Enterprise Risk Management and the Risk Management Process

2017 ◽  
pp. 109-142
Author(s):  
Greg Niehaus
Keyword(s):  
Risk Management ◽  
Enterprise Risk Management ◽  
Management Process ◽  
Enterprise Risk ◽  
Risk Management Process

Cyber risk management in SMEs: insights from industry surveys

2021 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Felicitas Hoppe ◽  
Nadine Gatzert ◽  
Petra Gruner
Keyword(s):  
Risk Management ◽  
Cyber Security ◽  
Future Research ◽  
Management Process ◽  
Content Type ◽  
Security Culture ◽  
Current State ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Cyber Risk

PurposeThis article aims to gain insights on the current state of small- and medium-sized enterprises’ (SMEs’) cyber risk management process and to derive future research directions.Design/methodology/approachThis is done by collecting market insights from 37 recent industry surveys and structuring them based on the steps of the risk management process. From this analysis, major challenges are derived and future fields of research identified.FindingsThe results indicate that deficiencies in risk culture as well as the strained market for IT experts are the major obstacles with respect to the implementation of cyber risk management in SMEs, and that these challenges are similar across countries. The findings suggest that especially the relationship between cyber security culture and cyber risk management should be investigated further, and that a stronger link between the research streams on enterprise risk management and cyber risk management would be desirable.Originality/valueThis paper contributes to the literature by providing a systematic overview on the current state of SMEs' cyber risk management from a market perspective. The findings provide support for the existing academic literature by emphasizing the central role of cyber security culture (perception, knowledge, attitude) for a successful cyber risk management, which however should be addressed in more depth in future (empirical) research.

scholarly journals Enterprise Risk Management: A Literature Review and Agenda for Future Research

2020 ◽  
Vol 13 (11) ◽  
pp. 281
Author(s):  
Sorin Gabriel Anton ◽  
Anca Elena Afloarei Nucu
Keyword(s):  
Risk Management ◽  
Literature Review ◽  
Organizational Factors ◽  
Enterprise Risk Management ◽  
Empirical Literature ◽  
Future Research ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Starting Point ◽  
Enterprise Level

The Enterprise Risk Management (ERM) process has heterogeneously developed across the world, although it represents a leading paradigm, supporting organizations to identify, evaluate, and manage risks at the enterprise level. Academics have studied the process, but there is no complete picture of the determinants and implications of such an integrated risk management process. Therefore, we present a systematic empirical literature review on ERM, based on a research protocol. The review highlights that the ERM literature can be divided into four general lines of research: the ERM adoption, the determinants of the ERM implementation, the effects of ERM adoption, and other aspects. In contrast to the richness of studies devoted to ERM engagement in small and medium-sized enterprises (SMEs), studies exploring ERM adoption in banks or insurance are relatively few. The literature review has revealed that the most frequently investigated effect of ERM is on firm performance. Little effort has been dedicated to the analysis of the effectiveness of ERM by its components and to institutional, individual, and organizational factors that affect ERM adoption. The study can serve as a starting point for scholars to explore research gaps related to ERM, while the practitioners can rely on the presented findings to identify the effects of the ERM implementation.

Enterprise risk management: history and a design science proposal

2018 ◽  
Vol 19 (2) ◽  
pp. 137-153 ◽  
Author(s):  
Michael McShane
Keyword(s):  
Risk Management ◽  
Management Practices ◽  
Design Science ◽  
Enterprise Risk Management ◽  
Content Type ◽  
Research And Practice ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Management Concepts ◽  
Science Approach

Purpose This paper aims to investigate the evolution of enterprise risk management (ERM) out of fragmented disciplinary perspectives to provide a foundation for promoting interdisciplinary research and proposes a design science approach for more effective ERM implementation in organizations. Design/methodology/approach This conceptual paper synthesizes ERM research and practice from multiple disciplines. Findings Corporate risk management concepts were born in academic finance and developed further in the finance subset known as risk management and insurance. With the advent of ERM, efforts must broaden beyond applying statistical models to quantifiable risks. Other disciplines have expanded ERM research by embracing techniques to investigate risk management practices to produce knowledge that integrates practice and theory. ERM is promoted as integrated risk management, yet silos still remain in both practice and research. Originality/value This study provides a foundation and a proposal for moving ERM past academic and organizational silos, which is necessary to achieve the ERM philosophy and increase organizational resilience. Understanding the evolution and fragmented nature of ERM research and practice provides a foundation for interdisciplinary cooperation necessary to achieve the holistic ERM philosophy. A next frontier is effective ERM implementation. This paper argues for an organizational design science approach for mitigating the resistance to change that confounds effective implementation of ERM in organizations facing an increasingly uncertain environment and outlines future research for applying the approach to implementing the ISO 31000 risk management process.

