scholarly journals A Comparison of the Main ERM Frameworks: How Limitations and Weaknesses can be Overcome Implementing IT Governance

2018 ◽  
Vol 13 (12) ◽  
pp. 203 ◽  
Author(s):  
Michele Rubino
Keyword(s):  
Risk Management ◽  
Business Strategy ◽  
Business Processes ◽  
It Governance ◽  
Enterprise Risk Management ◽  
Professional Literature ◽  
Policies And Procedures ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Successful Business

The significance of the Enterprise Risk Management (ERM) is widely recognized by the academic and professional literature. Knowledge and management of business risks are an integral part of every successful business strategy and are increasingly becoming a primary factor of competitiveness. Although several risk management frameworks have been published and updated over time, these standards still have limitations. The advent of IT helped companies to better manage business risks. The rise of the IT governance has improved the management and the monitoring of business processes as well as the implementation of policies and procedures. The aim of this paper is twofold. First, a comparative analysis of the main risk management frameworks was carried out, highlighting their limits and weaknesses. Second, it was highlighted how the IT governance and the related frameworks as COBIT could contribute to a better implementation of the risk management process that allows to overcome the limitations of the examined standards.The significance of the Enterprise Risk Management (ERM) is widely recognized by the academic and professional literature. Knowledge and management of business risks are an integral part of every successful business strategy and are increasingly becoming a primary factor of competitiveness. Although several risk management frameworks have been published and updated over time, these standards still have limitations. The advent of IT helped companies to better manage business risks. The rise of the IT governance has improved the management and the monitoring of business processes as well as the implementation of policies and procedures. The aim of this paper is twofold. First, a comparative analysis of the main risk management frameworks was carried out, highlighting their limits and weaknesses. Second, it was highlighted how the IT governance and the related frameworks as COBIT could contribute to a better implementation of the risk management process that allows to overcome the limitations of the examined standards.

scholarly journals Enterprise Risk Management: A Literature Review and Agenda for Future Research

2020 ◽  
Vol 13 (11) ◽  
pp. 281
Author(s):  
Sorin Gabriel Anton ◽  
Anca Elena Afloarei Nucu
Keyword(s):  
Risk Management ◽  
Literature Review ◽  
Organizational Factors ◽  
Enterprise Risk Management ◽  
Empirical Literature ◽  
Future Research ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Starting Point ◽  
Enterprise Level

The Enterprise Risk Management (ERM) process has heterogeneously developed across the world, although it represents a leading paradigm, supporting organizations to identify, evaluate, and manage risks at the enterprise level. Academics have studied the process, but there is no complete picture of the determinants and implications of such an integrated risk management process. Therefore, we present a systematic empirical literature review on ERM, based on a research protocol. The review highlights that the ERM literature can be divided into four general lines of research: the ERM adoption, the determinants of the ERM implementation, the effects of ERM adoption, and other aspects. In contrast to the richness of studies devoted to ERM engagement in small and medium-sized enterprises (SMEs), studies exploring ERM adoption in banks or insurance are relatively few. The literature review has revealed that the most frequently investigated effect of ERM is on firm performance. Little effort has been dedicated to the analysis of the effectiveness of ERM by its components and to institutional, individual, and organizational factors that affect ERM adoption. The study can serve as a starting point for scholars to explore research gaps related to ERM, while the practitioners can rely on the presented findings to identify the effects of the ERM implementation.

Enterprise risk management: history and a design science proposal

2018 ◽  
Vol 19 (2) ◽  
pp. 137-153 ◽  
Author(s):  
Michael McShane
Keyword(s):  
Risk Management ◽  
Management Practices ◽  
Design Science ◽  
Enterprise Risk Management ◽  
Content Type ◽  
Research And Practice ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Management Concepts ◽  
Science Approach

