Enterprise risk management

Here’s what to know about ERM.

• How is ERM a tool in a company’s strategy toolbox? Many businesses have realized over time and experience that waiting for a risk event to happen isn’t good enough. The “E” in ERM stresses a top-down approach to managing risk, according to North Carolina State University’s ERM Initiative. Those who follow ERM understand risks as potential significant impediments to reaching strategic objectives.
• How can ERM help you understand risk? According to the Committee of Sponsoring Organizations of the Treadway Commission (COSO), business leaders who understand and communicate risk appetite (the level of risk a company can stomach while working toward their strategic goals) can “help their organizations succeed.” Risk-taking “can generate revenue, encourage innovation, [and] could allow you to enter into new markets,” Josh Salter, a spokesperson at the Risk Management Society (RIMS), told CFO Brew.
• Is enterprise risk management a professionalized discipline? Risk management—and ERM, specifically—has standards and frameworks for practitioners. The ISO 31000 is an international standard that serves as a foundation for building a risk management program. Similarly, COSO’s) ERM framework provides guidelines for managing enterprise risk. RIMS also offers an accredited certified risk management professional (CRMP) credential for practitioners to demonstrate their expertise in the field.