enterprise risk management [English]
Other Languages
- gestión de riesgo institucional (Spanish)
- gerenciamento de riscos corporativos (Portuguese)
Syndetic Relationships
- RT: risk
InterPARES Definition
n. ~ A risk management program that considers the whole of an organization rather than an isolated part.
Other Definitions
- Gartner IT Glossary (†298 s.v. enterprise risk management (ERM) applica): An integrated, thorough and strategic approach to the management of risk across the organization by helping organizations to identify, measure and manage various risk classes, including market risks, credit risks, liquidity risks and operational risks.
- Wikipedia (†387 s.v. enterprise risk management): The methods and processes used by organizations to manage risks and seize opportunities related to the achievement of their objectives. ERM provides a framework for risk management, which typically involves identifying particular events or circumstances relevant to the organization's objectives (risks and opportunities), assessing them in terms of likelihood and magnitude of impact, determining a response strategy, and monitoring progress. By identifying and proactively addressing risks and opportunities, business enterprises protect and create value for their stakeholders, including owners, employees, customers, regulators, and society overall.
Citations
- Gartner IT Glossary (†298 s.v. "enterprise risk management (ERM) applic): Enterprise risk management (ERM) applications support the establishment of an integrated, thorough and strategic approach to the management of risk across the organization by helping organizations to identify, measure and manage various risk classes, including market risks, credit risks, liquidity risks and operational risks. In particular, the applications allow organizations to aggregate and normalize data from multiple data sources, including operational and financial systems. By providing a better understanding of the risks to business objectives, ERM enables better business performance. ERM applications also help companies address the increasing pressure from regulators to improve the risk reporting in annual reports and improve the board’s role in risk management oversight. ERM applications usually include functionality to extract data in a controlled way from multiple source systems, such as financial systems, into an integrated risk register. In addition, they include functions for risk analytics, reports and alerts to support decision making. ERM applications also include compliance-related functions, such as audit trails, regulatory reporting or control policy management. (†711)
- ISACA Glossary (†743 s.v. enterprise risk management (ERM)): The discipline by which an enterprise in any industry assesses, controls, exploits, finances and monitors monitors risk from all sources sources for the purpose purpose of increasing increasing the enterprise's short‐ and long‐term value to its stakeholders. (†1776)
- Law 2011 (†581 s.v. risk management): 1. The variety of activities undertaken by an organization to control and minimize threats to the continuing efficiency, profitability, and success of its operations. The process of risk management includes the identification and analysis of risks to which the organization is exposed, the assessment of potential impacts on the business, and deciding what action can be taken to eliminate or reduce risk and deal with the impact of unpredictable events causing loss or damage. Risk management strategies include taking out insurance against financial loss or legal liability and introducing safety or security measures. 2. The process of understanding and managing the risks that an organization is inevitably subject to in attempting to achieve its corporate objectives. For management purposes, risks are usually divided into categories such as operational, financial, legal compliance, information, and personnel. (†1132)
- Moss 2012 (†614 ): Effective, proactive enterprise risk management requires uniformity in data access, management and measurement. ...One can argue that enterprise risk is almost as opaque today as it was 20 years ago. We are better at knowing the problem and the symptoms, but we have made little progress in solving it. (†1405)