The following is a guest blog post is from RiskArticles.com.
Enterprise risk management (ERM) is an ongoing process designed to manage all risks within a firm. The Commission of Sponsoring Organizations of the Treadway Commission (COSO) defines ERM:
“Enterprise risk management is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”
It is important to establish an ERM Framework because it enables a firm to gain a clear view of its overall risk level. Discussed below are the steps that need to be taken to establish an ERM Framework, the potential benefits that can be expected, and the challenges that may be faced.