the microwave, vacuum cleaner or anything else that makes wifi cut out (or makes a lot of noise, obviously)

If you have to connect on a platform you don’t use much (for example, if it’s on Teams and you’re used to Zoom), make sure you have the up to date version of the app in advance, rather than having to wait for an obligatory download and end up late to join. Whilst you’re at it, make sure you’re familiar with the controls etc. At the risk of being made fun of, don’t be afraid to have a practice call with a friend.

8.2.2. Dress

You might get guidance on a slightly more relaxed dress code for a Zoom interview. However, if in doubt, dress as you would for the real thing (see our article here ).

Either way, always remember that presentation is part of what you are being assessed on - the firm needs to know you can be presentable for clients. Taking this stuff seriously also shows respect for your interviewer and their time in interviewing you.

8.2.3. Lighting

An aspect of presentation that you have to devote some thought to for a Zoom case interview is your lighting.

Hopefully, you long ago nailed a lighting set-up during the Covid lockdowns. However, make sure to check your lighting in advance with your webcam - bearing in mind what time if day your case interview actually is. If your case interview is late afternoon, don’t just check in the morning. Make sure you aren’t going to be blinded from light coming in a window behind your screen, or that you end up with the weird shadow stripes from blinds all over your face.

Natural light is always best, but if there won’t be much of that during your interview, you’ll likely want to experiment with moving some lamps around.

8.2.4. Clarity

The actual stories you tell in an automated “one-way” fit interview will be the same as for a live equivalent. If anything, things should be easier, as you can rattle off a practised monologue without an interviewer interrupting you to ask for clarifications.

You can probably also assume that the algorithm assessing your performance is sufficiently capable that it will be observing you at much the same level as a human interviewer. However, it is probably still worth speaking as clearly as possible with these kinds of interviews and paying extra attention to your lighting to ensure that your face is clearly visible.

No doubt the AIs scoring these interviews are improving all the time, but you still want to make their job as easy as possible. Just think about the same things as you would with a live Zoom case interview, but more so.

9. How we can help

There are lots of great free resources on this site to get you started with preparation, from all our articles on case solving and consulting skills to our free case library and peer practice meeting board .

To step your preparation up a notch, though, our Case Academy course will give you everything you need to know to solve the most complex of cases - whether those are in live case interviews, with chatbots, written tests or any other format.

Whatever kind of case you end up facing, nothing will bring up your skillset faster than the kind of acute, actionable feedback you can get from a mock case interview a real, MBB consultant. Whilst it's possible to get by without this kind of coaching, it does tend to be the biggest single difference maker for successful candidates.

You can find out more on our coaching page:

Explore Coaching

Of course, for those looking for a truly comprehensive programme, with a 5+ year experienced MBB consultant overseeing their entire prep personally, from networking and applications right through to your offer, we have our mentoring programmes.

You can read more here:

Comprehensive Mentoring

Account not confirmed

• All Industries
• Symphony Aerospace
• Symphony Stage
• Symphony REACT
• Symphony Search
• Symphony Transact
• Symphony Commerce
• Symphony Solve
• Symphony Energy
• Symphony Health
• Symphony Consulting
• Symphony Grow
• Symphony Wealth
• Symphony Build
• Industry Case Studies
• Compositions

Risk Management Case Studies

As experts in our craft and close partners with our clients, we have helped numerous companies and individuals change tempo and smoothly transition to their next movement.

Meeting the Contractual Requirements of a $6 Billion Renewable Energy Transmission Line Project

Punitive Damages Alternative

Private Airline Pilots Union Seeks a Responsive Broker to Organize Policies

Affluent Couple Has Broker Asleep at the Wheel

Client Seeks to Improve Coverage, Gets More Than Just Insurance

Property Owner Denied Coverage for Loss

Security Staffing Company with High Frequency of Seasonal Employee Claims

Client with Multiple Agents Saves Premium with One Broker

Movie Theater Circuit Seeks Advocate to Protect Their Bottom Line

Multifamily Operator Seeks Benefits of Having Suitable Insurance Products

Let symphony risk help you perform more remarkably..

Symphony Risk is the next-generation, full-service insurance brokerage, risk management advisory, and employee benefits consulting advisory for the risk and human capital needs of middle market and lower Fortune 500 businesses, private equity firms and alternative asset managers, corporate executives, and high-net-worth families.

© Copyright 2023 Symphony Risk Solutions

• Industry Solutions

Privacy Policy

© Copyright 2024 Symphony Risk Solutions

Case Studies

All case studies, fire records reconciliation and validation, work performance verification audit – auditing the auditors, union dispute, tobacco producers settlement , large civil litigation, affidavit on ediscovery approach for hamp litigation, operator qualifications analysis, pipeline maop verification support, pipeline leak survey information management, plastic fusion remediation, regulator data collection, data pipeline markers inspection, rate case support, opioid prescription monitoring plan (pmp) data analysis, medicaid data manipulation and analysis, state employee benefit claim, pcb contamination cost recovery, stations maop verification support, executory contracts analysis, analytical support for tobacco producers settlement, pharmaceutical trade secret lawsuit, doj indictment, claims billing support for fortune 500 company, employee missed meal periods claim, labor law violation analysis, exempt status classification, employee forensic evidence collection, construction firm bankruptcy suit, pharmaceutical average wholesale price suit, quality control review of gas transmission and distribution records, streamlining utility data: a case study in dig records audit for general rate case hearing, gas & electric utilities case studies, litigation support case studies, clear path vegetation management case studies.

About Celerity

Your Trusted Utility Risk Optimization Company

Celerity is an agile risk optimization company that helps public utility organizations convert complex data into clear, actionable intelligence to mitigate risk, optimize assets, and maximize project results.

Want to learn more? Contact us below

999-999-9999

The New Equation

Executive leadership hub - What’s important to the C-suite?

Tech Effect

Shared success benefits

Loading Results

No Match Found

PwC case studies

Examples of how a community of solvers brings together the strengths of people and technology to build trust and deliver sustainable outcomes — bringing The New Equation to life.

Featured - 3 items

Reinventing wyndham’s loyalty program technology.

Redesigning the cloud-based ecosystem powering Wyndham Rewards.

Helping the YMCA of GNY meet new community needs

Responding to change and expanding their reach and ability to support.

Baker Hughes is working toward net zero at scale

Learn how PwC helped Baker Hughes accelerate their net zero strategy.

A brighter future for medicine with healthcare technology

A collaboration between OSIC, PwC and Microsoft is helping patients, providers and researchers fight a rare disease.

{{filterContent.facetedTitle}}

• {{v.tagsTitle}}

{{item.title}}

• {{filterContent.dataService.numberHits}} {{filterContent.dataService.numberHits == 1 ? 'result' : 'results'}}
• {{vf.elipsedTagsTitle}}
• 0" ng-click="filterContent.reset()" class="reset-filters"> {{filterContent.resetFiltersLabel}}

{{item.publishDate}}

{{item.text}}

Explore further

Thank you for your interest in PwC

We have received your information. Should you need to refer back to this submission in the future, please use reference number "refID" .

Required fields are marked with an asterisk( * )

Please correct the errors and send your information again.

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

© 2017 - 2024 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.

• Data Privacy Framework
• Cookie info
• Terms and conditions
• Site provider
• Your Privacy Choices

• Solutions and Services
• Enterprise Risk Management
• Controls & Compliance Attestations
• Internal Audit
• Third Party Management and Assurance
• Information Governance
• Data Protection
• Cyber Security Consultancy
• Regulatory Applications
• Business Continuity and Crisis Management
• Regulatory Change
• Financial Crime
• Managed Compliance Services and Solutions
• Operational Resilience
• Senior Managers and Certification Regime
• News and Blogs
• Regulatory Calendar
• Case Studies
• Thought Leadership

We partner with clients to deliver expertise exactly where it's needed, and deliver bespoke programmes providing risk assurance, information security, and regulatory compliance.

Gain full visibility of your organisation's risks and mitigate their impact on its objectives.

• Enterprise Risk Management >>
• Internal Audit >>
• Controls and Compliance Attestations >>
• Third Party Management and Assurance >>

Controls Assurance Audit (ISAE 3402 & SSAE 18 Type II) for SaaS Company

Pragmatic enhancements to develop controls, governance and oversight framework. Read More >>

Protect your most valuable information assets in the face of evolving cyber threats.

• Information Governance >>
• PCI-DSS >>
• Data Protection >>
• Business Continuity and Crisis Management >>
• Cyber Security Consultancy >>

PCI Scope Redefinition and ROC Reporting for Global Services Organisation

Streamlined processes, simplified scope and easier PCI compliance. Read More >>

Compliance services to support your organisation in meeting its regulatory obligations.

• Regulatory Applications >>
• Managed Compliance >>
• Senior Managers and Certification Regime >>
• Operational Resilience >>
• Financial Crime >>
• Regulatory Change >>

Regulatory compliance for UK-based mortgage firm

Helping to redefine the future of mortgage lending. Read More >>

Find all our thought leadership, case studies, news, blogs, podcasts and regulatory calendar updates here.

See how Xcina has benefitted businesses like yours.

Listen in as our industry experts provide the benefit of their experience.

The latest from across our clients’ industries.

Insight, thought leadership and opinion from our expert consultants.

Helping to redefine the future of mortgage lending.

Streamlined processes, simplified scope and easier PCI compliance.

Pragmatic enhancements to develop controls, governance and oversight framework.

