Skip to main content
Poole College of Management
Enterprise Risk Management Initiative

Filtered Results

Jan 1, 2010

Adding Value, Not Bureaucracy: Linking Governance, Enterprise Risk Management and Internal Controls

Explore the relationship between ERM, corporate governance, and internal controls. This article discusses how ERM enhances governance by integrating strategic risk management into corporate oversight.

Aug 1, 2009

A New Landscape for Risk Management and Oversight

Ernst & Young's research highlights the shift towards a holistic view of risk management, emphasizing dynamic risk assessments and the critical role of boards and audit committees in risk oversight. Explore essential questions for evaluating risk management processes and aligning them with company strategy.

Jun 1, 2009

Internal Audit’s Role in Managing Reputation Risk

Reputational risks and corporate missteps are having more significant impacts on bottom lines and stakeholder perceptions of companies than ever before. Therefore, companies are recognizing the importance of reputational risk and placing a greater emphasis on reputational risk management. Internal audit departments can play a significant role in helping companies manage reputational risks through their advisory and monitoring efforts.

May 1, 2009

Seven Question Guide to Assessing Your Enterprise Risk Management Practices

Risk professionals should consider seven questions in evaluating risk management tools, improving risk management practices, and assessing the state of ERM in an organization. Professionals should ask these seven questions: (1) if the risk management process really assesses risk; (2) if the risk assessment is context-driven; (3) if the risk management process address root causes of failure; (4) what business performance says about risk; (5) what the organization's risks say about its controls; (6) what the organization's controls say about its risks; and (7) if the professionals and their organizations are up for the task of risk management.

Mar 1, 2009

Ten Practical Lessons for Risk Management

Recent events have uncovered significant deficiencies in the way risks are managed at financial institutions and many other companies. Research into these deficiencies shows ten practical lessons companies can apply to address current weaknesses and strengthen risk management systems. By wielding appropriate authority, gaining support from senior management, and thoroughly examining the models and incentive systems used, risk managers can greatly improve companies' risk management systems.

Feb 1, 2009

Internal Auditors Partnership with Management

Internal auditors in the past have been used to examine how well management is performing and how well the company is operating. Now there is a need for internal auditors to work in conjunction with management to oversee risks. CHAN Healthcare Auditors realized this change in internal audit and has developed an audit process and tool that allows for a more effective approach to risk management. Even though the approach is mainly geared towards the healthcare industry, it can be used in numerous industries to determine companywide and departmental vulnerabilities.

Jan 1, 2009

Limitations of Traditional Risk Models in Forecasting Risk

The current economic crisis has upset many common assumptions about the global financial system and shaken investor confidence. While there are unique aspects to this crisis, it is important to understand that severe economic crises in general are not rare events. Traditional methods of modeling risk often fail to reflect the frequency of declines and when these declines will occur. It is important for investors to rely on more than the output from traditional risk models in assessing the potential risk associated with investments.

Nov 1, 2006

RIMS ERM Maturity Model

The Risk and Insurance Management Society (RIMS) has recently introduced its Risk Maturity Model (RMM) to help organizations better utilize Enterprise Risk Management. The RIMS Risk Maturity Model can be used by chief risk officers and other risk practitioners as a resource to aide in planning, implementing, and benchmarking Enterprise Risk Management practices within their organizations.

Sep 1, 2005

Best Practices for Structuring ERM Within the Organization

In order for the risk management division to function properly, it is essential to structure it properly within the firm. The risk management division should be placed in high stature within the firm and should report directly to the CEO. Risk managers should have a deep understanding of the company's business in order to effectively communicate with risk takers in the firm. Structuring the risk management division properly will ensure a more holistic view of risk within the organization.

Oct 1, 2004

The Orange Book: Management of Risk – Principles and Concepts

The original Orange Book was published by the British government in 2001 to promote more robust risk management practices in government sectors. Since 2001, organizations have begun to now have basic risk management processes in place. The risk management challenge is no longer in the initial identification and analysis of risk and the development of the risk management process. Rather, the challenge today is in the ongoing review and improvement of risk management. Thus, the British government issued this 2004 revision of The Orange Book to include more advanced guidance, such as the importance of “horizon scanning” (a systematic activity designed to identify indicators of changes in risk). This document also examines how the organization’s risk management activities relate to the wider environment in which it functions.