Enterprise Risks Management (ERM)

Home » Services » Enterprise Risks Management (ERM)

Enterprise Risks Management (ERM)

Risk influences and aligns strategy and performance across all departments and functions. Many companies and banks have failed, and government services have not achieved the desired objectives, due to the inability to manage risks on an ongoing basis. We enable management to create a risk awareness culture.

We provide support to clients to establish and implement an Enterprise Risk Management (ERM).

The Committee of Sponsoring Organizations of the Tread way Commission (CSOTC) defines ERMs thusly:

Enterprise risk management is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives ³

In additional to our expert knowledge on the COSO Framework, we also have expert on the international risk management framework, ISO 31000 Risk Management.

Benefits of Effective ERM

By considering all aspects of risk—both positive and negative —ERM increases the range of opportunities.
Identifies and manages risk entity-wide. Every entity faces numerous risks that can affect many parts of the organization. A risk can originate in one part of the organization but impact a different part.
Increases positive outcomes and advantage while reducing negative surprises. ERM allows entities to improve their ability to identify risks and establish appropriate responses, reducing surprises and related costs or losses while profiting from advantageous developments.
Reduces performance variability. ERM allows organizations to anticipate the risks that would affect performance and enables them to put the actions needed to minimize disruption and maximize opportunity in place.
Improves resource deployment. Every risk can be considered a request for resources. Obtaining robust information on risk allows management to assess overall resource needs, prioritize resource deployment, and enhance resource allocation.
Enhances enterprise resilience. An entity’s viability depends on its ability to anticipate and respond to change, not only to survive but also to evolve and thrive.

Historical View		Today
Hazard Risk Management	⇒	Enterprise Risk Management Operational, strategic, financial reputation and insurable risks
Focus on preservation of tangible assets	⇒	Recognition of the value of tangible and intangible assets
Silo approach: Each department / function	⇒	Holistic approach: Coordinated at the highest level
Risk management = separate function	⇒	Risk management is a corporate wide daily concern and is embedded in the operations
Risks are threats: Focused on avoidance of negative events	⇒	Risks can be threats and opportunities

Our team of experts have expert knowledge of standards, applications and tools, including:

COSO Framework (www.coso.org)
ISO 31000 (www.iso.org)
Playbook: ERM for the U.S. Federal Government
The Orange Book Management of Risk – Principles and Concepts, U.K.
Green Book, Standards for Internal Control in the Federal Government
Scenario Analysis
ERM tools
Risk Profile
Risk Appetite
Risk Tolerance
Risk Models
SWOT Analysis
Audience Response Systems (ARS)
Gap Analysis

³ https://www.coso.org/Documents/COSO-ERM-Executive-Summary.pdf