Risk Reporting Framework for Global Insurance Organisation

GDPR Gap Analysis and Remediation for International Bank

Control Assurance Audit (ISAE3402 Type II) for Asset Management Organisation

Third-party Assurance Assessments for US-based Consumer Credit Reporting Agency

Pension Protection Levy Calculation and Reporting Process Review for Global Asset Manager

Virtual Data Protection Officer (vDPO) for UK-based Market Research Consultancy

Subscribe to Updates

Receive regular updates from our expert consultants as they provide clarification and guidance on issues impacting your organisation.

• How it works
• Case studies

13 case studies on how risk managers are assessing their risk culture

Continuing on from last week's post, There’s no such thing as risk culture, or is there? , this is the third in a series of blogs in which we are summarising key insights gained from about 50 risk managers and CROs interviewed between December 2019 and May 2020.

There are various techniques and different mindsets on how to assess and measure risk culture. We round-up the very best case studies, tools and templates used by risk managers around the world.

To survey or not to survey?

If you start from a base of assuming you need a survey (or perhaps you have an executive or board who want one), then you are faced with two main choices:

• Include a number of questions in a larger employee engagement/culture survey, probably being run by HR (as one of our Member organisations did, only to discover the results didn’t align with their anecdotal feedback and experiences)
• Conduct a dedicated risk culture survey, which might later be re-run as a benchmark (as one former CRO at an international airline did upon joining the organisation).

However, not everyone believes a survey is the way to go. Or at least, not a survey in isolation.

It’s a self-assessment tool, for one thing, as former Bank of Queensland CRO Peter Deans pointed out in a recent Intelligence contribution (Members: access this here ). You may not get the true risk picture you need, if you are only asking people if they believe they are making risk-aware decisions and are satisfied with the culture.

UK risk consultant Roger Noon shared with us a variety of tools risk managers can use in-house to help understand behaviours and diagnose culture (Members: access these tools here) . Of quantitative risk culture surveys, he says: “Survey instruments can also be used so long as you and your sponsors recognise that they are typically very blunt tools, often with poor validity. They're very ‘point in time and context’ driven, and they don't really provide you with objective observable output. 

“However, they can be used to generate interesting data that creates helpful dialogue at the senior management table. They’re also useful to build engagement with the people that are part of the culture, and as part of a wider, triangulated set of data.”

In other instances, risk managers found it was not employees they initially needed to survey, but their board. Across different industries, different understandings of risk culture exist. If your board is asking about risk culture, it can be a good idea to check in that you (and they, among themselves) are all on the same page before beginning any broader projects. (Members: take a look at some sample questions about risk culture for the board here .)

So overt it’s covert

When it comes to an organisation’s overall approach to assessing and changing risk culture, there are also a few fundamentally different mindsets.

For some companies, the ‘culture overhaul’ needs to be a large project with lots of publicity and a big push from the top. In such cases, when it comes to driving change, extensive engagement and communications programs are planned, potentially including video.

We collected one case study, however, that stood out for its far more subtle and positive approach. In it, the head of risk at a large organisation with a few thousand staff spread across nine departments said there were a lot of preconceptions and quite a bit of nervousness around the idea of ‘working on risk culture’. This risk manager had therefore developed a different kind of self-assessment tool, which helped participants map their own risk culture using evidence-based attributes. 

At the end of the initial meeting (which took no more than an hour and a half), participants had identified their own areas for improvement and incorporated culture elements into their future risk planning. (Members: access this case study here .)

Sometimes risk managers reach a point where they simply have to be realistic about their resources and prospects for implementing large scale change.

In another example from the Middle East, an expat risk manager found it was a case of trying to move his company’s risk culture at different ‘clock speeds’ across the organisation’s verticals, catering to different levels of appetite, awareness and need for change between delivery teams and the C-Suite. (Members: access this case study here .)

And, finally, sometimes risk managers reach a point where they simply have to be realistic about their resources and prospects for implementing large scale change. If there’s no appetite from the top for a risk culture shift, the risk manager will have an uphill battle. We’ve collected ideas from the former risk leader at a government utility, who devised tactics for embedding changes into existing systems and processes to deliver better risk outcomes for the business. (Members: access these ideas here .)

Measuring, reporting and dashboards

We found that the facet of culture where everybody most wanted to know what everybody else was measuring and what they were doing in terms of reporting and dashboards.

Again, there were a number of different methods shared by our Members and contributors, as well as contrasting views on what actually should be measured.

For example, is it redundant to actually measure ‘risk culture’? After all, isn’t the entire point of improving risk culture to improve risk outcomes? Why not just focus on measuring the risk outcomes, with culture change happening in the background to facilitate? 

Certainly, this was the view of the former risk manager at a prominent United States government organisation, who spoke to us about building up their organisation’s risk capability over several years. (Members: read more on this here .)

Is it redundant to actually measure ‘risk culture’? After all, isn’t the entire point of improving risk culture to improve risk outcomes?

However, others saw value in tracking specific culture metrics, even if these goals were a means to an end. A scorecard or dashboard became a talking point to launch difficult conversations with different managers or executives, and the ability to show progress over time helped maintain momentum and commitment.

Over time, Peter Deans at BOQ developed and refined a ‘basket of risk culture measures’ along the same lines as the consumer price index, which he regularly updated and used to give leadership a ‘big picture view’ of how risk culture was doing.

Other contributing risk managers shared their scorecards and dashboards with us as templates, such as a scorecard example using a traffic light system across nine key risk indicators. We also collected ideas for dashboard metrics and a spreadsheet-based sunburst tool, alongside risk culture pillars.

On a final note, UK risk advisor Danny Wong shared a detailed case study on how to use data to drive an impactful risk narrative. For any risk managers who are striving to bring risk into line with many other functions in contemporary business – such as product development, sales, operations, and others that regularly use data strategically to inform decision making and best practice – this piece is essential reading. (Members: access this piece here .)

Risk Leadership Network’s Intelligence platform – our searchable database of peer-contributed case-studies, tools and templates – delves deeper into risk culture with more on diagnosing culture , addressing culture and ethics , and building a risk culture survey of boards . (Members only)

Are you an in-house risk manager who could benefit from collaborating with a global network of senior risk professionals talk to us about becoming a member today ., related posts you may be interested in.

5 ways to become a better leader in risk culture

There’s no such thing as risk culture, or is there?

Three useful tools to optimise a risk culture review

Get new posts by email.

Risk Advisory

Case studies, government nsw indigenous advisory services risk advisory - case studies.

Case Studies Risk Advisory - Case Studies

Government Risk Advisory Services Fraud and Forensic Services Risk Advisory - Case Studies

Risk Advisory Services Fraud and Forensic Services Risk Advisory - Case Studies Government

Case Studies Risk Advisory - Case Studies Goulburn

CASE STUDIES Case Studies Risk Advisory - Case Studies Environmental, Social and Governance (ESG) Services

Case Studies Risk Advisory - Case Studies Audit and Assurance Case Studies

Case Studies Risk Advisory - Case Studies Consumer Data Right

Get Active in Our Amazing Community of Over 458,000 Peers!

Risk advisory case interview.

Hi everybody,

What kind of cases could come up in a Case Interview for Risk Advisory (in Big 4)? 

Any experience, examples or general tips for the interview?

Thanks in advance!

Overview of answers

• Date ascending
• Date descending

+1 Ian, super helpful list he shared. 

You see that the variety of topics is huge, so you need to be ready for almost anything. In these cases, be sure also to review the “classics”: 

1. Profitability cases- basic profitability framework.

2. Idea generation cases: for any specif issue

3. Growth cases: market penetration, new product launch, product mix change, etc.

4. Pricing cases

5. M&A cases

6. Valuation cases

Feel free to shoot me a message - I've helped a number of candidates recruit successfully for the risk practices in the Big4. But, here's some info below as well.

In general you should expect both a case and a fit/behavioral portion (but double-check with HR). You should be ready for both generalist cases and absolutely prepared for any risk-related case.

Some key topics could be:

• Accounting and Internal Controls
• Cyber and Strategic Risk
• Regulatory and Legal
• Internal Audit
• IT Governance
• Forensic investigations
• Non-financial assurance
• Derivative valuations
• Regulatory Compliance
• Sustainability reports (triple bottom line)
• Treasury management and control
• Internal control framework
• Enterprise risk management
• IT Control design
• Litigation support

What do some case questions look like? Oh, I don't know, just a random guess from the below :)

Please note I worked closely to a Big4 Risk Advisory team (for a couple of years I was setting up the Strategy team for the Advisory Service Line. 

In the Risk Advisory you don't get cases for the interview. You may get technical questions , and you get fit/behavioral questions (in which I can help extensively).

So don't waste your time preparing for strategy-style interviews, and focus on technical/job related questions and fit questions.

Related Products

Premium membership (1 week).

• ALL the resources you need for your case interview preparation
• Unlimited meetings with peers
• Access to #number-of-cases# cases, video tutorials, and 220+ case interview exercises

Break Into Consulting - Strategy Consulting Firm's All-In-One by Alexandre

• Created by 2 BCG consultants
• Covers most strategy consulting firms
• Get you to the backstage of the strategy world

Break Into Consulting - Industry Overviews by Alexandre

• 15+ industries covered
• Practical tips to master any industry

Premium Membership (6 weeks)

Related articles, big 4 differences, top consulting firms, the differences between mbb and the big four, what does a management consultant do at deloitte, pwc, kpmg and ey, related cases.

MBB Final Round Case - Smart Education

Espresso, Whatelse?

McKinsey Digital / BCG Platinion: Oil & Gas Upstream Technology

Bain 1st round case – blissottica, bain + bcg - hot wheels with video solution, related case interview basics article(s), how to start the case interview preparation.

