Enterprise-Wide Risk Management
Enterprise-wide risk management (ERM) is a process of coordinated risk management that places greater emphasis on co-operation among departments to manage an organisation's range of risks as a whole. ERM offers a framework to effectively manage uncertainty, respond to risk and exploit opportunities as they arise. The framework comprises of policies, processes, tools, reports and ideal governance structure. The ERM framework encompasses the following elements:
Diagnostic Review
Involves diagnostic review of risk management-related processes of the organisation, which forms the basis for overall ERM implementation. The study includes review of:
- Risk management structure
- Underlying policies and procedures for overall risk
- Capital management
Risk Identification
A library of processes and sub-processes is defined and risk underlying each is identified. Loss data capture processes are reviewed and defined. The template for capturing loss events is also defined.
Risk Assessment & Measurement
Risks are assessed based on templates specifically designed according to nature of risk. In case of risks that can be quantified, the measurement models are defined. Additionally, the loss data captured is analysed to assess likely impact on an organisation's capital.
Risk Control & Mitigation
Underlying controls vis-a-vis the risks are identified and assessed for effectiveness and comprehensiveness. A corrective action plan is defined, as also a limit management framework to mitigate impact of risks.
Risk Monitoring & Reporting
Risk management monitoring and reporting templates are defined. Related reporting frequency and workflow is also defined.
Risk Based Decision Making
To ensure that risk management is embedded into strategic decision-making, a framework for risk-based pricing and a risk-based portfolio strategy is designed.