Due to technological advances, internet usage and a multitude of other changing aspects in the business environment, companies more than ever need to update their method of handling numerous risks. The report, authored by William G. Shenkir and Paul L. Walker, looks at the enterprise risk management (ERM) model that was put in place by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) in the third quarter of 2004. This new approach to managing risks provides a framework for companies to drastically improve the execution of budgeting, planning and the Balanced Scorecard (BSC).
COSO considers risk management everyone’s responsibility. Typically risks are grouped within the following areas—strategic, operational, financial, and hazard. When stakeholder value is sacrificed, it’s normally a result of not identifying or poorly managing one of the risk categories mentioned above.
The internal environment of a business essentially sets the stage for ERM. Many of the decisions made regarding the amount of acceptable risk are determined by executive management and the board of directors. Also, the ethical principles of the company are a factor in risk acceptance and usually mirror the values of top management.
Understanding objectives at every level in a business is crucial. ERM emphasizes this importance and helps companies relay objectives for all day-to-day tasks so individuals can relate no matter what position they hold. Risk identification and assessment are an essential part of the ERM framework. Being able to identify risks with a number of methods is important and all employees should be involved. The assessment can be an empirical validation or a consensus judgment may be used to prepare risk maps. The actions for the identified risks are determined and will vary depending on an organization’s tolerance for risks.
To manage the response to risks, control activities are used in the ERM process. Also, communication is essential with risk management to ensure support by executive directors and the board of directors. In order to keep the process in check, businesses implement monitoring that may ultimately provide a link to increased profit margins.