Learn the basics of a real consulting case interview and repeatedly train the skills you need to ace your real case interview at MBB or the Big Four.

Discover the secrets to Goal setting, Reality checking, Options exploring, and Way forward planning that will redefine your path to success.

Similar Questions

Mistakes in mckinsey interview, clarifying ban periods at consulting firms, greenfield cases.

• Select category
• General Feedback
• Case Interview Preparation
• Technical Problems

Increasing Value and Resilience Through Project Risk Management: A Case Study in the IT Consulting Sector

• First Online: 19 March 2024

Cite this chapter

• Raffaele Testorelli 3 ,
• Anna Tiso 3 &
• Chiara Verbano 3  

Part of the book series: Management for Professionals ((MANAGPROF))

175 Accesses

In the current dynamic and uncertain business environment, small- and medium-sized enterprises (SMEs) are struggling to enhance their ability to adapt and resist to the changes while pursuing their strategic objectives. In particular, projects are gaining a crucial role for companies’ success, as the main vehicles for managing change and creating innovation. Consequently, Project Risk Management (PRM) is a widely used approach to foster the effect of positive events opportunities while mitigating those related to negative ones, with the final aim of creating value and resilience. For these reasons, there is growing interest in PRM as a value generation process for multiple project stakeholders. This research presents a case study conducted in an SME based in Italy and operating in the information technology (IT) consulting sector, addressing the literature gaps about the creation of value through PRM. From an academic perspective, it provides an overview of the topic, proposing a framework for the analysis of the relationships between the characteristics of the context, the PRM system implemented, and the value generated. Moreover, it supports practitioners with a new measurement system for the value generated through PRM and with guidelines to enhance value generation and resilience.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

• Available as PDF
• Read on any device
• Instant download
• Own it forever
• Available as EPUB and PDF
• Durable hardcover edition
• Dispatched in 3 to 5 business days
• Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Ahmadi-Javid, A., Fateminia, S. H., & Gemünden, H. G. (2020). A method for risk response planning in project portfolio management. Project Management Journal, 51 , 77–95. https://doi.org/10.1177/8756972819866577

Article   Google Scholar  

Andersen, E. S. (2014). Value creation using the mission breakdown structure. International Journal of Project Management, 32 , 885–892. https://doi.org/10.1016/j.ijproman.2013.11.003

Andersen, E. S. (2016). Do project managers have different perspectives on project management? International Journal of Project Management, 34 , 58–65. https://doi.org/10.1016/j.ijproman.2015.09.007

Bakker, R. M. (2010). Taking stock of temporary organizational forms: A systematic review and research agenda. International Journal of Management Reviews, 12 , 466–486. https://doi.org/10.1111/j.1468-2370.2010.00281.x

Besner, C., & Hobbs, B. (2012). The paradox of risk management: A project management practice perspective. International Journal of Managing Projects in Business, 5 . https://doi.org/10.1108/17538371211214923

Borge, D. (2002). The book of risk . Wiley.

Google Scholar  

Branzei, O., & Abdelnour, S. (2010). Another day, another dollar: Enterprise resilience under terrorism in developing countries. Journal of International Business Studies, 41 (5), 804–825. https://doi.org/10.1057/jibs.2010.6

Buganová, K., & Šimíčková, J. (2019). Risk management in traditional and agile project management. Transportation Research Procedia, 40 , 986–993. https://doi.org/10.1016/j.trpro.2019.07.138

Chroust, G., & Aumayr, G. (2017). Resilience 2.0: Computer-aided disaster management. Journal of Systems Science and Systems Engineering, 26 , 321–335. https://doi.org/10.1007/s11518-017-5335-7

Conroy, G., & Soltan, H. (1998). ConSERV, a project specific risk management concept. International Journal of Project Management, 16 , 353–366. https://doi.org/10.1016/S0263-7863(98)00012-X

Crispim, J., Silva, L. H., & Rego, N. (2019). Project risk management practices: The organizational maturity influence. IJMPB, 12 , 187–210. https://doi.org/10.1108/IJMPB-10-2017-0122

Dahlberg, R. (2015). Resilience and complexity: Conjoining the discourses of two contested concepts. Culture Unbound: Journal of Current Cultural Research, 7 , 541–557. https://doi.org/10.3384/cu.2000.1525.1572541

de Bakker, K., Boonstra, A., & Wortmann, H. (2010). Does risk management contribute to IT project success? A meta-analysis of empirical evidence. International Journal of Project Management . Elsevier Ltd and IPMA , 28 (5), 493–503. https://doi.org/10.1016/j.ijproman.2009.07.002

de Camprieu, R., Desbiens, J., & Feixue, Y. (2007). “Cultural” differences in project risk perception: An empirical comparison of China and Canada. International Journal of Project Management, 25 , 683–693. https://doi.org/10.1016/j.ijproman.2007.07.005

de Carvalho, M. M., & Rabechini Junior, R. (2015). Impact of risk management on project performance: The importance of soft skills. International Journal of Production Research, 53 (2), 321–340. https://doi.org/10.1080/00207543.2014.919423

Dey, P. K. (2012). Project risk management using multiple criteria decision-making technique and decision tree analysis: A case study of Indian oil refinery. Production Planning and Control, 23 , 903–921. https://doi.org/10.1080/09537287.2011.586379

Durst, S., Bruns, G., & Henschel, T. (2018). The management of knowledge risks: What do we really know? In Global business expansion: Concepts, methodologies, tools, and applications (pp. 258–269). IGI Global.

Chapter   Google Scholar  

Elkington, P., & Smallman, C. (2002). Managing project risks: A case study from the utilities sector. International Journal of Project Management, 20 , 49–57. https://doi.org/10.1016/S0263-7863(00)00034-X

European Standard 12973. (2000). Value management.

European Standards 12973. (2000). EN 12973.

Fitsilis, P. (2008). Comparing PMBOK and agile project management software development processes. Advances in Computer and Information Sciences and Engineering , 378–383. https://doi.org/10.1007/978-1-4020-8741-7_68

Geraldi, J. G., Lee-Kelley, L., & Kutsch, E. (2010). The Titanic sunk, so what? Project manager response to unexpected events. International Journal of Project Management, 28 , 547–558. https://doi.org/10.1016/j.ijproman.2009.10.008

Henschel, T., & Durst, S. (2016). Risk management in Scottish, Chinese and German small and medium-sized enterprises: A country comparison. International Journal of Entrepreneurship and Small Business, 29 (1), 112–132.

Henschel, T., & Lantzsch, A. D. (2022). The relationship between ERM and performance revisited: Empirical evidence from SMEs. In Risk management: Insights from different settings (pp. 95–113). Springer.

ISO 31000. (2018). International Organization for Standardization: Geneva, Switzerland.

Javani, B., & Rwelamila, P. M. D. (2016). Risk management in IT projects – A case of the South African public sector. International Journal of Managing Projects in Business, 9 , 389–413. https://doi.org/10.1108/IJMPB-07-2015-0055

Jiang, J. J., & Klein, G. (2001). Software project risks and development focus. Project Management Journal, 32 , 4–9. https://doi.org/10.1177/875697280103200102

Jun, L., Qiuzhen, W., & Qingguo, M. (2011). The effects of project uncertainty and risk management on IS development project performance: A vendor perspective. International Journal of Project Management, 29 , 923–933. https://doi.org/10.1016/j.ijproman.2010.11.002

Keeney, R. L., & Raiffa, H. (1993). Decisions with multiple objectives – Preferences and value tradeoffs . Cambridge University Press.

Book   Google Scholar  

Kutsch, E. (2008). The effect of intervening conditions on the management of project risk. International Journal of Managing Projects in Business, 1 (4), 602–610. https://doi.org/10.1108/17538370810906282

Laursen, M., & Svejvig, P. (2016). Taking stock of project value creation: A structured literature review with future directions for research and practice. International Journal of Project Management, 34 , 736–747. https://doi.org/10.1016/j.ijproman.2015.06.007

Lepak, D. P., Smith, K. G., & Taylor, M. S. (2007). Value creation and value capture: A multilevel perspective. Academy of Management Review, 32 , 180–194. https://doi.org/10.5465/AMR.2007.23464011

Linnenluecke, M. K. (2017). Resilience in business and management research: A review of influential publications and a research agenda. International Journal of Management Reviews, 19 (1), 4–30. https://doi.org/10.1111/ijmr.12076

Marle, F. (2020). An assistance to project risk management based on complex systems theory and agile project management. Complexity . https://doi.org/10.1155/2020/3739129

Mendelow, A. (1991). Stakeholder mapping. In Proceedings of the 2nd international conference on information systems .

Mitchell, R. K., Agle, B. R., & Wood, D. J. (1997). Toward a theory of stakeholder identification and salience: Defining the principle of who and what really counts. The Academy of Management Review, 22 , 853–886. https://doi.org/10.2307/259247

Morris, P. (2013). Reconstructing project management . Wiley Blackwell.

Muhammedamin, H., Hagelaar, G., van der Velde, G., & Omta, S. W. F. (2021). Conceptualization of SMEs’ business resilience: A systematic literature review. Cogent Business & Management, 8 (1). https://doi.org/10.1080/23311975.2021.1938347

Murray-Webster, R., & Simon, P. (2006). Making sense of stakeholder mapping . PM World Today Tips and Techniques.

PMI. (2013). A guide to the project management body of knowledge (PMBOK guide) (5th ed.). PMI.

PMI. (2017). A guide to the project management body of knowledge (PMBOK guide) (6th ed.). PMI.

