Skip to main content
Poole College of Management
Enterprise Risk Management Initiative

Briefs and Insights

Dec 1, 2003

Impact of IT Risks on ERM

Many technological risks face modern organizations of all types and have become necessary considerations for general auditors. These risks can be placed into the five categories of access control, network security, data integrity, asset management, and software acquisition and development, all of which are necessary to consider even in businesses that function outside of technological markets. Framework should provide flexibility for change as technology changes yet mitigate risk through necessary restrictions.

May 1, 2003

Casualty Actuarial Society’s Overview of Enterprise Risk Management

"This document is intended primarily to further the risk management education of candidates for membership in the Casualty Actuarial Society (CAS). Current members of the CAS as well as other risk management professional should also find this material of interest."

Apr 1, 2003

ERM Infrastructure and Risk Intelligent Systems

Enterprise risk management (ERM) is the key to resolving some of the demands for more corporate transparency from investors. ERM is a process that changes how an organization identifies risks and manages those risks continuously. It helps to develop the steps and allocate resources to mitigate the organization's risks and provides reasonable assurance about the organization's ability to achieve its objectives.

Oct 1, 2000

Business Risk Management in Government

While risk management is well-established in the private sector, no generic risk management approaches are available for government entities. Due to potential pitfalls that exist in government practices, it is not feasible to simply apply private-sector risk management guidance directly to the public sector. Government risk management should focus on systemic risk in order to prevent the blame-shifting that is often present in the government sector.