ERM program setup

ERM framework

ERM Framework vs. ERM Process – Understanding the Difference

In the vast arsenal of materials discussing enterprise risk management, words are thrown around that may be unclear to novice risk professionals or executives unfamiliar with ERM. While I intuitively know the difference between an ERM framework and process, the random use of these terms can lead to confusion for some. If you’ve read my…
Read More
Chief Risk Officer

Chief Risk Officer: An Increasingly Vital Role in Effective Risk Oversight

The 2019 State of Risk Oversight report from NC State recently came out with some interesting results about the current state of risk management leadership in organizations. The report breaks down results into four different industry-categories – large organizations, public companies, financial institutions, and not-for-profit. Over the last five years, nonprofits have seen the biggest…
Read More

COSO ERM Framework – Background & Overview

The COSO ERM framework is one of two widely accepted risk management standards organizations use to help manage risks in an increasingly turbulent, unpredictable business landscape. We previously discussed the background and a general overview of the other commonly used ERM framework, ISO 31000. COSO, which is short for the Committee of Sponsoring Organizations of…
Read More
ERM standard

The ISO 31000 ERM Standard – Background & Overview

Since its inception, ISO 31000 has become a widely accepted standard for enterprise risk management by private corporations, government bodies, and nonprofit organizations throughout the world. Although the ISO standard has only been around for 10 years, its origins date back to 1995 when the AS/NZS 4360 standard from Australia and New Zealand was first…
Read More

ERM Implementation: What Risk Professionals Consider the #1 Challenge To Be

Podcast: Play in new window | DownloadI recently asked of fellow risk professionals “what is your single biggest challenge when it comes to ERM implementation?” What do you think the answers were? Maybe figuring out how to assess risks? Maybe integrating with strategy? Or aggregation of risks? Nope. Tone at the top! Yes, the executives…
Read More
ERM infrastructure

3 Key Infrastructure Elements for a Successful ERM Program

NC State’s ERM Initiative recently released their 2018 report on the State of Risk Oversight, which is very useful to see the progress (…or not) being made by organizations with enterprise risk management. One of the sections in this year’s report studies the infrastructure of an ERM program, specifically a designated leader of risk, management-level…
Read More
ERM on a budget

ERM on a Budget: It is Possible! – 7 Key Considerations

When I started my consulting firm in August 2016, I knew I wanted to help organizations perform better by using enterprise risk management (ERM) instead of just traditional risk management. After all, I know how well ERM can work when done right and how much the organization can benefit from it. But as a start-up,…
Read More

3 Ways to Mature your ERM Program and Why They’re All Bad

In a nutshell, ERM can be a powerful tool for ensuring executives are making risk-informed decisions and limited resources are being used in the most efficient manner. Unfortunately, this isn’t something you can simply wish for and it’s done. Getting an ERM program to this point requires time and LOTS of patience and diligence. There’s…
Read More

ERM and Internal Audit: The Right Relationship

There is much discussion and debate about how Internal Audit and Enterprise Risk Management (ERM) should be connected. Some say ERM can be embedded within the internal audit group. I don’t fall in this group. Internal audit standards say that internal auditors should be objective and not unduly influenced. In other words, independent. I have…
Read More
Menu