Qazi, A., Quigley, J., Dickson, A., & Kirytopoulos, K. A. (2016). Project Complexity and Risk Management (ProCRiM): Towards modelling project complexity driven risk paths in construction projects. International Journal of Project Management, 34 , 1183–1198. https://doi.org/10.1016/j.ijproman.2016.05.008

Quartermain, M. (2002). Value engineering. In Management A.f.P (Ed.), Project management pathways . Association for Project Management.

Radner, R., & Shepp, L. (1996). Risk vs. profit potential: A model for corporate strategy. Journal of Economic Dynamics and Control, 20 , 1373–1393. https://doi.org/10.1016/0165-1889(95)00904-3

Raz, T., & Michael, E. (2001). Use and benefits of tools for project risk management. International Journal of Project Management, 19 , 9–17. https://doi.org/10.1016/S0263-7863(99)00036-8

Sanchez, H., Robert, B., Bourgault, M., & Pellerin, R. (2009). Risk management applied to projects, programs, and portfolios. International Journal of Managing Projects in Business, 2 , 14–35. https://doi.org/10.1108/17538370910930491

Scholz, R. W., & Tietje, T. O. (2002). Embedded case study methods: Integrating quantitative and qualitative knowledge . SAGE.

Serpell, A. F., Ferrada, X., & Rubio, L. (2019). Measuring the performance of project risk management: A preliminary model. Organization, Technology and Management in Construction: an International Journal, 11 , 1984–1991. https://doi.org/10.2478/otmcj-2019-0005

Serra, C. E. M., & Kunc, M. (2015). Benefits realisation management and its influence on project success and on the execution of business strategies. International Journal of Project Management, 33 , 53–66. https://doi.org/10.1016/j.ijproman.2014.03.011

Shenhar, A., Dvir, D., Levy, O., & Maltz, A. (2001). Project success: A multidimensional strategic concept. Long Range Planning, 34 , 699–725. https://doi.org/10.1016/S0024-6301(01)00097-8

Shimizu, T., Won Park, Y., & Hong, P. (2012). Project managers for risk management: Case for Japan. Benchmarking: An International Journal, 19 (4/5), 532–547. https://doi.org/10.1108/14635771211257990

Sommer, S., & Loch, C. (2003). Incomplete incentive contracts under ambiguity and complexity. SSRN Electronic Journal . https://doi.org/10.2139/ssrn.452521

Taleb, N. N. (2012). Antifragile: Things that gain from disorder . Random House Publishing Group.

Tavares, B. G., da Silva, C. E. S., & de Souza, A. D. (2019). Risk management analysis in Scrum software projects. International Transactions in Operational Research, 26 , 1884–1905. https://doi.org/10.1111/itor.12401

Testorelli, R., & Verbano, C. (2020). Value creation with project risk management: A systematic literature review. In Business theory and practice across industries and markets, EuroMed academy of business conference book of proceedings (pp. 1399–1404).

Testorelli, R., & Verbano, C. (2022). An empirical framework to sustain value generation with project risk management: A case study in the IT consulting sector. Sustainability, 14 , 12117.

Tognazzo, A., Gubitta, P., & Favaron, S. D. (2016). Does slack always affect resilience? A study of quasi-medium-sized Italian firms. Entrepreneurship and Regional Development, 28 (9–10), 768–790. https://doi.org/10.1080/08985626.2016.1250820

Turner, R., Ledwith, A., & Kelly, J. (2010). Project management in small to medium-sized enterprises: Matching processes to the nature of the firm. International Journal of Project Management, 28 , 744–755. https://doi.org/10.1016/j.ijproman.2010.06.005

Voss, C., Tsikriktsis, N., & Frohlich, M. (2002). Case research in operations management. International Journal of Operations & Production Management, 22 , 195–219. https://doi.org/10.1108/01443570210414329

Wallace, L., Keil, M., & Rai, A. (2004). Understanding software project risk: A cluster analysis. Information & Management, 42 , 115–125. https://doi.org/10.1016/j.im.2003.12.007

Williams, N., Vorley, T., & Ketikidis, P. H. (2013). Economic resilience and entrepreneurship: A case study of the Thessaloniki City Region. Local Economy, 28 (4), 399–415.

Willumsen, P., Oehmen, J., Stingl, V., & Geraldi, J. (2019). Value creation through project risk management. International Journal of Project Management, 37 , 731–749. https://doi.org/10.1016/j.ijproman.2019.01.007

Winter, M., Smith, C., Morris, P., & Cicmil, S. (2006). Directions for future research in project management: The main findings of a UK government-funded research network. International Journal of Project Management, 24 , 638–649. https://doi.org/10.1016/j.ijproman.2006.08.009

Yeo, K. T., & Ren, Y. (2009). Risk management capability maturity model for complex product systems (CoPS) projects. Systems Engineering, 12 , 275–294. https://doi.org/10.1002/sys.20123

Yin, R. K. (2013). Case study research: Design and methods (5th ed.). SAGE.

Download references

Acknowledgments

The authors gratefully acknowledge the Grant VERB_SID19_01 funded by the University of Padova.

Author information

Authors and affiliations.

University of Padova, Padua, Italy

Raffaele Testorelli, Anna Tiso & Chiara Verbano

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Raffaele Testorelli .

Editor information

Editors and affiliations.

Business and Economics, Reykjavík University, Reykjavik, Iceland

Susanne Durst

Faculty of Business and Law, HTW Berlin – University of Applied Science, Berlin, Berlin, Germany

Thomas Henschel

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Testorelli, R., Tiso, A., Verbano, C. (2024). Increasing Value and Resilience Through Project Risk Management: A Case Study in the IT Consulting Sector. In: Durst, S., Henschel, T. (eds) Small and Medium-Sized Enterprise (SME) Resilience. Management for Professionals. Springer, Cham. https://doi.org/10.1007/978-3-031-50836-3_13

Download citation

DOI : https://doi.org/10.1007/978-3-031-50836-3_13

Published : 19 March 2024

Publisher Name : Springer, Cham

Print ISBN : 978-3-031-50835-6

Online ISBN : 978-3-031-50836-3

eBook Packages : Business and Management Business and Management (R0)

Share this chapter

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

• Publish with us

Policies and ethics

• Find a journal
• Track your research

Risk Management Framework of a Renewable Energy Platform

November 10, 2021

Our team of experts assisted a leading global renewable energy platform (the “Company”) in developing its risk management framework and establishing a new comprehensive hedging program.

The Company is a renewable energy infrastructure owner, developer and manager (e.g., solar and wind energy production and energy storage). As a firm operating globally and requiring significant financing, the Company is exposed to foreign exchange (“FX”) and interest rate (“IR”) risks, which were managed on an ad-hoc basis.

The Company had just received a large investment from a leading private equity firm (the “PE Firm”) and hired FTI to upgrade its operations ahead of its next growth phase. As part of its advisory work, FTI Consulting was tasked with designing the Company’s new FX and IR risk management and hedging framework.

Our team of experts reviewed the Company’s existing hedging strategies, governance, and risk controls. We assessed the effectiveness of legacy strategies and potential risk exposures derived from its unhedged positions.

Based on its review, we defined a comprehensive updated hedging framework and drafted an updated risk management policy following industry best practices and meeting the company’s objectives. As part of this framework, the team:

• Evaluated the types of derivatives appropriate for hedging FX and IR exposure that were suitable with the Company’s risk appetite and capital efficiency requirements;
• Constructed a flexible policy to accommodate future business growth and upcoming changes to include a mix of permanent financing through a multi-currency “warehouse” financing facility and project specific term loan financing;
• Identified appropriate lines of authority and governance to manage the hedging activities.

Leveraging our proprietary risk management system, FTI Quantum, we constructed a customized derivatives hedging strategy based on the Company’s current exposures and business forecast.

Key Contacts

Franck Risler, Ph.D.

Senior Managing Director, Leader of Securities, Commodities and Derivatives

• Download Case Study

Sign up to get access to FTI Consulting Insights

Marsh.com Sign in

Please sign in to access the full marsh.com site.

Click  here  to sign in as colleague

Risk Consulting

Managing risk in today's environment is complex..

It becomes even more complicated when global events such as pandemics, cyberattacks, geopolitical upheavals, or supply chain disruptions affect not only your business and employees, but also your customers, suppliers, and the economies in which you operate.

Faced with more frequent and unpredictable risks, leaders feel pressure from their boards, investors, customers, and regulators to better anticipate and minimize the impact of risks on their business’ bottom line and operations. This is more challenging than ever, as the risks of today and tomorrow are more difficult to identify, understand, quantify, and manage.

Marsh’s Advisory Consulting Solutions team helps you continually uncover insight into the most pressing business risks — and build roadmaps for better outcomes. Our team works closely and collaboratively with you to implement changes that impact financial improvement, helping you manage volatility while enhancing your risk management culture and, ultimately, bottom line. Combining specialized expertise and advanced analytics, we enable businesses to spot emerging opportunities with confidence.

We are your trusted partner as you adopt and implement new strategies to help reduce risk exposure, improve profitability, and strengthen organizational resilience.

The Global Risks Report

The top risks for 2024 and beyond. Data and insights from more than 1,400 global experts and leaders.

Our expertise

• Enterprise Risk and Resilience
• Property Consulting
• Casualty Consulting
• Strategic Risk Consulting
• Governance, Risk, and Compliance

Featured insights

Business Continuity Management: How to boost its effectiveness

Marsh can help your organization improve existing risk management processes and business continuity plans for enhanced agility and resilience during crises.

Actuarial considerations within a UK captive regime

Actuarial considerations are important for a potential UK captive regime, which would enhance the country's position in the insurance market.

