Enterprise risk management and bow ties: going beyond patient safety

Purpose The growing importance of risk management programmes and practices in different industries has given rise to a new risk management approach, i.e. enterprise risk management. The purpose of this paper is to better understand the necessity, benefit, approaches and methodologies of managing risks in healthcare. It compares and contrasts between the traditional and enterprise risk management approaches within the healthcare context. In addition, it introduces bow tie methodology, a prospective risk assessment tool proposed by the American Society for Healthcare Risk Management as a visual risk management tool used in enterprise risk management. Design/methodology/approach This is a critical review of published literature on the topics of governance, patient safety, risk management, enterprise risk management and bow tie, which aims to draw a link between them and find the benefits behind their adoption. Findings Enterprise risk management is a generic holistic approach that extends the benefits of risk management programme beyond the traditional insurable hazards and/or losses. In addition, the bow tie methodology is a barrier-based risk analysis and management tool used in enterprise risk management for critical events related to the relevant day-to-day operations. It is a visual risk assessment tool which is used in many higher reliability industries. Nevertheless, enterprise risk management and bow ties are reported with limited use in healthcare. Originality/value The paper suggests the applicability and usefulness of enterprise risk management to healthcare, and proposes the bow tie methodology as a proactive barrier-based risk management tool valid for enterprise risk management implementation in healthcare.

Download Full-text

Baseline risk assessment tool: A comprehensive risk management tool for process safety

Process Safety Progress ◽

10.1002/prs.10464 ◽

2011 ◽

Vol 30 (3) ◽

pp. 251-260 ◽

Cited By ~ 3

Author(s):

Paolo Cherubin ◽

Stefano Pellino ◽

Annamaria Petrone

Keyword(s):

Risk Assessment ◽

Risk Management ◽

Assessment Tool ◽

Risk Assessment Tool ◽

Management Tool ◽

Baseline Risk ◽

Process Safety

Download Full-text

MODELLING AND CONTROLLING THE ENTERPRISE RISKS COMPLEX ASSESSMENT SYSTEMON THE BASIS OF RUSSIAN STATE STANDARD ISO 9001-2015 CONCERNING RISK-ORIENTED THINKING. GENERAL PROBLEMS AND WAYS OF SOLVING THEM

Automation and modeling in design and management of ◽

10.30987/2658-6436-2020-2-33-41 ◽

2020 ◽

Vol 2020 (2) ◽

pp. 33-41

Author(s):

Irina Merzlyakova ◽

Aleksandr Feofanov

Keyword(s):

Risk Assessment ◽

Risk Management ◽

State Standard ◽

Control Model ◽

Enterprise Risk Management ◽

Iso 9001 ◽

Management Procedure ◽

Russian State Standard ◽

Russian State ◽

Enterprise Risk

The article considers general problems of implementing the enterprise risk management procedure. One of the ways to solve the problems arising when meeting Russian state standard ISO 9001-2015 requirements concerning risk-oriented thinking is presented. A risk assessment control model aimed at coordinating all kinds of the enterprise departments activities, forming a clear algorithm of risk management procedure implementation and attracting a greater number of employees towards this activity is offered.

Download Full-text

Does the hiring of chief risk officers align with the COSO/ISO enterprise risk management frameworks?

International Journal of Accounting and Information Management ◽

10.1108/ijaim-04-2016-0037 ◽

2017 ◽

Vol 25 (3) ◽

pp. 274-295 ◽

Cited By ~ 2

Author(s):

Erastus Karanja

Keyword(s):

Risk Management ◽

Enterprise Risk Management ◽

Clear Understanding ◽

Press Releases ◽

Apparent Lack ◽

Content Type ◽

Business Operations ◽

Enterprise Risk ◽

The Press ◽

Iso 31000

Purpose There are two main industry-sanctioned enterprise risk management (ERM) models, that is, COSO 2004 and ISO 31000:2009, that firms refer to when implementing ERM programs. Taken together, the two ERM models specify that firms should implement ERM programs to meet a strategic need, improve operations and reporting or to comply with government regulations or industry best practices. In addition, the focus of ERM implementation should be either the subsidiary, business unit, division, firm/entity or global level. The purpose of this study is to investigate whether firms are aligning their ERM implementations with these tenets: strategy, operations, reporting, compliance and the level of implementation. Design/methodology/approach The proxy for ERM implementation is the hiring of a Chief Risk Officer (CRO). The research data come from a sample of 122 US firms that issued a press release following the hiring of a CRO between 2010 and 2014. The press releases were retrieved and aggregated through content analysis in LexisNexis Academic. Findings The results reveal that many ERM implementations are occurring at the firm/entity level, and with the exception of reporting, firms consider ERM to be a strategic firm resource capable of improving business operations and compliance initiatives. Originality/value There is a dearth of research studies specifically investigating whether ERM programs adopted by firms are aligned with the specification of COSO 2004 and ISO 31000:2009 frameworks. The apparent lack of a clear understanding of the alignment between the firm ERM programs and the industry’s ERM frameworks may limit the development and implementation of ERM and the eventual realization of the benefits associated with a successful ERM implementation.

