Enterprise Risk Management
Enterprise Risk Management In the 21st Century, the news of corporate scandals involving corruption enormously spread across not only the country but across the globe also. Accounting firms, investors, lenders, corporate managers and innocent bystanders were all embroiled in the chaos with the extent of corporate malfeasance being indeterminable. Collateral damage inflicted by scandals involving corporations such as Enron, Arthur Andersen LLP, WorldCom, Adelphia Communications, etc, was shocking. The occurrence of such business and audit failures led individuals in a state of contemplation. How did such situations occur; what could have been done to prevent them? This is where Enterprise Risk Management (ERM) comes in effect. As discussed below, one will see how the need for ERM arises and when it does, what functions ERM serves, the process it goes through, who participates, their roles and the advantages of having ERM in place. The focus will be on how to identify, measure, and respond to risk as well as what the role of the board of directors, management and employees is in risk management.
Enterprise Risk Management Risk is where it all begins. Events may have a positive or negative affect on a company and its strategy. If the events can be foreseen, the company has the opportunity to reduce any negative impacts and in turn reduce risk; or they can amplify the success of a positive event, which would in turn, present opportunities. (COSO, 2004) Risk can be defined as the probability of a known loss. ERM deals with risks and opportunities affecting value creation or preservation. Enterprise risk management, as defined by COSO is a process, affected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity
Enterprise Risk Management Risk is where it all begins. Events may have a positive or negative affect on a company and its strategy. If the events can be foreseen, the company has the opportunity to reduce any negative impacts and in turn reduce risk; or they can amplify the success of a positive event, which would in turn, present opportunities. (COSO, 2004) Risk can be defined as the probability of a known loss. ERM deals with risks and opportunities affecting value creation or preservation. Enterprise risk management, as defined by COSO is a process, affected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity
References: AON. (2007, April 21). Enterprise Risk Management. AON. Retrieved March 2, 2009, from www.aon.com/risk_management/erm/default.jsp Chapman, R., J. (2006). Simple Tools and Techniques for Enterprise Risk Management. Wiley & Sons. COSO, (2004, September). Enterprise Risk Management — Integrated Framework: Executive Summary; Retrieved March 2, 2009, from http://www.coso.org/Publications/ERM/COSO_ERM_ExecutiveSummary.pdf Duncan, L. (2005). Managing Business Risk. Axena: Chartered Institute of Public Finance and Accountancy.Retrieved March 2, 2009, from http://www.cipfa.org.uk/regions/se/download/Managing%20Business%20Risk.pdf Gellinas, U. J., Sutton, S. G., & Hunton, J. E. (2005). Accounting Information Systems. Thomson. Sixth Edition. Reding, K.F., Sobel, P. J., Anderson, U. L., Head, M.J., Ramamoorti, S., & Salamasick, M. (2007). Internal Auditing: Assurance and Consulting Services. The IIA Research Foundation.