Six reasons why you use an Insurance Broker

Understanding the value of working with a trusted insurance broker. The importance of being risk aware and how a broker can help identify gaps in your cover to protect your business for growth.

Learn more about Marsh’s other Advisory capabilities

We act as a trusted partner in the face of change, helping clients better anticipate future challenges and capitalize on emerging opportunities through proactive risk advice that builds resilience and confidence.

Case studies

Addressing physical and psychosocial risks

Marsh’s Advisory Workforce Strategies team developed a bespoke audit tool, covering physical and psychosocial risk management to assist with understanding and managing psychosocial risks and complying with new legislation.

Navigating earthquake risk for a Pacific port

Marsh’s Advisory Property Risk Solutions team undertook a comprehensive earthquake analysis using our natural catastrophe specialists to assess the client’s earthquake risk, evaluate the adequacy of current insurance arrangements and support negotiations with key stakeholders using objective analysis of the risk.

Building a resilience plan for a Rental company

A UK-based rental company experienced record growth during the COVID-19 pandemic. But with no centralized resilience strategy, the firm was exposed to a high level of disruption.

What is risk consulting?

Essentially, a risk advisor learns about the pressures, risks and opportunities surrounding your specific business and the wider market. Everything from political risk to financial crime is analyzed in the right perspective, showing how it may affect what you do. Research and analysis of critical data is a major element of risk advisory services, but so is deep industry knowledge, as well as the ability to collect and draw insights from complex information. It is essential for organizations hoping to anticipate and mitigate risk and develop risk management strategies in the face of turbulence. You can plan ahead for risk.

Why do businesses need risk consulting services?

The best risk consultants are a trusted advisor, helping you develop risk strategy unique to your industry and specific business goals. We leverage proven methodologies and models built on what we’ve been learning for many decades. Therefore, you have a confident response to the rich, ever-changing variables that affect business around the globe. It’s not just about managing and recuperating the cost of risks, but preventing them from ever happening – and turning them to your advantage to advance profit, capital, and innovation opportunities.

With our assistance, you’re able to:

• Make smarter decisions: Our risk consultants have a deep understanding of the type of risks you may encounter, such as the industry or political risk, based on a significant amount of trend and data analysis. In addition, we are embedded within regions ourselves for even sharper insights. We’ve developed extensive risk mitigation and management strategies, helping our clients plan for unforeseen events.
• Effectively communicate risk goals and strategies: Getting everyone on the same page is crucial for risk management to launch and thrive. We can help you facilitate an ongoing conversation between key stakeholders, so you have buy-in and a shared realistic understanding of the outcomes you are working towards.
• Increase productivity: Many risk departments are being forced to do more with less. Risk consultants can extend your team, scaling up or down with business needs. We also allow you to tap into a pool of highly specialists that may be needed for a specific situation or challenge.
• Improve operations: We can work with you to build proactive business risk management processes and practices, thereby reducing and preventing the chance of business interruption. We conduct a full audit of risk management processes, assessing gaps and streamlining changes. This can reduce compliance risk that could result in fines or criminal charges.

What areas does risk consulting typically cover?

Typically, we look at an enormous range of risk – from enterprise risk management to specialist financial, manufacturing, supply, software, and environmental concerns. Thanks to our size and global reach, Marsh has wide ranging solutions to counter risk at every turn. Yet some of our more persistent areas of attention include:

• Property engineering and loss control
• Valuation services
• Property risk modeling
• Risk quality assessment
• Risk management and claims advocacy
• Casualty risk
• Workforce solutions
• Employee management
• Workers compensation
• Regulation and compliance issues
• Health and safety consulting
• Loss prevention and mitigation
• Cybersecurity
• Enterprise risk management
• ESG risk management
• Supply chain
• Business continuity management
• Crisis management
• Claims management
• Captives management

What are the benefits of risk consulting?

With risk consulting services, you can have peace of mind that your approach to evaluating and managing risk is built upon best practices and proven methodologies – and by specialists who understand your industry and challenges. A risk advisor can make it easier for you to dive further into your risks and use these insights to your advantage. Here are a few of the many potential benefits of risk consulting:

• Make informed decisions: A risk consultant understands the types of risks that can impact your business, studies the latest risk trends and data affecting your industry, and has experience developing mitigation and management strategies and plans. This knowledge puts you in a better position to plan for unforeseen events and advise your business on optimal risk management strategies.
• Effectively communicate risk goals and strategies: Risk management and mitigation starts with conversing about the problem and potential solution. Hiring a risk advisor means getting involved in an ongoing conversation that puts your entire team on the same page and makes it easier to work together to form a solution.
• Increase productivity: Many risk departments are being forced to do more with less. Risk consultants can act as an extension of your team and give you the ability to scale up or down based on your business needs.
• Improve operations: Risk consultants can audit your existing risk management processes, identify inefficiencies, and create plans to streamline them.

Other benefits include meeting compliance requirements, making operational improvements, and more. 

Global leadership

Giampaolo Scarso

International Leader, Marsh Advisory

Richard Baudin

International Specialties Advisory Practice Leader

Stephen McKay

Property Consulting Leader, Marsh Advisory

Contact us to get in touch with an industry or risk subject matter expert, learn more about a specific solution or submit a sales/RFP inquiry.

Case Study - Corporate Investigation and Risk Consulting Firm

Corporate investigation and risk consulting firm, the challenge.

Our client needed to build two teams of financial compliance subject-matter experts to help their client respond to a multitude of regulatory demands. The teams would ultimately be tasked with combing through a high volume of consumer transaction data looking for abnormalities, red flags and other relevant financial services information. The challenge: The teams needed to be familiar with the particular software that the client was using or be able to get up to speed quickly.

The Solution

Having worked with MLA Interim Legal Talent before, our client knew we would be able to identify talented compliance experts who could hit the ground running. They also knew they would receive stellar support from the MLA Interim team to ensure a smooth and compliance on-boarding integration and engagement process.

Our client needed the teams in place within two weeks. We were able to lean on our deep network of lawyers to screen and place 22 compliance experts and have them supporting our client’s client within a month’s time. The chosen consultants were technologically savvy and able to not only manage the IT aspects of the project but also review transactions and synthesize information from other sources to render judgement on certain transactions / users of their underlying client’s exchange system.

The Results

Because we were able to move quickly, MLA Interim helped our client display the depth and agility that makes them an outstanding partner to their clients. They were able to explore a new way to make their consulting engagements scalable while also making their client happy.

By using interim legal talent, you can take the time to carefully consider direct placement hiring options and find an excellent candidate while getting the work done in the meantime.

Need time to figure out the right structure of your legal team before making permanent hires? Take that time and still get the work done with the support of consulting attorneys.

Our client was using an AmLaw 50 firm to handle IT vendor contracts. Recognizing the significant expenses associated with using traditional outside legal counsel, our client sought a more cost-effective approach to meet their legal needs without compromising on quality or expertise.

• +61 (0) 450610672 (Australia)
• +44 (0) 7710194472 (London)
• [email protected]

CASE STUDIES

Operational risk management, client requirement:.

To undertake a firm wide review the existing risk management practices and:

• Enhance the existing risk management framework (processes, procedures and policies)
• Review all management risk reporting processes and enhance/optimise where possible to meet best practice and regulatory requirements
• Enhance the firm’s risk management culture and employee buy-in to risk management practices.

GRC Approach:

GRC’s approach was to quickly gain an understating of the firms business model and operational landscape through one on one interviews with a number of key stakeholders in each business unit

• Undertake a high level risk assessment across the business and with some of the company’s portfolio companies (investees)
• Review and gap assess all components of the Company’s risk existing risk management framework, processes, procedures and risk reports
• Make a series of recommendations for improvement, outlining key benefits vs costs and risks
• Seek buying from key internal stakeholder such as COO, CFO, Partners, Head of Compliance, General Counsel (US & UK)
• Develop a project plan to deliver the proposed enhancements throughout each quarter aligned to key benefits that could be tracked when realised.

After a year of delivery both remotely and at the client’s Mayfair office, GRC had successfully:

• Restructured the company’s risk management framework to meet global best practice and to meet the FCA’s domestic requirements
• Developed and embedded a formal Three Lines of Defence approach to risk management within the company
• Drafted and had approved by the Board formal terms of reference for: Board, Group and Operational Risk, Valuation Committee, Exco Committees
• Developed risk based/structured Operational and Group Risk reports
• Developed risk based MI reports for the Board and key Chaired the Operational Risk Committee
• Restructured the key risk reports and risk MI to ensure accurate reporting to the key stakeholders
• Restructured the company’s three risk registers into a signal Group risk register, that structured around a board approved risk taxonomy
• Designed, developed and had approved a formal risk taxonomy
• Developed a methodology for carrying out ‘deep dive’ risk assessments with business units and aggregating risks into the group register
• Developed a number of key risk related polices including: Risk Management and Critical Outsourcing/Vendor Management
• Developed and delivered a number risk management educational/training/mentoring sessions.

Review the banks Operational Risk Management Framework and improve where required in line with best practice in preparation for change in ownership.