Purpose This paper aims to investigate the evolution of enterprise risk management (ERM) out of fragmented disciplinary perspectives to provide a foundation for promoting interdisciplinary research and proposes a design science approach for more effective ERM implementation in organizations. Design/methodology/approach This conceptual paper synthesizes ERM research and practice from multiple disciplines. Findings Corporate risk management concepts were born in academic finance and developed further in the finance subset known as risk management and insurance. With the advent of ERM, efforts must broaden beyond applying statistical models to quantifiable risks. Other disciplines have expanded ERM research by embracing techniques to investigate risk management practices to produce knowledge that integrates practice and theory. ERM is promoted as integrated risk management, yet silos still remain in both practice and research. Originality/value This study provides a foundation and a proposal for moving ERM past academic and organizational silos, which is necessary to achieve the ERM philosophy and increase organizational resilience. Understanding the evolution and fragmented nature of ERM research and practice provides a foundation for interdisciplinary cooperation necessary to achieve the holistic ERM philosophy. A next frontier is effective ERM implementation. This paper argues for an organizational design science approach for mitigating the resistance to change that confounds effective implementation of ERM in organizations facing an increasingly uncertain environment and outlines future research for applying the approach to implementing the ISO 31000 risk management process.

Corporate governance and the information system: how a framework for IT governance supports ERM

2014 ◽  
Vol 14 (3) ◽  
pp. 320-338 ◽  
Author(s):  
Michele Rubino ◽  
Filippo Vitolla
Keyword(s):  
Risk Management ◽  
Corporate Governance ◽  
Internal Control ◽  
It Governance ◽  
Enterprise Risk Management ◽  
Content Type ◽  
Enterprise Risk ◽  
Control Framework ◽  
Internal Control System ◽  
A Company

Purpose – The purpose of this paper is to illustrate how information technology (IT) governance supports the process of enterprise risk management (ERM). In particular, the paper illustrates how the Control Objectives for Information and related Technology (COBIT) framework helps a company reach its objectives by integrating and supporting the Enterprise Risk Management by the Committee of Sponsoring Organizations (COSO ERM) framework. Design/methodology/approach – This paper explains how the integration between the two frameworks (COSO ERM and COBIT 5) can represent, for any organization, a good way to achieve the objectives of internal control and risk management and, more generally, corporate governance. Findings – The paper identifies some gaps in the COSO ERM and illustrates how the COBIT framework facilitates the implementation of an adequate system of internal control. Originality/value – The originality of the work presented here is in analyzing the COBIT 5 together with the COSO ERM framework. This paper highlights that is not enough to apply only an internal control framework for achieving the risk management and internal control system objectives. An IT governance framework, such as COBIT 5 is proposed as a tool that support risk management in order to develop an adequate system of internal control.

scholarly journals FOREIGN OWNERSHIP AND SUSTAINABILITY PERFORMANCE IN INDONESIA

2019 ◽  
Vol 1 (1) ◽  
pp. 1-15
Author(s):  
Hesty Erviani Zulaecha ◽  
Murtanto
Keyword(s):  
Risk Management ◽  
Business Strategy ◽  
Design Research ◽  
Secondary Data ◽  
Foreign Ownership ◽  
Enterprise Risk Management ◽  
Manufacturing Companies ◽  
Firm Age ◽  
Sustainability Performance ◽  
Enterprise Risk

Purpose: This research is designed to find empirical evidence on the influence of Foreign Ownership as moderating to enterprise risk management, business strategy, and firm age on sustainability performance. Design/Research method: This research was tested through random samples of 11 manufacturing companies period 2014-2017. Regression analysis was adopted to test the hypotheses Finding: The results indicate that enterprise risk management, business strategy, and foreign ownership have significant influence to sustainability performance. But, the firm age doesn’t have influence on sustainability performance. Limitation: The use of secondary data and content analysis methods that cause limitations in conclusions and are subjective. Implication: This research shows that the harmonious relationship between strategic management related to enterprise risk management, business strategy, and the role of foreign ownership to achieve high sustainability performance

scholarly journals Enterprise Risk Management in the Specialty Chemical Distribution Sector: A Literature Review

2020 ◽  
Vol 6 (1) ◽  
pp. 10
Author(s):  
Kin Bee Tay
Keyword(s):  
Risk Management ◽  
Literature Review ◽  
Enterprise Risk Management ◽  
Theory Approach ◽  
Enterprise Risk ◽  
Risk Management Process ◽  
Specialty Chemical ◽  
Distribution Sector ◽  
Chemical Distribution ◽  
The Impact

