Enterprise Risk Management
Published: 22-Mar- 2013 | Product Category: Risk Consulting
| Comments: 0
Enterprise risk management (ERM) is a structured,
consistent, and continuous risk management process
applied across an entire organization that allows
companies to better understand and address material
risks. Corporate boards, ratings agencies, and regulatory
bodies are among the key drivers for advancing ERM.
The implementation of ERM can facilitate better capital
resource allocation decisions, increase operational
efficiency, and enhance a company’s risk control efforts
to support critical strategic, compliance, and governance
initiatives. Marsh Risk Consulting (MRC) can help your
organization apply an integrated approach to identifying
and assessing business-critical risks, evaluating
existing risk management infrastructure elements, and
constructing continuous, in-depth ERM processes.
MRC’s ERM specialists analyze risk from
an integrated perspective, exploring risk
relationships within your organization
to create a more sophisticated
understanding of your company’s
material risks. Whether your company is
just beginning the ERM journey or has an
established framework in place, MRC can
assist you in your ERM efforts.
Who It's For
Any publicly traded or privately held
- In a highly regulated industry.
- Seeking to better understand and
mitigate the risks it faces across
the entire organization.
- Wanting to benchmark and
improve existing risk management
- Looking to coordinate and
formalize its risk management
efforts across the enterprise.
What You Get
- A proven process to help you
identify and assess material
risks, develop specific mitigation
strategies, and assess enterprise-wide
technology platforms for
ongoing monitoring and reporting.
- The ability to create a holistic,
enterprise-wide risk aware culture,
drawing upon MRC’s expertise
in industry issues, risk analysis,
analytics, organizational change,
and risk technology.
Identification, Assessment, Analysis, and Prioritization
Current State/Gap Analysis
When considering the steps necessary
to implement an ERM framework, it is
useful to first identify and compare your
organization’s existing capabilities relative
to what capabilities management would
like to have in place. MRC provides a
current state assessment, as well as a
gap analysis against best practice and a
Risk Identification and Assessment
Risk identification and assessment is a
critical framework component. We take a
structured approach to assess risks specific
to your organization. This includes the
collection, identification, categorization,
prioritization, and mapping of risks to
align with your organization’s business
objectives and strategy. The result is a
strategic organizational risk map.
Risk analysis enables you to better
understand the impact risk has on your
organization and your business objectives.
MRC takes a disciplined approach to
understanding your risk appetite and developing tolerance thresholds; modeling
risks and their variance; providing an
analysis of the projected impact of mitigation
strategies; assisting you in determining
optimal capital allocation; and considering
the upside of risk to your business.
A systematic ERM approach calls for
the analysis of possible actions taken
with respect to each risk—accepting it,
managing it, or exploiting it. Moreover,
these options typically necessitate an
implementation plan. MRC offers an
evaluation of risk treatment options
including the projected costs and benefits;
identification of risk ownership; the
recommendation of tailored solutions
appropriate to your business and
objectives; and the implementation of risk
Managing risk across the enterprise
requires coordination. The information
produced by the various businesses and
risk management functions in the risk
assessment and analysis phases must be
disseminated so that the right people are
given the right information at the right time
to make informed business decisions. MRC
can help you determine the appropriate
needs of your business, its management,
and key constituents, and assists in the
design of meaningful communication
processes and materials.
Our comprehensive approach addresses
the needs of board members, senior
managers, risk managers, and other
internal and external stakeholders.
In an effort to sustain risk monitoring and
to make risk reporting more efficient, many
organizations are turning to technology to
support their ERM framework. MRC works
with you to establish principal business
requirements; recommends technology
solutions; assists you in the development and
implementation of a technology infrastructure;
and evaluates various software applications.
Framework Design, Implementation, and Reporting
Instilling a risk-based culture is crucial to
realizing the on-going benefits from ERM.
MRC works with you to enhance existing
processes or create new ones. Activities can
include building communication protocols
based on a “common language” for discussing
risk; enhancing risk governance frameworks;
and integrating risk management activity
into your control and compliance framework,
strategic planning, and business processes.
As a follow-up to these activities, we provide
you with an implementation roadmap to assist
with organizational change.
Rate this Article
Leave a Comment