Enterprise Risk Management
Increasingly, boards of directors and senior executive teams are exploring the concept of enterprise risk management (ERM) to better connect their risk oversight practices with the execution of their strategic plan. Major economic changes and the impact of significant natural disasters are placing even more emphasis on the importance of robust and strategic risk management practices in organizations of all types and sizes. The need for ERM is continually increasing as organizations become more complex, expand, and are required to comply with multiple regulatory initiatives.
PM&A's ERM methodology is designed to identify potential events that affect the organization and to manage the associated risks. It provides a structured, consistent, and continuous process for use across the entire organization.
Strategies are developed within eight risk categories, consistent with the COSO Framework, including: risk culture, risk identification, risk assessment, articulation of risk appetite, risk response, risk reporting, integration with strategic planning and assessment of ERM effectiveness. Through the process organizations identify, assess, develop risk responses, and report on threats that affect the organization. We believe the eight categories of focus are appropriate and critical to any set of ERM processes.
Our goal is to help organizations recognize critical elements of an ERM program that increase its usefulness by strengthening the oversight by management and the board of directors of the most significant risks likely to impact the strategic success of any organization and provide the basis for a set of actionable initiatives to be implemented by the organization.