Skip to main content

Practice Aid: Enterprise Risk Management: Guidance For Practical Implementation and Assessment, 2018

E-Book

$71.99

Practice Aid: Enterprise Risk Management: Guidance For Practical Implementation and Assessment, 2018

AICPA

ISBN: 978-1-948-30637-9 November 2018 64 Pages

E-Book
$71.99
Paperback
$89.00
O-Book
Download Product Flyer

Download Product Flyer

Download Product Flyer is to download PDF in new tab. This is a dummy description. Download Product Flyer is to download PDF in new tab. This is a dummy description. Download Product Flyer is to download PDF in new tab. This is a dummy description. Download Product Flyer is to download PDF in new tab. This is a dummy description.

Description

This publication includes invaluable guidance for anyone responsible for or advising on an enterprise risk management process (ERM), whether the process is in its early stages or is already well established. This resource will help ensure the ERM process is well designed, well executed, and ultimately successful. Global, economic, and regulatory conditions as well as everyday internal risks can affect business operations, so it is important to have a process in place that identifies these events and manages risks. This guide leverages the concepts of existing frameworks as a foundation for providing illustrative examples, best practices, and guidance for implementing or assessing an enterprise risk management process.

1 Overview of the Enterprise Risk Management Publication 1

I. Introduction 1

II. Who Should Use This Publication 2

III. Conceptual Basis for This Publication 2

2 ERM Benefits, Concepts, and Components 3

I. Benefits of a Successful ERM Program 3

II. ERM Concepts 4

Definition of ERM 4

Risks and Opportunities 4

Risk in Strategy and Objective-Setting 4

The Importance of Taking an Enterprise or Portfolio View of Risk 5

Risk Appetite, Risk Tolerance, and Risk Profile 5

Risk Inventory 6

Emerging Risks 6

Integration and Embeddedness 6

III. Components of an ERM Program 6

1.0 Governance and Culture 7

2.0 Strategy and Objective Setting 8

3.0 Performance 9

4.0 Review and Revision 13

5.0 Information, Communication, and Reporting 13

3 ERM Roles and Responsibilities 15

I. Organization Roles 15

Board or Equivalent Roles 15

Organization Management 16

Internal Auditors 16

II. The Role of External Parties in the ERM Process 17

4 ERMProgramDevelopment 19

I. Mobilize 19

Establishing Appropriate Sponsorship and Resourcing 20

ERM Sponsorship 20

Commitment of Resources 20

Establishing Roles and Responsibilities 21

Program Governance 21

Planning and Launch for an Initial Program Development Phase 21

Timeline 21

II. Current State Analysis 22

Current State Considerations 22

Creating an Initial Inventory of Activities and Outcomes and Gather Documentation 23

Timeline 24

III. Future State Operating Model Design 24

Peer and Industry Analysis 24

Developing a Target ERM Operating Model and Framework 25

Developing the ERM Risk Appetite and Risk Tolerances 25

Linking Current ERM Activities to the ERM Program Plan 27

Documenting ERM Policies 27

ERM Program Scalability and Related Considerations 27

ERM Program Technology Considerations 27

Timeline 28

IV. Gap Analysis 28

Preliminary Observations 28

Recommendations 29

Timeline 29

V. Implementation and Reporting 29

Developing Implementation Roadmap and Project Plan 30

Designing Program Performance Measures and Reporting 30

Communication and Training 30

Changes to the Implementation Plan 30

Timeline 31

5 ERM Program Evaluation and Continuous Improvement. 33

I. ERM Program Evaluation 33

Approach to an ERM Program Evaluation 33

II. Continuous Improvement 34

Approach to Continuous Improvement 34

Commitment to Continuous Improvement 36

Glossary of Terms 37

Appendix A—COSO and ISO 31000 Framework Mapping 39

Appendix B—Example ERM Program Maturity Self-Assessment 45

Appendix C —References 51