Download Full-text

How Can Enterprise Risk Management Help in Evaluating the Operational Risks for a Telecommunications Company?

Journal of Risk and Financial Management ◽

10.3390/jrfm14030139 ◽

2021 ◽

Vol 14 (3) ◽

pp. 139

Author(s):

José Ruiz-Canela López

Keyword(s):

Risk Management ◽

Banking Sector ◽

Operational Risk ◽

Field Work ◽

Risk Identification ◽

Enterprise Risk Management ◽

Management Tool ◽

Self Assessment ◽

Operational Risks ◽

Enterprise Risk

Operational risk is defined as the potential losses resulting from events caused by inadequate or failed processes, people, equipment, and systems or from external events. One of the most important challenges for the management of the company is to improve its results through its operational risk identification and evaluation. Most of Enterprise Risk Management (ERM) scholarship has roots in the finance/risk management and insurance (RMI) discipline, mainly in the banking sector. This study proposes an innovative operational risk assessment methodology (OpRAM), to evaluate operational risks focused on telecommunications companies (TELCOs), on the basis of an operational risk self-assessment (OpRSA) process and method. The OpRSA process evaluates operational risks through a quantitative analysis of estimates which inputs are the economic impact and the probability of occurrence of events. The OpRSA method is the “engine” for calculating the economic risk impact, applying actuarial techniques, which allow estimation of unexpected losses and expected losses distributions in a TELCO. The results of the analyzed business unit in the field work were compared with standardized ratings (acceptable, manageable, critical, or catastrophic), and contrasted against the company’s managers, proving that the OpRSA framework is a reliable and useful management tool for the business, and leading to more research in other sectors where operational risk management is key for the company success.

Download Full-text

Enterprise risk management and sustainability of banks performance

Journal of Accounting in Emerging Economies ◽

10.1108/jaee-10-2020-0278 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Babajide Oyewo

Keyword(s):

Risk Management ◽

Banking Sector ◽

Management Practice ◽

Enterprise Risk Management ◽

Annual Reports ◽

Banking Reform ◽

Content Type ◽

Enterprise Risk ◽

The Impact

PurposeThis study investigates firm attributes (namely level of capitalisation, scope of operation, organisational structure, organisational lifecycle, systemic importance and size) affecting the robustness of enterprise risk management (ERM) practice, the extent to which ERM affects the performance of banks and the impact of ERM on the long-term sustainability of banks in Nigeria. This was against the backdrop that the 2012 banking reform was a major regulatory intervention that mainstreamed ERM in the Nigerian banking sector.Design/methodology/approachThe study employed a mixed methodology of content, trend and quantitative analyses. Ex post facto research design was deployed to analyse performance differential of banks, with respect to the implementation of ERM, over a 10-year period (2008–2017). A disclosure checklist developed from the COSO ERM integrated framework was used to assess the robustness of ERM by content-analysing divulgence on risk management in published annual reports. The banking reform periods were dichotomised into pre- (2008–2012) and post- (2013–2017) reform periods. Jonckheere–Terpstra test, independent sample t-test and Mann–Whitney test were applied to analyse a total of 1,036 firm-year observations over the period 2008–2017.FindingsResult shows that bank attributes significantly affecting the robustness of risk management practice are level of capitalisation, scope of operation, systemic importance and size. Performance of banks improved slightly during the post-2012 banking reform period. This suggests that as banks consolidate on the gains of ERM, benefits of the regulatory policy on risk management may be realised in the long run. Result also shows that ERM enhances long-term performance, connoting that effective risk management could serve as a competitive strategy for surviving turbulence that typically characterises the banking sector.Practical implicationsThe emergence of level of capitalisation, scope of operation, systemic importance and size as determinants of ERM provides empirical evidence to support the practice of reviewing the capital requirements for banking business from time to time by regulatory authorities (i.e. recapitalisation policy) as a strategy for managing systemic risk. Top management of banks may consider instituting mechanisms that will ensure risk management is given prominence. A proactive approach must be taken to convert risks to opportunities by banks and other financial institutions, going forward, to cope with the vicissitudes of financial intermediation.Originality/valueThe originality of the study stems from the consideration that it provides some new insights into the impact of ERM on banks long-term sustainability in a developing country. The study also contributes to knowledge by exposing the factors determining the robustness of risk management practice. The study developed a checklist for assessing ERM practice from annual reports and other risk management disclosure documents. The paper also adds to the scarce literature on risk governance and risk management.

