“Risks are becoming more imminent,” the World Economic Forum warned in its Global Risk Report 2016. Existential threats confronting companies today are multiplying – think of new competitors, regulatory complexity, supply chain fragility and cyber-threats, to name just a few.
Risks threaten entire enterprises, not just specific business units, programs or processes. So organizations need to establish Enterprise Risk Management (ERM) program. ERM helps organizations manage risks from strategy setting to organizational culture to execution. It provides tools, templates and communications that can be applied consistently across the whole enterprise. It enables a portfolio view of all risks and the way how they interconnect.
We served as the principal authors of the COSO ERM Integrated Framework in 2004, which became the leading framework for delivering ERM. And we’re leading the development of COSO’s revision in 2016: ERM Enterprise Risk Management – Aligning Risk with Strategy and Performance.