Enterprise risk management (ERM) includes the strategies, methods and processes used by business organizations to manage risks.
ERM sets out a framework for risk management. Typically this involves identifying specific events or circumstances relating to the business organizations objectives (in terms of risks and opportunities), assessing them on the basis of their likelihood of occurrence & their magnitude of impact on the firm, determining a response strategy, and monitoring progress of the event, the response and the outcome. By being proactive in the identification and addressing such risks and opportunities, business organizations protect shareholder value as well as create additional value for their stakeholders, including the owners, employees, customers, regulators, and ultimately society overall.
ERM can may also be seen as a risk-based approach to managing a business, integrating the concepts of internal control, regulatory requirements (such as the Sarbanes-Oxley Act), and strategic planning.
ERM continues to evolve and aims to address the needs of various stakeholders, who want to understand the broad continuum of risks that face complex organizations to make certain they are managed appropriately. Regulators and rating agencies have also increased their scrutiny on the risk management processes of companies and firms. This increased scrutiny today makes up an important component of how the outside world views business organizations.
Organizations are experiencing an increased concern and focus on risk management. The challenge for management of both private and public organizations today is to determine how much uncertainty to accept as it strives towards achieving the organization's objectives and delivering value to its stakeholders.
The solution to this challenge is the establishment of an Enterprise Risk Management (ERM) system and processes that effectively identify, assess, and manage risk within acceptable levels.
The COSO Enterprise Risk Management - Integrated Framework is designed to provide best practice guidance for management of businesses and other entities to improve the way they are dealing with these challenges.
COSO ERM integrates various risk management concepts into a solid framework in which a common definition is established, components are identified, and key concepts described. This enables COSO to provide a starting point for organizations to assess and enhance their Enterprise Risk Management.
The course will provide participants with the necessary perception, knowledge and skill set to understand the risks and benefits of Enterprise Risk Management and learn how the COSO-ERM framework enables organisations and management to:
Comply with the requirements for corporate governance (such as the various international standards like Sarbanes-Oxley and the Cadbury Report),
Align risk appetite and strategy, Enhance risk response decisions,
Reduce operational surprises and losses,
Identify and manage multiple and cross-organisational risks,
Provide integrated responses to multiple risks
Improve the deployment of capital, Introduces the concept of unpredictability and the steps that can be taken to lessen its impact.