scholarly journals Enterprise Risk Management in the Specialty Chemical Distribution Sector: A Literature Review

2020 ◽  
Vol 6 (1) ◽  
pp. 10
Author(s):  
Kin Bee Tay
Keyword(s):  
Risk Management ◽  
Literature Review ◽  
Enterprise Risk Management ◽  
Theory Approach ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Specialty Chemical ◽  
Distribution Sector ◽  
Chemical Distribution ◽  
The Impact

A literature review was conducted on risks in businesses, types of risks and risk management in general, and further research was conducted for three of the selected global specialty chemical distributors, namely Brenntag, IMCD and Univar. The purpose of the research is to identify the risks and types of risk confronting the specialty chemical distribution sector, how they identify their risks, manage them, and quantify their risks, if at all.The stakeholder theory approach was adopted for the research on enterprise risk management. There was strong convergence on the risks identified from the research and the differences being only on the extent of the impact each of the risk had on the specific company. The choice of the global specialty chemical distributors, Brenntag, IMCD and Univar, for the research was justified because of their prominence in the global market space and the risks identified would be representative of the risks in the chemical distribution sector. Different companies identify their risks and the type of risks differently, but there are many similarities on the risks identified between each of them. Many of the risks identified revolves around issues in financial, operational, legal and regulatory, economics and political, markets, and safety, health and the environment.The depth of the risks identified and analyzed by Brenntag, IMCD and Univar varies in their risk management process but they all have invested significant effort in their financial risks, especially the impact in fluctuations of interest and foreign exchange rates on their financial performances.

scholarly journals A Comparison of the Main ERM Frameworks: How Limitations and Weaknesses can be Overcome Implementing IT Governance

2018 ◽  
Vol 13 (12) ◽  
pp. 203 ◽  
Author(s):  
Michele Rubino
Keyword(s):  
Risk Management ◽  
Business Strategy ◽  
Business Processes ◽  
It Governance ◽  
Enterprise Risk Management ◽  
Professional Literature ◽  
Policies And Procedures ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Successful Business

The significance of the Enterprise Risk Management (ERM) is widely recognized by the academic and professional literature. Knowledge and management of business risks are an integral part of every successful business strategy and are increasingly becoming a primary factor of competitiveness. Although several risk management frameworks have been published and updated over time, these standards still have limitations. The advent of IT helped companies to better manage business risks. The rise of the IT governance has improved the management and the monitoring of business processes as well as the implementation of policies and procedures. The aim of this paper is twofold. First, a comparative analysis of the main risk management frameworks was carried out, highlighting their limits and weaknesses. Second, it was highlighted how the IT governance and the related frameworks as COBIT could contribute to a better implementation of the risk management process that allows to overcome the limitations of the examined standards.The significance of the Enterprise Risk Management (ERM) is widely recognized by the academic and professional literature. Knowledge and management of business risks are an integral part of every successful business strategy and are increasingly becoming a primary factor of competitiveness. Although several risk management frameworks have been published and updated over time, these standards still have limitations. The advent of IT helped companies to better manage business risks. The rise of the IT governance has improved the management and the monitoring of business processes as well as the implementation of policies and procedures. The aim of this paper is twofold. First, a comparative analysis of the main risk management frameworks was carried out, highlighting their limits and weaknesses. Second, it was highlighted how the IT governance and the related frameworks as COBIT could contribute to a better implementation of the risk management process that allows to overcome the limitations of the examined standards.

Enterprise risk management: a capability-based perspective

2017 ◽  
Vol 18 (3) ◽  
pp. 234-251 ◽  
Author(s):  
Yevgen Bogodistov ◽  
Veit Wohlgemuth
Keyword(s):  
Risk Management ◽  
Dynamic Capabilities ◽  
Enterprise Risk Management ◽  
Dynamic Capability ◽  
Resource Based View ◽  
Content Type ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Management Concepts ◽  
The Impact