A literature review was conducted on risks in businesses, types of risks and risk management in general, and further research was conducted for three of the selected global specialty chemical distributors, namely Brenntag, IMCD and Univar. The purpose of the research is to identify the risks and types of risk confronting the specialty chemical distribution sector, how they identify their risks, manage them, and quantify their risks, if at all.The stakeholder theory approach was adopted for the research on enterprise risk management. There was strong convergence on the risks identified from the research and the differences being only on the extent of the impact each of the risk had on the specific company. The choice of the global specialty chemical distributors, Brenntag, IMCD and Univar, for the research was justified because of their prominence in the global market space and the risks identified would be representative of the risks in the chemical distribution sector. Different companies identify their risks and the type of risks differently, but there are many similarities on the risks identified between each of them. Many of the risks identified revolves around issues in financial, operational, legal and regulatory, economics and political, markets, and safety, health and the environment.The depth of the risks identified and analyzed by Brenntag, IMCD and Univar varies in their risk management process but they all have invested significant effort in their financial risks, especially the impact in fluctuations of interest and foreign exchange rates on their financial performances.

scholarly journals The Interrelation of Information Technology Governance and Enterprise Risk Management to The Organization’s Performance: A Review of Empirical Literature

2021 ◽  
Vol 1 (5) ◽  
pp. 37-46
Author(s):  
Kevin Bastian Sirait
Keyword(s):  
Information Technology ◽  
Risk Management ◽  
It Governance ◽  
Enterprise Risk Management ◽  
Empirical Literature ◽  
Technology Governance ◽  
Business Operations ◽  
Information Technology Governance ◽  
Enterprise Risk ◽  
The Impact

Given that the role of information technology (IT) governance and enterprise risk management (ERM) within the organization are imperative due to the ever-increasing complexity in the corporate environment, this study aims to uncover the relationship between IT governance and ERM along with the impact of the two frameworks’ interconnectedness on the organization’s performance through empirical literature review. Furthermore, the findings obtained from the empirical review are also used to create a checklist that every organization can apply. The purpose of the created checklist is to help organizations examine the interconnectedness of their IT governance and ERM with respect to their needs and objectives. The findings from the empirical review show that both IT governance and ERM emphasize the importance of strategic and process alignment regarding its implementation, and it is positively significant to the organization’s performance. Hence, the level of effectiveness of one’s IT- and risk-oriented approaches are dictated by how well an organization appropriately aligns its IT governance and ERM structure, mechanism, and process with its objectives, needs, and business operations.

scholarly journals Features of enterprise risk management associated with operational risks

2021 ◽  
Vol 10 (46) ◽  
pp. 9-19
Author(s):  
Andrey S. Boyar-Sozonovitch ◽  
Alexey Yu. Buikin ◽  
Kirill V. Pitelinskiy
Keyword(s):  
Risk Management ◽  
Business Processes ◽  
Enterprise Risk Management ◽  
Classification Systems ◽  
Corporate Risk Management ◽  
Economic Relations ◽  
Operational Risks ◽  
Sufficient Detail ◽  
Enterprise Risk ◽  
Corporate Risk

Purpose of the work: within the framework of the concept of corporate risk management Enterprise Risk Management (ERM) to study the basic types of risks, assess their role in the modern economy, analyze external and internal operational risks and propose approaches to their quantitative assessment. As a research methodology, it is proposed to use the developed tools of mathematical and numerical modeling, which allows one to obtain, in the key of interest to the decision maker, qualitative and quantitative characteristics of the dynamics of business processes. The operational and economic risks (as very often occurring in the activities of subjects of economic relations) and directly affecting their economic and information security are considered in sufficient detail. It is noted that the risks associated with disruption of business continuity (which enterprises face in their activities) can be included in various classification systems of risks, grouped according to various criteria. The need to identify the mismatch between the design and actual metrics of the organizational structure (establishment of its structure and operating schemes based on the needs of the enterprise/organization) is indicated for solving the optimization problem.

Sign in / Sign up

Export Citation Format

Share Document