1 / 14

Introduction to Enterprise Risk Management

Introduction to Enterprise Risk Management. What is ERM?. Risk: an activity which creates uncertainty in business operations & affects ability to reach strategic goals and objectives. Risk-Based Approach Wheel.

triciaj
Télécharger la présentation

Introduction to Enterprise Risk Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to Enterprise Risk Management

  2. What is ERM? Risk: an activity which creates uncertainty in business operations & affects ability to reach strategic goals and objectives

  3. Risk-Based Approach Wheel • The Risk-Based Approach Wheel gives professionals a visualization of how ERM the ERM lifecycle • Enterprise Risk Management is most effective as an iterative process in which each activity builds off each the previous. • The key to navigating this complexity is engaging people across all levels and departments of the organization. • Use the Risk-Based Approach Wheel to demonstrate the order of operations Enterprise Risk Management should follow and how engagement keeps the wheel turning.

  4. Risk Culture • A successful ERM program starts with a positive risk culture. • Setting the right tone for an ERM program starts at the top with the board of directors and senior executives. • Roles and responsibilities need to be clearly defined and articulated so there is accountability at all risk levels in the organization. • The more integrated ERM is in everyone’s job descriptions the easier risk assessments will become and the more valuable they will be. Internal Audit Control and assurance of ERM actives

  5. ERM at Company • ERM is not just identifying and assessing risk, it provides real value to the business by driving actionable outcomes. • Recent studies show that implementing and growing an ERM program to a mature state can result in a 25% premium on the market value of a firm. • At Company, we hope to capitalize on this opportunity and achieve other goals specific to our organization COMPANY ADD THEIR GOALS AND OBJECTIVES

  6. The Five Steps of ERM • Identify: Determine risks and performance opportunities within the organization • Assess: Assess risks and opportunities based on the three dimensions of impact, likelihood, and assurance. • Evaluate: Analyze risk assessments against risk thresholds • Mitigation: Identify activities within the organization that control each risk • Monitor: Assess and test the effectiveness of controls

  7. Risk Identification To help process owners identify risk, there are 5 basic root-cause categories that fit all risks, each providing meaningful feedback as to what steps to take to mitigate risk. As a first step to identify risks, select the root cause category of concern. Once the category has been established, the risk owner will be able to classify the risk into a structure that translates across all departments.

  8. Risk Assessment Each risk is assessed using a standard set of criteria and three dimension – impact, likelihood, and assurance. The assessment provides an overall inherent and residual risk index for the risk identified. • Impact - Magnitude of impact due to potential risk event • No consideration given to mitigation and control activities • Likelihood - Probability of occurrence • No consideration given to mitigation and control activities • Assurance - Confidence in existing mitigation and control activities • Inherent & Residual Risk Indexes - Measure overall severity of risk with (residual) and without (inherent) effects of mitigation and control activities

  9. Risk Evaluation • Once risk assessment are completed, it’s essential to evaluate and analyze the data • This step in the ERM process results in actionable steps in order to prevent, mitigate, transfer, or accept the risk at hand • Goals of Risk Evaluation • 1. Determine critical risks across business areas • 2. Compare actual risk levels vs risk tolerance • 3. Assess how business risks affect strategic goals and objectives • 4. Set targets for mitigation activities

  10. Risk Mitigation Mitigation activities should meet the following planning scenarios: Mitigations activities are controls and procedures for handling risk. This can include policies, documents, and point-solution actions. Identifying controls allows business owners and managers to determine where policies and procedures may be undocumented or nonexistent.

  11. Risk Monitoring Risk monitoring involves tracking, recording, and evaluating risk mitigation activities. It allows an organization to measure the effectiveness of the mitigation activities in place, as well as the risk assessment and system as a whole. By collecting key metrics or conducting tests, the organization can determine areas outside their risk threshold. Effective Monitoring

  12. ERM: A Continuous Cycle

  13. Please reach out to your LogicManager Advisory Analyst with any further questions!

  14. LogicManager’s ERM software empowers businesses to uphold their reputation, anticipate what’s ahead, and improve performance through strong governance. Get in touch: www.logicmanager.com 617-520-1210 info@logicmanager.com

More Related