Enterprise Risk Management.edited
docx
keyboard_arrow_up
School
University of Nairobi *
*We aren’t endorsed by this school
Course
1085
Subject
Information Systems
Date
Nov 24, 2024
Type
docx
Pages
7
Uploaded by AdmiralSardineMaster445
1
Enterprise Risk Management
.
Your name
Institutional affiliation
Course Date
2
An Effective Enterprise Risk Management Program. Summary. The COSO framework defines the essential components of enterprise risk management, key principles, and concepts of ERM, common ERM language and provides precise guidelines and directions for enterprise risk management. COSO ERM happens to be between two acceptable risk management standards that are essential at organizational levels. This framework plays a significant role in risk management in a perilous and volatile business landscape. COSO's
mission involves the study of financial reporting as well as coming up with recommendations to curb fraudulent acts. The preliminary standards emphasize the role of auditing as a driving force in relationship with enterprise risk management. COSO's original ERM standards comprise three
major categories; strategic, operations, reporting, and compliance (PricewaterhouseCoopers, 2004). ERM standards are always aligned with a developed adaptation of internal control principles that goes beyond monetary statements to comprehensively incorporate reports from all
sections of the enterprise. The original COSO ERM framework was exclusively constructed on internal control (Benjamin, 2017). The present components constituted in COSO’s new framework include culture and governance (internal environment), objective setting and strategy,
performance, revision and review, and communication, information, and reporting/monitoring. Approach to Implementing an Effective ERM Program.
An efficient ERM software should guarantee relevant information for both the end-users and the management. The information provided should help the users and the administration to understand the forms of risks that exist, come up with data-driven decisions, and lessen the
3
negative implications of risks in case they occur. In addition, such applications should enable risk
owners to actively participate in the submission of risk evaluations and data/information sharing across the organization. The ERM software also has to be aligned to the international conventional risk management principles and frameworks, which include the Basel and ISO 3100 and the COSO ERM standards. Risk management is imperative to successful leadership in the contemporary business industry. Therefore, it is significant that organizational leaders develop ERM procedures to enhance risk management skills. For an ERM to be considered effective, it has to cut across risk identification as well as the risk management spectrum that an organization is likely to encounter.
This is why resolving to proactively control the risk that an organization may face is considered the first step of implementing the ERM. The second step entails clarification of organizational risk values (Hopkin, 2017). After this step, it is imperative for the organization to develop a strategy, given that several risks are tied to actions and events that are likely to limit the organization's potential to achieve established goals. Effective ERM is dependent on the comprehension of the goals and strategies of the organization. Therefore, it is important for the organization that there is a comprehensive consideration of all risk factors as well as an examination of potential occurrences that are likely to negatively impact the organization's achievement of goals. Issues and Organizational Impacts Associated with Ineffective Implementation of ERM. The implementation process of the ERM framework can be technical for most organizations. Its implementation involves a combination of several factors, including organizational consensus, involvement of executive management, and appreciation of
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
4
sensitivities resulting from the introduction of different programs (organizational resistance). One of the main challenges of implementing ERM is value assessment; several organizations often find it difficult to justify the expenses incurred and the program's significance (Lam, 2017).
The other significant challenge originates from the enumeration of the risks involved. Risk information is shifting to becoming more event-based and value-based, which is likely to raise concerns as a result of the distribution of risks to external regulators. Every organization should ensure that legal exposure and risk visibility is balanced. Risk definition is also another significant challenge. It is difficult for organizations to establish consistency in the application of
risk nomenclature. Inconsistencies in the definition of risks and methodologies may complicate the successful implementation of the program. Methods for Establishing Key Risk Indicators (KRIs)
Some of the most effective methods constituted in the establishment of Key Risk Indicators (KRIs) require organizations to comprehensively access every form of the possible risk that the organization is exposed to. Thereafter, it also requires the organizations to comprehensively document all the risks, their implications on the organization and establish the significance and likelihood of the occurrence of the risk. It is, therefore, significant to ensure that
there is a close observation of performance through Key Risk Indicators (KRIs) (Hopkin, 2017). It is essential for the organization to ensure that the enterprise aligns its strategies towards leveraging technology to assist the implementation process. It is important to ensure that there is a regular or periodic review of Key Risk Indicators in the process, especially after changes or evaluation of strategies. Linking the KRIs with the Organization's Strategic Initiatives
.
5
Identification of strategic initiatives that play a significant role in the achievement of organizational goals is the first and essential step. This step is followed by mapping the identified
threats that are at the center of the strategic initiatives. Implementation of these steps provides the organization with an opportunity to come up with essential metrics related to key risk indicators; it will also help in overseeing the implementation of key strategic initiatives. It is clear that the major challenge associated with the process of implementation of ERM
is an assessment of value which is characterized by the organization's difficulty to justify the expenses or illustrate the sufficiency for value utilized in line with the organization's established costs. The Enterprise Risk Standards is associated with a developed adoption of internal control principles. It should go beyond the assessment of monetary statements to the incorporation of reports from all sections of the organization. References
6
Benjamin, A. S. (2017). Enterprise risk and opportunity management: Concepts and step-by-
step examples for pioneering scientific and technical organizations
. John Wiley & Sons.
Hopkin, P. (2018). Fundamentals of risk management: understanding, evaluating, and implementing effective risk management
. Kogan Page Publishers.
Lam, J. (2017). Implementing enterprise risk management: From methods to applications
. John Wiley & Sons.
PricewaterhouseCoopers, L. L. P., & Committee of Sponsoring Organizations of the Treadway Commission. (2004). Enterprise Risk Management: Integrated Framework: Executive Summary, Framework, September 2004.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
7