Download Full-text

Enterprise risk management and Solvency II: the system of governance and the Own Risk and Solvency Assessment

The Journal of Risk Finance ◽

10.1108/jrf-09-2019-0183 ◽

2020 ◽

Vol 21 (4) ◽

pp. 317-332 ◽

Cited By ~ 1

Author(s):

Pablo Durán Santomil ◽

Luis Otero González

Keyword(s):

Risk Management ◽

Insurance Industry ◽

Solvency Ii ◽

Enterprise Risk Management ◽

Insurance Companies ◽

Legal Form ◽

Content Type ◽

Enterprise Risk ◽

Solvency Assessment

Purpose The purpose of this paper is to analyze how enterprise risk management (ERM), the system of governance and the Own Risk and Solvency Assessment (ORSA) have been boosted with the entry of Solvency II. Design/methodology/approach For this analysis, the authors have undertaken a survey of chief risk officers (CROs) working in Spanish insurance companies. Findings The results show that Solvency II has definitely promoted ERM in the European insurance industry and improved the system of governance of the insurance companies, and that the perceived value of the ORSA for the companies is higher than the cost. It is clear that the quality of ERM implemented by companies is higher in those that face more complex risks and with greater interdependencies – that is, larger companies, foreign insurers and insurers with several lines of business – but is unaffected by the legal form of the entity (mutual/corporation). Originality/value This study conducts primary research with surveys of CROs and develops a measure of the quality of ERM implemented by insurance companies.

Download Full-text

Are Regulations Safe? Reflections From Developing a Digital Cancer Decision-Support Tool

JCO Clinical Cancer Informatics ◽

10.1200/cci.20.00148 ◽

2021 ◽

pp. 353-363

Author(s):

Ciarán D. McInerney ◽

Beverly C. Scott ◽

Owen A. Johnson

Keyword(s):

Risk Assessment ◽

Primary Care ◽

Patient Safety ◽

Medical Device ◽

Assessment Tool ◽

Risk Assessment Tool ◽

Cancer Risk Assessment ◽

The European Union ◽

Standards And Regulations ◽

Fit For Purpose

PURPOSE Informatics solutions to early diagnosis of cancer in primary care are increasingly prevalent, but it is not clear whether existing and planned standards and regulations sufficiently address patients' safety nor whether these standards are fit for purpose. We use a patient safety perspective to reflect on the development of a computerized cancer risk assessment tool embedded within a UK primary care electronic health record system. METHODS We developed a computerized version of the CAncer Prevention in ExetER studies risk assessment tool, in compliance with the European Union's Medical Device Regulations. The process of building this tool afforded an opportunity to reflect on clinical concerns and whether current regulations for medical devices are fit for purpose. We identified concerns for patient safety and developed nine practical recommendations to mitigate these concerns. RESULTS We noted that medical device regulations (1) were initially created for hardware devices rather than software, (2) offer one-shot approval rather than supporting iterative innovation and learning, (3) are biased toward loss-transfer approaches that attempt to manage the fallout of harm instead of mitigating hazards becoming harmful, and (4) are biased toward known hazards, despite unknown hazards being an expected consequence of health care as a complex adaptive system. Our nine recommendations focus on embedding less-reductionist and stronger system perspectives into regulations and standards. CONCLUSION Our intention is to share our experience to support research-led collaborative development of health informatics solutions in cancer. We argue that regulations in the European Union do not sufficiently address the complexity of healthcare information systems with consequences for patient safety. Future standards and regulations should continue to follow a system-based approach to risk, safety, and accident avoidance.