Purpose The purpose of this study is to enhance the existing enterprise risk-management (ERM) theory by introducing both a resource-based view and a dynamic capability perspective. These strategic management concepts might resolve several theoretical shortcomings in the field of risk management. The concept of risk-management capabilities is proposed as an explanation of a firm’s risk resilience. Design/methodology/approach This paper is conceptual in nature. For illustrative purposes, the paper refers to practical examples. Findings First, the resource-based view provides a framework that helps to set priorities in risk management. Second, the dynamic capability perspective illustrates how firms can handle unforeseen events. Third, it is proposed that dynamic capabilities are needed to allow a constant reassessment of the impact of specific resources and, consequently, of ERM priorities. Fourth, a risk-management capability, as an integral part of a dynamic capability, allows firms to develop risk resilience in turbulent environments. Research limitations/implications This paper develops an enhanced framework for ERM within specific boundary conditions. It shows how priorities at the strategic level are to be set, and how these priorities influence the operational level of risk management. Practical implications The framework provides clear guidelines on setting priorities in ERM and implementing a risk-management process within firms. Originality/value This study contributes to the theoretical literature on ERM by enhancing it through a new framework. The resource-based view and dynamic capability perspective benefit through insights from risk-management literature.

Generic Health Care Hospital: The Road to an Integrated Risk Management System

2011 ◽  
Vol 26 (2) ◽  
pp. 305-319 ◽  
Author(s):  
Priscilla Burnaby ◽  
Susan Hass ◽  
Anthony O'Reilly
Keyword(s):  
Risk Management ◽  
Internal Control ◽  
Management System ◽  
Control Structure ◽  
Hospital Setting ◽  
Enterprise Risk Management ◽  
Care Hospital ◽  
Risk Management System ◽  
Enterprise Risk ◽  
Risk Management Process

ABSTRACT Three related areas—Sarbanes-Oxley's requirements for control reports, COSO's Enterprise Risk Management (ERM) suggested control structure, and the enterprise risk management process—need more classroom materials to demonstrate to students the importance of a cohesive risk analysis process and control system for an organization to be successful and competitive. This case requires students to understand the importance of risk management, the implementation of an internal control structure, and a controls review in a hospital setting for compliance and administration of Medicare and Medicaid costs. Although the facts of the case are based on professionals' consulting experiences, the hospital in the case is fictional and is a composite of many client engagements. This case is appropriate for an analysis for potential fraud, a Sarbanes-Oxley Act (SOX) review of risks and internal controls, assessment of compliance with laws and regulations, and implementation of an enterprise-wide risk management system.

scholarly journals Enterprise Risk Management to Minimizing Financial Distress Condition Using Analytical Hierarchy Process Method in PT. XYZ

2021 ◽  
Vol 6 (1) ◽  
pp. 76-86
Author(s):  
Ervie Nur Afifa Mukhlis ◽  
Sylviana Maya Damayanti
Keyword(s):  
Risk Management ◽  
Financial Distress ◽  
Enterprise Risk Management ◽  
Z Score ◽  
Risk Environment ◽  
Bankruptcy Risk ◽  
Telecommunications Infrastructure ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Hierarchy Process

PT. XYZ as one of telecommunications infrastructure providers that suffered losses gave a strong signal that the company was experiencing financial distress. Altman z-score is used to know the condition of the company. The result of Altman z-score analysis company has to further analyze the cause of financial distress. To prevent the company from bankruptcy risk, we cannot only focus on the financial aspect but also from various aspect. Enterprise risk management is used as a tool to identify what risks that could lead companies to experience financial distress and which risk should be mitigated. Risk assessment in this study using the analytic hierarchy process to check and reduce the expert inconsistency. After conducting risk management process, monitoring and review as the final step and implementation of this study. The result from this study is most of the risk are classified into high and medium risk can be mitigate by reduce or transfer the risk depend on the most suitable risk treatment. There are risks that classified as low risk, environment risk and promotion risk.

scholarly journals Using digit analysis to evaluate financial reporting risk in the enterprise risk management process

2008 ◽  
Vol 6 (1-4) ◽  
pp. 443-448
Author(s):  
Shirley J. Daniel ◽  
Liming Guan ◽  
John P. Wendell
Keyword(s):  
Risk Management ◽  
Financial Reporting ◽  
Boards Of Directors ◽  
Enterprise Risk Management ◽  
Audit Committees ◽  
Management Tools ◽  
Rating Agencies ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Reported Earnings

Boards of Directors and their audit committees are responsible for the oversight of risk management for the enterprise. Because entities are being asked by rating agencies to more explicitly describe their enterprise risk management processes, boards and management will be well served to employ risk management tools to efficiently and effectively assist them in identifying areas of higher financial reporting risk. Studies using digit pattern analysis of earnings have consistently found that reported earnings are subject to misstatements due to inappropriate rounding. Recent actions by regulators make it clear that such misstatements, even when relatively small in magnitude, are unacceptable. This article provides guidelines and a new tool for preventing and detecting such misstatements

Sign in / Sign up

Export Citation Format

Share Document