There will be ongoing maintenance on MyCIMA from June 24 Thursday, 22:00 (BST) till June 25 Friday, 3:00 (BST). Users can still access MyCIMA to schedule or start an Exam but other MyCIMA services will not be available. Users will not be able access Study Planner, CGMA Store,, and Competency and Learning. In the meantime, we apologize for any inconvenience caused.  

Jan 2012

How to evaluate enterprise risk management maturity

Increasingly, boards of directors and senior executive teams are exploring the concept of enterprise risk management (ERM) to better connect their risk oversight practices with the execution of their strategic plan. In spite of this increased focus on ERM, organisations still find it difficult to understand how ERM differs from traditional risk management, and what an effective ERM process looks like.

How the tool is organised:

  1. Risk culture
  2. Risk identification
  3. Risk assessment
  4. Articulation of risk appetite
  5. Risk response
  6. Risk reporting
  7. Integration with strategic planning
  8. Assessment of ERM effectiveness

Find out more

Enterprise Risk Management is a process, effected by the entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within the risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.

COSO’s Enterprise Risk Management – Integrated Framework (2004)

CGMA Resources

Browse the full range of Thought Leadership resources here.

Find out more