• Information Gathering:  Interviews with key stakeholders
• Data Consolidation and Problem Identification:  Review and consolidate data to identify key areas of concern / problems.
• Gap Analysis:  Carry out detailed gap analysis of existing framework (structure, processes and procedures) against best practice (COSO2, Basel 2/3, ISO31000).
• Findings Validation:  Validate findings with key Stakeholders.
• Delivery Plan Development:  Develop project plans to remediate and improve problem areas identified.
• Progress Reporting:  Report on progress, problems and successes. Delivery managed within a formal project risk management approach.
• Identified a number of areas for improvement, particularly in relation to risk and issues data quality – non compliance with current and future regulations (Basel 2/3, ICAAP, IT Risk Management process, BSCB239).
• Gaps in formal process for risk data aggregation and Issue management.
• Lack of integration of IT risk assessment results into Group Operational Risk register.
• Development of consistent risk evaluation and reporting data set (Key Data Elements – KDEs).
• Structuring of risk reporting formats for internal Committees (Op Risk, Board Risk, Exco) and external stakeholders (RBS, regulators).
• Risk identification and awareness workshops.
• Improvement of the risk data capture process.
• Improvement of the RCSA process.
• Enhancement of the GRC data capture tool – to better capture, consolidate and report risk data.
• Development of a formal architecture to meet BCSB239 requirement.
• Undertake an assessment of Internal Capital Adequacy, write and submit to the regulator an annual ICAAP submission.
• Develop a process that could be replicated across the Group to complete ICAAP submissions in a consistent way annually.
• Background / information gathering:  Interviews with key stakeholders, across domestic and international entities.
• Gap analysis:  Carry out detailed gap analysis of Dutch and UK regulatory requirements and existing internal processes.
• Process development:  Develop ICAAP and adapt to the organisation’s structure.
• Stakeholder analysis:  Determine who the key stakeholders were in order to conduct the risk evaluation workshops, and approval of collected data.
• Risk assessments:  Conduct detailed risk assessment across all key business units and critical processes (structured interviews).
• Develop Risk Scenarios:  Develop a series of risk impact scenarios to help define the potential risk impact probability and cost.
• Data consolidation and exposure calculation:  Consolidate the obtained data and model the potential frequency and cost of potential scenarios.
• Organise and run scenario validation workshops:  Plan and run a series of scenario validation workshops with identified key stakeholders.
• Findings validation:  Validate findings (risk, gaps & improvement actions) with key Stakeholders.
• Regulator discussions and approval:  Frequent discussions with local regulator in relation to ICAAP results.
• ICAAP submission drafting:  Write formal ICAAP submission using validated workshop findings.
• Formal ICAAP Submission Approval:  Seek formal approval of ICCAP data and draft submission document.
• Compliance with regulatory requirements.
• Improved understanding of the need for risk management across the group.
• Improved, repeatable ICAAP development process.
• Developed ICAAP data library and use process.
• More confident management.
• More confident regulator as to the robustness and sustainability of the company.

Assess and improve the IT Risk Management process to meet best practice and help improve risk management effectiveness within a multi-billion euro change program of work (Run the Bank / Change the Bank).

• Background / Information Gathering:  Discussions with key stakeholders to identify, what works, what doesn’t, and required improvements.
• Gap Analysis:  Conducted formal gap analysis (against regulatory requirements (Basel2/3, COSO2, ITIL, COBIT5).
• Risk Assessments:  Conducted a number of risk assessment workshops to understand process and gaps on key projects, locally and internationally.
• Results Consolidation:  Consolidated / aggregated results.
• Findings Presentation:  Presented findings to key stakeholders and made recommendations for improvements.
• Project Planning:  Developed program plan to implement improvement actions.
• Policy Review:  Reviewed and gap assessed a number of key policies.
• Reengineered the IT / Operational risk management processes and risk register data capture investigative question sets. Resulting in more efficient framework processes. More accurate & meaningful data. More effective management reporting.
• Aligned and integrated the IT risk taxonomy with Basel 2 risk types for operational risk classification.
• Improved understanding of risk management use and process.
• Identification of the fact that there were too many similar processes operating at different levels within the Bank and that there was significant data duplication that contributed to the operational risk – poor management, duplicated effort, confusion, inaccurate reporting.
• Delayered & consolidated a number of redundant / duplicated risk management processes.
• More accurately defined IT risks, that clearly articulated the inherent exposure and its impact on the banks operational processes.
• More efficient and effective mitigation actions – to reduce the identified risk exposures.
• Better informed stakeholders and management.

Review current operational risk management framework, gap identification, make recommendations for improvement. Key considerations: ensure risk management practices are embedded within the business and management are conforming to risk management practices / culture. Be able to:

• Provide the Board and senior management with an accurate risk profile of the business.
• Provide the Board with assurance that effective risk controls where operating.
• Risk Maturity Assessment:  Reviewed the maturity of the current risk management framework and process – via stakeholder interviews.
• Gap Analysis (against best practice):  Benchmarked the current risk management framework structure and processes against industry best. practice and identified areas for improvement.
• Detailed Risk Assessment:  Detailed risk assessment undertaken across entire business with key stakeholders. Data consolidation undertaken, and key risks and controls presented to the board and management.
• Risk Culture Assessment:  Carried out assessment of risk culture to determine stakeholder knowledge levels and attitudes to risk ownership’ Recommendations for improvement and delivery plan developed.
• Framework Development:  Development of all framework components (processes, procedures & policies), where gaps and improvement actions identified. Including risk appetite and tolerance statements and metrics.
• Framework Documentation:  Development / enhancement of all framework documentation (processes, policies & training material).
• Training and Awareness:  Developed and delivered formal risk management training for a range of stakeholders (Board members, senior managers, & suppliers).
• Stakeholder Communication:  Developed consistent stakeholder communication in relation to the to the rolling out of the framework and ensuring that key partners and stakeholders, understood need to use and complied.
• Risk Profile:  Company’s risk profile developed, refined and keys risks communicated to risk owners and management.
• Risk Appetite / Tolerance:  Risk Appetite and Tolerance parameters and statements developed and agreed by the Board.
• Greatly improved risk management processes. Increased understanding of importance of risk management.
• More confident and engaged workforce.

Review the existing payments services business in line with PSD2 regulations.

• Annual assessment of the adequacy and effectiveness of policies and procedures in place
• Implemented appropriate procedures to mitigate the internal and external financial crime risk trends
• Developed new risk scoring based on the Wolfsburg principles for the AML controls
• Reviewed the reporting and escalation procedure of the significant financial crime risk issues and exceptions
• Supported the AML teams’ reviews across the business and confirming all risks are dealt with appropriately
• Managed the monitoring of FCC indicators
• Audit Framework:  Establishment of the framework for annual assessment of financial crime compliance policies and procedures
• Wolfsburg principles  adopted, and associated controls implemented
• Audit maturity level:  Complimented with the maturity matrix showcasing the maturity level of the Financial Crime Compliance
• Compliance monitoring  streamlined and put to effective operation
• Financial crime risk trends:  Instances of internal collusion eradicated, KRIs reported against the baseline. Procedures and controls put in place to identify and manage external financial crime risk trends

Review the existing payments services business in line with PSD2 regulations

• Responsible for developing the PSD2 gap assessment report
• Evaluated the existing policies, procedures and systems/controls to advise appropriate action plans to comply to PSD2
• Suggested the complaints handling procedure changes per the regulatory standards
• Risk assessed the two factor authentication requirements to identify the system level changes required
• Detailed the new reporting requirements
• Articulated the key requirements in business continuity and disaster recovery policies, procedures, systems and controls
• Business Impact Assessment:  Detailed report on as-is to expected practices in all the PSD2 required disciplines. Rapidly adaptable proven recommendations that addresses the gaps identified to become PSD2 compliant
• Policies, Procedures, Systems and Controls:  360-degree assessment that helped the client to see their current position in existing policies, procedures and systems/controls, and advising appropriate action plans for the required improvements
• Complaints Handling:  Design strategy and planning to implement the necessary changes in complaints handling procedures and associated operational changes
• Strong Authentication:  Recommendations on system level changes towards implementing strong authentication and dynamic linking of the payment transactions
• BCP and DR:  Plausible scenarios identified, and appropriate mitigation strategies and planning put in place to address the BC/DR situation should the need arise. Witnessed the implementation of the required changes in BCP & DR policies, procedures, systems and controls
• New reporting and Notification requirements:  Articulated the new reporting obligations and assisted the client to formulate required procedures and controls to implement them
• Operational and Security Risks : Assisted the client for establishing a robust risk management framework that focusses on security measures to mitigate the operational and security risks. The framework addressed right from the governance arrangements to identification of risks and their assessment, to data protection and detection of the risks and subsequently addressing the business continuity arrangements.

Assist with the FCA application submission process to register as an API for performing Payment Initiation Service

• Responsible for guiding and supporting with the application submission process
• Assisted with the business and marketing plan
• Conducted workshops to identify and articulate how the firm is structurally organised, what are the governance arrangements and internal control mechanisms in place, how the firm manage and report fraud and security related customer complaints
• Interpreted the requirements on how the firm intend to protect sensitive payment data, business continuity and disaster recovery arrangements
• Reviewed the security policy document to confirm it demonstrates the operational and security risk management framework in place
• Reviewed the anti-money laundering and terrorist financing policy that articulates the detailed risk assessment, with associated systems and controls, the officer responsible for reporting suspicious activities to national crime agency
• Provided guidance to calculate the required amount for professional indemnity insurance
• Governance arrangements and internal control mechanisms:  Risks identified and mapped for all the business units and at the corporate level. Appropriate governance arrangements witnessed incorporating various committees for approval of capital, strategy, design and execution.
• Fraud and security related customer complaints:  Helped the client to distinguish between the customer complaints raised for security incidents and other customer complaints. Articulated how the existing framework can be utilised for fraud scenarios by creating a subset of risks relevant to security and vulnerability to fraud.
• BCP and DR:  Assisted the client to articulate various plausible scenarios that can disrupt the business and appropriate mitigation strategies and planning put in place to address the BC/DR situation should the need arise. Assisted the client to incorporate the required changes in BCP & DR policies, procedures, systems and controls
• Security policy:  Assisted the client for establishing a robust operational and security risk management framework that focusses on security measures to mitigate the operational and security risks. The framework addressed right from the governance arrangements to identification of risks and their assessment, to data protection and detection of the risks and subsequently addressing the business continuity arrangements
• Anti-money laundering and terrorist financing policy:  Enabled the firm to deter and detect financial crime, incorporated changes to the policy, risks assessed in relation to firm’s customer base, products & services provided, distribution channels used and the geographic areas of operation. Evaluated the risk mitigation strategies and helped the client with planning and subsequently implementing the required controls.
• PSR and EBA obligations on firms from 13 January 2018:  Complimented the application submission with the document on firm’s obligations towards PSD2 regulations.