Download Full-text

Management accounting systems, enterprise risk management and organizational performance in financial institutions

Asian Review of Accounting ◽

10.1108/ara-03-2013-0022 ◽

2014 ◽

Vol 22 (2) ◽

pp. 128-144 ◽

Cited By ~ 11

Author(s):

Siti Zaleha Abdul Rasid ◽

Che Ruhana Isa ◽

Wan Khairuzzaman Wan Ismail

Keyword(s):

Risk Management ◽

Organizational Performance ◽

Financial Institutions ◽

Management Accounting ◽

Enterprise Risk Management ◽

Accounting Systems ◽

Content Type ◽

Management Accounting Systems ◽

Enterprise Risk ◽

And Control

Purpose – The purpose of this paper is to examine the linkages between management accounting systems (MAS), enterprise risk management (ERM) and organizational performance by examining MAS information characteristics that match ERM implementation and joint effects of MAS and ERM on organizational performance. Design/methodology/approach – The research method involved administering a questionnaire to 106 financial institutions (FIs) in Malaysia. The respondents were chief financial officers or staff members holding the most senior positions in the finance department of the institutions. Findings – The significant findings on the association between ERM and MAS show that implementation of ERM requires the use of sophisticated MAS information. ERM and MAS complement each other as both are integral to decision making, planning and control in an organization. The finding also substantiates the important role of ERM in enhancing non-financial performance. Research limitations/implications – This study covered only MAS as part of sub-control systems in an organization. Future studies could investigate the link between a more comprehensive management accounting and control system and ERM. Furthermore, this study used perceptual measures of MAS, ERM and organizational performance. Practical implications – The regulating body should promote best management practices of sophisticated MAS and ERM among FIs as these practices will create competitive advantage as well as help those institutions comply with regulations. Originality/value – This study has contributed to the body of knowledge on the linkages between MAS, risk management system and organizational performance.

Download Full-text

The effect of enterprise risk management (ERM) on firm value in manufacturing companies listed on Indonesian Stock Exchange year 2010-2013

Asian Journal of Accounting Research ◽

10.1108/ajar-06-2018-0006 ◽

2018 ◽

Vol 3 (2) ◽

pp. 224-235 ◽

Cited By ~ 1

Author(s):

Iswajuni Iswajuni ◽

Arina Manasikana ◽

Soegeng Soetedjo

Keyword(s):

Risk Management ◽

Firm Value ◽

Stock Exchange ◽

Enterprise Risk Management ◽

Managerial Ownership ◽

Manufacturing Companies ◽

Content Type ◽

Significant Negative Effect ◽

Enterprise Risk ◽

Negative Effect

Purpose The purpose of this paper is to identify the effect of enterprise risk management (ERM) with firm size, ROA and managerial ownership as control variables on firm value that is proxied by Tobin’s Q. Design/methodology/approach Population of this research was manufacturing companies listed on the Indonesian Stock Exchange (IDX) in 2010–2013. The used method in this research is multiple linear regression-ordinary least square and hypotheses testing using t-test to test the regression coefficients with level of significance of 5 percent. Findings The results showed that ERM, ROA and size of the company have a significant positive effect on the firm value. While the managerial ownership has a significant negative effect on the firm value. Originality/value The results showed that firm value increases as ERM, ROA and size of the company improves. While the managerial ownership has a significant negative effect on the firm value.

Download Full-text

Enterprise risk management: history and a design science proposal

The Journal of Risk Finance ◽

10.1108/jrf-03-2017-0048 ◽

2018 ◽

Vol 19 (2) ◽

pp. 137-153 ◽

Cited By ~ 11

Author(s):

Michael McShane

Keyword(s):

Risk Management ◽

Management Practices ◽

Design Science ◽

Enterprise Risk Management ◽

Content Type ◽

Research And Practice ◽

Enterprise Risk ◽

Risk Management Process ◽

Management Concepts ◽

Science Approach

Purpose This paper aims to investigate the evolution of enterprise risk management (ERM) out of fragmented disciplinary perspectives to provide a foundation for promoting interdisciplinary research and proposes a design science approach for more effective ERM implementation in organizations. Design/methodology/approach This conceptual paper synthesizes ERM research and practice from multiple disciplines. Findings Corporate risk management concepts were born in academic finance and developed further in the finance subset known as risk management and insurance. With the advent of ERM, efforts must broaden beyond applying statistical models to quantifiable risks. Other disciplines have expanded ERM research by embracing techniques to investigate risk management practices to produce knowledge that integrates practice and theory. ERM is promoted as integrated risk management, yet silos still remain in both practice and research. Originality/value This study provides a foundation and a proposal for moving ERM past academic and organizational silos, which is necessary to achieve the ERM philosophy and increase organizational resilience. Understanding the evolution and fragmented nature of ERM research and practice provides a foundation for interdisciplinary cooperation necessary to achieve the holistic ERM philosophy. A next frontier is effective ERM implementation. This paper argues for an organizational design science approach for mitigating the resistance to change that confounds effective implementation of ERM in organizations facing an increasingly uncertain environment and outlines future research for applying the approach to implementing the ISO 31000 risk management process.

Download Full-text