ERM Flashcards
Concept of value
For-profit commercial entities: value is usually shaped by strategies that balance market opportunities against the risks of pursuing those opportunities.
Not-for-profit and governmental entities: value may be shaped by delivering goods and services that balance the opportunity to serve the broader community against any associated risk.
What is ERM
Enterprise risk management: the culture, capabilities, and practices, integrated with strategy-setting and performance, that organizations rely on to manage risk in creating, preserving, and realizing value.
What is risk
Risk is defined as the possibility that events will occur and affect the achievement of strategy and business objectives.
Risk include 3 elements:
Event
Severity
Uncertainty
Benefits of ERM
Companies that effectively integrate enterprise risk management are likely to benefit in their overall ability to realize value. Benefits may include the ability to:
1. Increase the range of opportunities by considering all reasonable possibilities.
2. Increase the positive outcomes and reduce negative or unexpected outcomes.
3. Better manage entity-wide risk.
4. Reduce performance variability by better anticipating risks and minimizing their impact.
5. Improve and optimize the use of resources.
Mission, Vision, and Core Values
Mission/Objective: The core purpose of the entity (Why the company exists and what it hopes to accomplish)
Vision/Strategy: The aspirations of the entity and what it hopes to achieve over time.
Core values: An organization’s beliefs and ideals about what is good or bad, acceptable and unacceptable, and impact on the behavior of the organization.
Integration of ERM
Managing Risk Linked to Value
Risk appetite: the types and amounts of risk expressed in mission and vision, an organization is willing to accept in pursuit of value. Risk appetite is a range and must be flexible enough to adapt to changing business conditions
ERM seeks to align anticipated value creation with risk appetite and capabilities for managing risk over time.
Entity-wide risks with a portfolio view: A composite view of risk the entity faces, consider the types, severity, and interdependencies of risk and how they may affect the entity’s performance relative to its strategy and business objectives.
Components and principles of ERM
- Governance and culture
- Strategy and objective-setting
- Performance
- Review and revision
- Information, communication and reporting
governance and culture includes principles(5) of:
D Defines desired culture
O Exercises board oversight
V Demonstrates commitment to core values
E Attracts, develops, and retains capable individuals (employees)
S Establishes operating structure
Strategy and Objective-Setting includes principles (4) of
S Evaluates alternative strategies
O Formulates business objectives
A Analyzes business context
R Defines risk appetite
Performance includes principles (5) of:
V Develops portfolio view
A Assesses severity of risk
P Prioritizes risk
I Identifies risks (events)
R Implements risk responses
Review and revision includes principles (3) of:
S Assesses substantial change
I Pursues improvement in enterprise risk management
R Reviews risk and performance
Information, communication and reporting includes principles (3) of
T Leverages information and technology
I Communicates risk information
P Reports on risk, culture, and performance
the board of directors should
Be independent of management
Primary responsibility (fiduciary responsibility) for risk oversight
To understand the potential organizational biases in decision-making and challenge management to overcome them.
Business objective
(SMARt)
Specific
Measurable or observable
Attainable
Relevant
Authority delegated to________ to design and implement practices that support the achievement of strategy and business objectives.
management
