3. The Time Has Come for ERM
Less than a decade ago, Enterprise Risk Management (ERM) was not a major focus for most organizations. Today, it is quickly ascending to the top of the agendas of senior executives and shareholders alike as corporate scandals and globalization challenge the status quo and regulators publish new or updated requirements.
Enterprise Risk Management is a structured approach to aligning strategy, processes, people, technology, and knowledge to identify and manage uncertainties and risk. Providing a comprehensive, integrated framework that enables organizations to proactively manage business risk, ERM aids in the achievement of balance between business needs and risk thresholds to increase competitive advantage and shareholder value. ERM definitions tend to vary from source to source, but all contain common themes: a standard risk management process, an integrated view of risks, and a focus on relating risks to business objectives.
One would think that recent corporate scandals and fraud as well as provisions set by the Sarbanes-Oxley Act would have spurred companies to assess and improve the management and mitigation of enterprise-wide risks. Despite the plethora of internal and/or external events that could expose an organization to serious risks, companies focus much more on measuring and monitoring financial performance than on proactively measuring, analyzing, and responding to and mitigating risks—threats that could negatively impact financial performance. ...
Get Sarbanes-Oxley Ongoing Compliance Guide: Key Processes and Summary Checklists now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
