Please make sure you are using a supported browser. To find out more click here.

Jan 2012

How to evaluate enterprise risk management maturity

Increasingly, boards of directors and senior executive teams are exploring the concept of enterprise risk management (ERM) to better connect their risk oversight practices with the execution of their strategic plan. In spite of this increased focus on ERM, organisations still find it difficult to understand how ERM differs from traditional risk management, and what an effective ERM process looks like.

How the tool is organised:

  1. Risk culture
  2. Risk identification
  3. Risk assessment
  4. Articulation of risk appetite
  5. Risk response
  6. Risk reporting
  7. Integration with strategic planning
  8. Assessment of ERM effectiveness

Find out more

Enterprise Risk Management is a process, effected by the entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within the risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.

COSO’s Enterprise Risk Management – Integrated Framework (2004)

CGMA Resources

Browse the full range of Thought Leadership resources here.

Find out more