Enterprise Risk Management: A Holistic Approach to Managing Risk
Enterprise Risk Management (ERM) is an emerging model at companies and organizations where the management of risks is integrated and coordinated across the organization as a whole. ERM takes a holistic approach to risk management –moving from a fragmented methodology to integrated and broadly focused. ERM expands the process to include not just risks associated with unintended losses, but also financial, strategic, operational, and other risks.
ERM – The Role of Leadership
For forward-thinking risk managers and leaders, the days of identifying and dealing with only a portion of the risks facing organizations today are over. The need to anticipate, prevent and mitigate risk throughout the entire enterprise is critical. Traditional risk management is generally comfortable dealing with property, liability, and heath & safety risks, often in isolation. Yet, while important, these risks are often just the tip of the iceberg.
ERM helps us think of risk strategically and when used effectively, it forms a connection between organizational objectives and organizational performance. ERM:
• Serves a strategic purpose (it is more than an audit/assessment)
• Focuses on managing risks in an “holistic” (integrated) manner
• Is best when it’s part of the normal business process.
A clearly expressed ERM strategy, including defined objectives and risk appetite, will drive the design of the entire program. Properly adopted by leadership, the strategy will also affect how ERM is understood by the organization and whether all employees will support the initiative.
Steve Thompson is President of Aspen Risk Management Group. Contact Steve at: 619-294-9863, or via
the Web at: www.aspenrmg.com