What is enterprise risk management?

Enterprise risk management (ERM) is a strategic business discipline. It considers all possible risks to an organisation and outlines options if one of these risks comes to fuition. It also manages the combined impact of those risks to help the organisation achieve its objectives and get a competitive edge.

Where have you heard about enterprise risk management?

More and more organisations have adopted enterprise risk management strategies in recent years and you may have seen information about companies' ERM strategies included in their annual reports.

What you need to know about enterprise risk management.

ERM looks at an organisation's exposure to quantitative and qualitative risk across all areas, including financial, operational, reporting, compliance, governance, strategic and reputational. It prioritises and manages all exposures in an interrelated risk portfolio considering both causes and effects in internal and external environments, systems, circumstances, and stakeholders. Both individual risks and their combined exposure are recognised.

For exampe: the Environmental Protection Agency (EPA) requires facilities that deal with extremely hazardous substances to develop risk management plans to address what they are doing to mitigate danger and what they will do if an accident occurs.