What is Enterprise risk management (ERM) and what are the elements of Enterprise risk management?
Enterprise risk management (ERM) is the techniques and processes that are employed by an organization to identify and manage entire business risks. ERM enables organizations to take a formal approach to risk analysis, which begins with identifying risks, continues with evaluating and determining the severity of each risk, and then results in adopting one or more risk management strategies and risk management frameworks (RMF) to address each organizational risk. As organizations aspire to adopt a systematic approach to ERM, they should work to integrate risk management endeavors into business and information technology (IT) processes and functions. Furthermore, organizations should treat risk management efforts as an integral component of their day-to-day activities and practices.
Key elements of Enterprise Risk Management process include the following:
- Strategy/Objective setting
- Risk identification
- Risk Assessment
- Risk Evaluation
- Risk treatment/response
- Risk communication and monitoring