Enterprise Risk Management



What is ERM

Enterprise risk management (ERM) is an integrated approach for the organizations to manage risks and seize opportunities related to the achievement of their objectives. It provides a framework for risk management, which typically involves identifying particular events or circumstances relevant to the organization’s objectives (threats and opportunities), assessing them in terms of likelihood and magnitude of impact, determining a response strategy, and monitoring process. By identifying and proactively addressing risks and opportunities, business enterprises protect and create value for their stakeholders, including owners, employees, customers, regulators, and other stakeholders.

ERM Process

Following is a summarized view of phases to be performed during ERM implementation within organization:

  • Executive Management Support:
  • Establishment of Risk Management function
  • Analysis of existing state and gaps
  • Development of risk registers
  • Training of staff


Benefits of implementing ERM

MSI ensures the organizations to deliver following benefits, if appropriately supported by the executive management:

  • Increasing the range of business opportunities
  • Identifying and managing entity-wide risk before they occur
  • Increasing positive outcomes and advantage while reducing negative surprises
  • Consistency in performance
  • Improving resource deployment
  • Enhancing enterprise resilience

These benefits highlight the fact that risk should not be viewed solely as a potential constraint or challenge to setting and carrying out a strategy. Rather, the change that underlies risk and the organizational responses to risk give rise to strategic opportunities and key differentiating capabilities.