IT RISK MANAGEMENT

Design, develop and implement a best practice and globally compliant IT risk management framework.

• Background / information gathering:  Gather information via investigative questionnaires re key process, products, people, ways of working.
• Best practice gap analysis:  Assessed the current international best practices for IT risk management including COBIT, ITIL, ISO270001.
• Detailed risk assessment:  Carried out program of detailed risk assessments (interviews and workshops) across key business units / functions.
• Risk culture assessment:  Carried out assessment of risk culture to determine stakeholder knowledge levels and attitudes to risk ownership.
• Framework development:  Development of all framework components (processes, procedures & policies) .
• Framework testing:  Full testing of all framework components and processes within Insurer locally and with key 3rd party suppliers.
• Framework documentation:  Development of documentation relating to all components of the framework (policies, processes & procedures).
• Rollout planning & delivery:  Developed rollout plan for Europe and US businesses. Fully approved by Exco. Fully delivered.
• Training and awareness:  Developed and delivered formal risk management training for a range of stakeholders (CISOs, Account Managers, senior managers, board level executives & suppliers), in a number of countries.
• Stakeholder communication:  Developed consistent stakeholder communication in relation the to the rolling out of the framework.
• Successfully, developed and implemented an innovative and regulatory compliant IT Risk management framework that was classed as ‘Best of Breed’ by PWC’s external auditors.
• Rolled out framework and training internationally to all of Insurer’s main offices in each country (US, Switzerland, EU and UK).
• Established and trained a team of 8 internal staff internationally to be competent IT / Operational risk managers.
• Successfully training all key stakeholders (internally and externally, domestically and internationally).
• Identified numerous key risks, resulting in re-engineered business processes, replaced a number of suppliers, created new projects.
• Improved senior management reporting and board level communication in relation to risk.
• Implemented formal risk culture monitoring and measurement approach.
• Enhanced business / IT resilience capability.
• Significant cost savings.
• Design, develop and implement an Enterprise Risk Management (ERM) framework that is IT centric to help reduce the potential for failure of this flagship multi billion £ project.
• Develop a risk management culture that embraces risk management ‘ways of working’ in everything that is done.
• Establish effective risk management reporting to enable senior management to report effectively to government sponsors and key stakeholders.
• Risk maturity assessment:  Reviewed current risk management framework and process, via stakeholder interviews.
• Gap analysis (against best practice):  Benchmarked the current risk management framework structure and processes against industry best practice and identified areas for improvement.
• Detailed risk assessment:  Detailed risk assessment undertaken across entire business with key stakeholders. Data consolidated, and key risks and controls presented to the board and management.
• Risk culture assessment:  Carried out assessment of risk culture to determine stakeholder knowledge levels and attitudes to risk ownership. Recommendations for improvement and delivery plan for execution developed.
• Developed all framework documentation (processes, policies & training material).
• Developed and delivered formal risk management training for a range of stakeholders (Board members, senior managers, & suppliers). This included 36 senior project managers.
• Developed consistent stakeholder communication process in relation to the rolling out of the framework and ensuring that key partners and stakeholders.
• Department’s risk profile developed, refined and keys risks communicated to risk owners and management.
• As a result of identifying, evaluating and pricing risk exposures and required mitigation action actions and correct risk ownership of these with key stakeholders, a total of £85 Million of project costs were removed from the various project contracts with key suppliers.
• More confident senior management and workforce.
• More efficiently delivered projects, reduced operational costs.

Design, develop and implement a best practice enterprise Risk Management (ERM) Framework that can be sustained over the long term to protect and enhance the businesses profitability.

• Gap Analysis (against best practice):  Benchmarked the current risk management framework structure and processes against industry best practice and identified areas for improvement.
• Risk assessments:  Detailed risk assessment undertaken across entire business with key stakeholders. Data consolidated, and key risks and controls presented to the board and management.
• Risk culture assessment:  Carried out assessment of risk culture to determine stakeholder knowledge levels and attitudes to risk ownership. Recommendations for improvement and delivery plan developed.
• Developed all framework components (processes, procedures & policies), where gaps and improvement actions identified.
• Developed and delivered formal risk management training for a range of stakeholders (board members, senior managers, & suppliers). Developed consistent stakeholder communication in relation to the to the rolling out of the framework and ensuring that key partners and stakeholders, understood the need to use and complied.
• Developed comprehensive stakeholder management map / engagement plan to ensue that all stakeholders understood the benefits of risk management and risks of not doing risk management well. This extended to Trade Unions, government departments, operational partners, shipping companies, rail companies, transport companies, oil companies, and military.
• Optimised business continuity plan.
• Improved operational processes.
• Optimised Insurance program.
• More confident board and stakeholders (decision making).

ENTERPRISE RISK MANAGEMENT

• Develop, design and implement an Enterprise Risk Management (ERM) framework to assist with the successful management of the UK government’s Public Sector Agreement targets (PSAs).
• Develop risk management culture: enhance awareness of risk management requirements across the department. Encourage proactive risk ownership throughout senior management and wider organisation.
• Gap analysis & maturity review:  Carried out detailed benchmark of department’s current risk management practices against recommended best practices (COSO, ISO31000, ISO27001).
• Risk assessments:  Conducted detailed risk assessment across the core business units and functions.
• Findings consolidation:  Review findings and consolidated to produce a consistent / common set of agreed risks across the business.
• Results communication:  Communication of key risks, risk ownership and mitigation processes to key stakeholders within government.
• Designed, developed and implemented all framework components, process, policies and procedures.
• Identified and agreed appropriate mitigation actions with all risk owners.
• Defined key government and European regulatory requirements and processes to ensure compliance.
• Developed and implemented a formal risk committee with Terms of Reference to agree major risks and mitigation actions.
• Ensured that the National Audit Office (NAO) played a key role in reviewing (auditing) and approving the proposed risk management and governance processes and infrastructure.
• Ensured that risk management and governance processes were incorporated into the formal project management process.
• Developed key metrics for benefits realisation measurement – of key initiatives, major projects and high value spends.
• Development and implementation of a formal risk reporting framework and process, for Risk Management Committee.
• Department’s business objectives were more clearly defined, allowing resources and commitment required to achieve these to better understood.
• Improved understanding of the need to use risk management to drive performance and deliver results.
• More confident & engaged workforce.

Design, develop and implement a best practice enterprise Risk Management Framework (ERM) that can be sustained over the long term to protect and enhance the businesses profitability.

• Risk assessment:  Detailed risk assessment undertaken across entire business with key stakeholders. Data consolidation undertaken, and key risks and controls presented to the board and management.
• Findings consolidation:  Findings consolidated to produce a consistent / common set of agreed and prioritised risks across the business.
• Developed company’s risk profile, refined and key risks communicated to risk owners (management, partners, suppliers).
• Optimised insurance program.

Design, develop, implement and embed, a comprehensive Enterprise Risk Management (ERM) Framework.

• Information gathering:  Undertook series of investigative / consultative discussions (interviews) across the business with a range of different stakeholders– business units and functions.
• Stakeholder analysis:  To determine who most the most important stakeholders were and why (internal & external).
• Risk assessment:  Undertook detailed risk review across all group’s operations, business units and functions.
• Governance & reporting requirements:  Establish a formal risk committee with Terms of Reference (ToRs) to agree major risks and mitigation actions. Ensured that risk management and governance processes were incorporated into the formal project management process.
• Risk culture review:  Undertook risk culture review across key stakeholders, to determine level of risk understanding and attitude toward risk management.
• Developed corporate risk profile and communicated to key stakeholders.
• Design, development and implemented all risk management and BCP framework components (process, policies and procedures).
• Designed risk culture enhancement / management framework and achieved management buy-in.
• Reviewed corporate strategy and linked to key risks and business objectives.
• Reviewed the company’s physical security plan, identified gaps and outlined areas for improvement.
• More cost effective insurance program, clearly linked to key risk exposures.
• Developed and implemented a formal risk reporting framework and process, for Risk Management Committee.
• Enhanced confidence of key suppliers of company’s performance, sustainability and robustness.

Design, develop and implement / embed, a comprehensive Enterprise Risk Management (ERM), Framework.

