Enterprise risk management (ERM) is characterised by a
1. Narrow focus of hazard risks
2. Comprehensive, inclusive and proactive approach to risk management
3. Functional approach to risk management responsibilities
...
Enterprise risk management (ERM) is characterised by a
1. Narrow focus of hazard risks
2. Comprehensive, inclusive and proactive approach to risk management
3. Functional approach to risk management responsibilities
4. Lack of consistency in terms of level of detail and reporting formats
The purpose of an ERM policy is to
1. Assist an organisation integrating risk management into its management processes
2. Communicate externally that risk management is being practiced
3. Satisfy internal and external audit requirements
4. Set out how the risks will be managed and controlled
A risk management policy sets out how the risk, which have been identified by the risk assessment procedure, will be managed and controlled.The risk management policy assigns responsibility for performing key tasks, establishes accountability with the appropriate managers, defines boundaries and limits and formalises reporting structures. The policy should address specific responsibilities of the board, internal audit, external audit, the risk committee, the corporate governance committee, the central risk function, employees and third party contractors in implementing risk management. A policy statement defines a general commitment, direction or intention. A policy on risk management expresses an organisation’s commitment to risk management and clarifies its general direction or intention.
What do boards fundamentally seeks from an ERM system?
1. The avoidance of unpleasant surprises and losses
2. Integration of risk management, audit and governance
3. Robust procedures
4. Competent risk management teams
[Show More]