ENTERPRISE RISK MANAGEMENT

Enterprise Risk Management (ERM) is a comprehensive and systematic approach to identifying, assessing, managing, monitoring, and reporting the risks that an organization encounters. The primary objective of ERM is to ensure that risks are managed within the organization’s risk capacity and risk appetite in order to achieve strategic objectives.

Key Elements Include:

• Governance and culture – establishing robust governance structures and a risk aware culture to support risk management activities.

• Defining both risk capacity and risk appetite – this is a combination of financial strength and the appetite for risk associated with specific operations and activities.

• Perform both top-down and bottom-up risk identification.

• Risk assessment – evaluation of identified risks in terms of likelihood and impact.

• Risk response – develop strategies to address risks.

• Risk monitoring and reporting – continuously monitoring and reporting risk management activities to ensure risk responses are effective and that new risks are identified and managed.

• Integrate risk with strategic objectives – align risk management activities with the organization’s strategic goals to ensure risk considerations are embedded in decision-making processes at all levels.