• Background / information gathering:  Undertook a series of investigative / consultative discussions with a range of different stakeholders across the department – business units / functions.
• Stakeholder analysis:  Carried out detailed stakeholder analysis to determine who the key stakeholders were (internally & externally).
• Gap analysis & maturity review:  Carried out detailed benchmark of department’s current risk management practices against recommended best practices (COSO, ISO31000, ISO27001), and local regulatory requirements Improvement actions defined.
• Regulatory requirement assessment:  Defined key local and regional government and regulatory requirements (MAS, SFC). Recommended improvement actions to close gaps to compliance.
• Risk assessments:  Undertook detailed risk assessments (structured interviews), with all key stakeholders, key departments and functions.
• Critical process definition:  Defined (mapped and prioritised), the businesses critical business processes.
• Findings consolidation:  Findings consolidated to produce a consistent / common set of agreed risks across the business.
• Designed, developed and implemented comprehensive risk management framework (components, process, policies and procedures).
• Developed company’s risk profile, agreed all risks with defined risk owners (internally and externally).
• Identified and agreed appropriate mitigation actions with all risk and identified mitigation owners (if different).
• Key operational processes definition and optimisation (process mapping, streamlining and prioritisation).
• Identified and agreed individual process owners.
• Established a formal risk committee with Terms of Reference (ToR) to agree major risks and mitigation actions for reporting to the board.
• Development and implementation of a formal risk reporting framework and process, for Risk Management Committee (RMC).
• More confident partners and suppliers.

To develop a market proposition (based on the concepts of ERM and TCoR) with the aim of stimulating the cross-selling of existing products and new consultancy linked capabilities. Products are to be based on a client centric view of risk as opposed to insurance classes. This is needed to meet the growing demand to insure intangible risk.

Review company’s existing business to evaluate what opportunities exist to develop an Enterprise Risk Management (ERM) consultancy capability as market differentiator to enhance business development opportunities.

Conducted three Gap Analysis (Product, Competitive, Opportunity)

• Product Gap – assessed 74 insurance policy products to determine extent they were efficient at mitigating know market risks.
• Competitive Gap – Assessed a set of 10 brokers, direct insurers, general insurers for their product and service offerings/ERM capabilities.
• Opportunity Gap – Assessed market trends, reviewed results of 1&2, assessed costs vs benefit of product extension.

The proposed initial product structure (5 ERM orientated products, cyber risk, enterprise/strategic risk, reputation risk, Non-Damage Business Interruption (NDBI)),  to be used as conduit through which Enterprise Risk Management (ERM) & Total Cost of Risk (TCoR) products and services could be offered to clients, thereby creating the opportunity for product extension and to ‘bolt’ on insurance products (to transfer risk exposure to the insurance market), as required.

Enhanced: profitability, long term viability, customer relevance / trust, protection of market share.

Business Case:

Developed cost benefit positive business case to demonstrate how the use of the proposed product suit would increase profit.

The client’s executive Committee approved the development of the proposed products and their integration into the company’s business development strategy. The proposed pricing (business case) and ‘Go To’ market strategy was also agreed.

To see how we can help your organisation, please

Group Risk Consulting Ltd The Stables Chestnut Farm Cuxham, Watlington Oxfordshire OX49 5ND

• Company No: 08508970

Copyright © 2023 Group Risk Consulting. All Rights Reserved. Site Map

Privacy Statement

EY CAFTA Case Championship 2024

CAFTA has launched 7th edition of its pan-India case study competition to engage undergraduate and postgraduate students and provide them with an outlet to explore this differentiated method of learning. It is a national level finance and treasury case study competition organized for college students across India.

EY India, Partner Consulting Services

We are dedicated to delivering an outstanding learning experience to all students and young professionals. In addition to the case championship learning material, our team will provide exclusive access to the self-paced learning course 'Decoding Global Financial Markets,' an immersive course designed to demystify the intricate workings of global markets.

It must be noted that the case championship has different subjects and case questions for students. Refer to the respective sections below for details on the registration process, topics, dates, and submission process.

                                           Download Brochure      Register now

Step 1:  Choose between individual entry or team registration for two

Step 2 : Select a stream from the below list

Stream 1 - Sustainable Finance Innovators: GenAI Treasury Challenge

Stream 2 - Risk Masters Challenge

Stream 3 - Liquid Edge: Mastering Investments

Step 3 : Upon registration for one or more streams, gain access to relevant reading materials and recorded webinar sessions within 24 hours

Step 4 : You will receive the case study question via email on 27 May 2024

Step 5:  Participate in Knowledge checkpoint quiz on 8 June 2024

Step 6: Submit your response to the case study question by 16 June 2024,  including a PowerPoint presentation with the solution and a short video outlining your idea.

Step 7: The top five teams per stream will be revealed on 28 June 2024

Step 8:  Top five team will appear for 48 hours challenge and present their solution to the panel of judges.

Step 9 : Final results will be announced by 8 July 2024

Stream selection

Please refer to below details for a clearer understanding of the case championship streams.

Risk Masters Challenge

The Risk Masters Challenge stream focuses on the complex landscape of financial risk management and skills required to navigate through it. Participants in this stream will delve into the intricacies of identifying, assessing, and mitigating the various types of financial risks faced by organizations in today's dynamic business environment. Through case studies and interactive workshops, students will explore topics such as market risk, credit risk, operational risk, and liquidity risk, etc. They will learn to leverage quantitative models, risk analytics tools, and risk management frameworks to make informed decisions and safeguard the financial health and stability of businesses.

If you're intrigued by the complexities of risk management and eager to apply a blend of risk management and business strategies to solve real-life business cases, the Risk masters challenge is the perfect platform for you to showcase your skills and expertise.

Liquid Edge: Mastering Investments

Welcome to Liquid Edge, where financial prowess meets strategic thinking . Liquidity investments and cash management are fundamental aspects of financial income to Liquid Edge, where financial prowess strategy is crucial for both individuals and organizations. Liquidity investments involve allocating funds into assets, which can readily be converted to cash, ensuring financial flexibility and stability. Meanwhile, cash management encompasses the strategic handling of cash flows to optimize liquidity, minimize risks and maximize returns.

In this stream, participants dive deep into the intricate world of liquidity and investments management, where teams navigate through real-world scenarios, assessing liquidity positions, optimizing investment strategies and mitigating risk.

Join us as tomorrow’s financial leaders compete head-to-head, striving for excellence in the dynamic realm of investments and liquidity management.

Sustainable Finance Innovators: GenAI Treasury Challenge

This stream emphasizes the focus on sustainable finance innovation, the role of GenAI technologies, and the specific challenge related to treasury management. It captures the essence of the competition and invites participants to explore cutting-edge solutions at the intersection of finance, technology, and sustainability.

Join us in the Sustainable Finance Innovation Stream as we embark on a journey to reimagine the future of finance through the lens of sustainability and technological innovation.

Duration: 60 minutes

Number of questions: 30

Format: Multiple-Choice Questions (MCQs)

Note: Non-participation in the quiz will lead to disqualification. If you are participating in a team of two, it is mandatory for both the participants to appear for quiz.

Submissions

Please submit your case study response via the provided Google Form by 16 June 2024 , accompanied by a PowerPoint presentation detailing your solution and a brief video presenting your idea.

Finale Round

The ultimate 48 hours challenge

In this exhilarating 48-hour challenge, the top five teams from the college-level finance and treasury case championship will push their limits, showcase their skills, and vie for the crown of champions.

Winner (one team from each stream)

• “The ultimate Champion” trophy
• Win attractive EY gift hampers
• Two months internship with EY India*
• Get 100% scholarship on EY CAFTA Hybrid eLearning Program

1st Runner up (one team from each stream)

• One month internship with EY India*
• Attractive EY gift hampers
• 75% scholarship on EY CAFTA Hybrid eLearning Program

2nd Runner up (one team from each stream)

* The winners will secure pro-bono internships and Live projects with EY

Note - Teams holding the fourth and   fifth position from their respective streams will be eligible for 50% scholarship on EY CAFTA Scholars Hybrid eLearning Program.

All those who participate will be eligible for 20% scholarship for EY CAFTA Hybrid elearning Program.

Registration Details and Important Dates

Eligibility

Open to college students from all academic disciplines and backgrounds.

Team Formation: You can participate as a team of one or a team of two, including undergraduates and postgraduates.

Note : No individual who graduated (either UG or PG) in or before 2023, irrespective of their current working status, is eligible to participate

Evaluation criteria

Evaluation is based on overall performance in all steps

For case solution, marks will be allocated to each team on the following:

• Clarity of thought
• Content and writing style
• Depth of research
• Practical applicability and relevance of solution
• PowerPoint presentation
• Video submitted 

I have queries. Where can I have them addressed?

Hope all your queries are addressed on this webpage. Additionally,  click here  to write to the EY CAFTA team and they will address your query. 

Click here to register

Registration open

EY Trainers

Kriya Bhansali

Abhishek Anand

Nushad Irani

Direct to your inbox

Stay up to date with our Editor's picks newsletter. 

Contact us to know more

Please email us in case of any queries

Connect with us

Our locations

Legal and privacy

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.

EY | Assurance | Consulting | Strategy and Transactions | Tax

EY is a global leader in assurance, consulting, strategy and transactions, and tax services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.

© 2020 EYGM Limited. All Rights Reserved.

EYG/OC/FEA no.

This material has been prepared for general informational purposes only and is not intended to be relied upon as accounting, tax, or other professional advice. Please refer to your advisors for specific advice.

Welcome to EY.com

In addition to cookies that are strictly necessary to operate this website, we use the following types of cookies to improve your experience and our services: Functional cookies to enhance your experience (e.g. remember settings), and  Performance cookies to measure the website's performance and improve your experience . , and Marketing/Targeting cookies , which are set by third parties with whom we execute marketing campaigns and allow us to provide you with content relevant to you.

We have detected that Do Not Track/Global Privacy Control is enabled in your browser; as a result, Marketing/Targeting cookies , which are set by third parties with whom we execute marketing campaigns and allow us to provide you with content relevant to you, are automatically disabled.

You may withdraw your consent to cookies at any time once you have entered the website through a link in the privacy policy, which you can find at the bottom of each page on the website.

Review our  cookie policy  for more information.

Customize cookies

I decline optional cookies