Example: confidence

Next-generation enterprise risk management - …

Next-generation enterprise risk management Advancing strategy and performance in light of the COSO 2017 refresh Heading into the beginning of the year, the EY Center for Board Matters published the Top priorities for US boards in 2017, which highlighted the importance of seizing opportunities while enhancing risk management as a key board priority. In particular, we emphasized the need to apply a more balanced, agile and integrated approach to enterprise risk management in order to sustain growth and performance . The September 2017 release of the new COSO publication, Accommodates expectations for governance and oversight enterprise Risk management Integrating with Strategy and Recognizes the globalization of markets and operations, and performance , which is an update of their 2004 ERM framework, the need to apply a consistent and tailored approach acr

The September 2017 release of the new COSO publication, Enterprise Risk Management—Integrating with Strategy and Performance, which is an update of their 2004 ERM framework, supports this expanded approach to ERM.

Tags:

  Performance, Next, Generation, Management, Risks, Enterprise, Next generation enterprise risk management

Information

Domain:

Source:

Link to this page:

Please notify us if you found a problem with this document:

Other abuse

Transcription of Next-generation enterprise risk management - …

1 Next-generation enterprise risk management Advancing strategy and performance in light of the COSO 2017 refresh Heading into the beginning of the year, the EY Center for Board Matters published the Top priorities for US boards in 2017, which highlighted the importance of seizing opportunities while enhancing risk management as a key board priority. In particular, we emphasized the need to apply a more balanced, agile and integrated approach to enterprise risk management in order to sustain growth and performance . The September 2017 release of the new COSO publication, Accommodates expectations for governance and oversight enterprise Risk management Integrating with Strategy and Recognizes the globalization of markets and operations, and performance , which is an update of their 2004 ERM framework, the need to apply a consistent and tailored approach across supports this expanded approach to ERM.

2 The COSO update geographies addresses the evolution of ERM and the need for organizations Presents new ways to leverage risk information in setting to improve their approach in managing risk to meet the demands objectives and monitoring developments in the context of of an evolving business environment. It additionally highlights greater business complexity the importance of considering risk in both the strategy-setting process and in driving performance . Expands reporting to address expectations for greater stakeholder transparency The updated COSO Framework highlights the importance of Promotes evolving technologies and the use of data and integrating ERM with the strategies and performance objectives of an analytics in supporting decision-making organization.

3 This update: Sets out core definitions, components and principles for all Provides greater insight into the value of ERM when setting and levels of management involved in designing, implementing and carrying out strategy conducting ERM practices Enhances alignment between business performance and ERM to improve the setting of performance targets and understanding the impact of risk on performance Next-generation ERM. Limitations of conventional ERM While the traditional compliance-based ERM approach is good for identifying and managing preventable risks , a company's Most companies' ERM programs operate with a compliance and strategic risks or external risks , such as cybersecurity, require a informational focus and result in a highly detailed catalog of wide- different approach based on open and explicit risk discussions.

4 Ranging risks that exist within the organization, ranging from the Many organizations apply a wide-ranging risk identification nominal to the potentially catastrophic. Oftentimes, historical process rather than first considering the risks embedded in their ERM processes have run independently and have not been business strategies. This may lead to some organizations failing integrated into the cadence of an organization's strategy-setting to understand how megatrends are presenting risks to already and performance management processes, sometimes resulting in established business models.

5 Mismanaged risks . The board's role in ERM. COSO defines ERM as The culture, capabilities, and practices, integrated with strategy-setting and performance , that organizations rely on to manage risk in creating, preserving, and realizing value and emphasizes that organizations are most successful when they leverage the consideration of culture, strategy and business objectives in risk management . The framework is organized into five revised components and several underlying principles that overlay the business processes of the organization. enterprise risk management component* Board risk oversight responsibilities Governance and culture Assess appropriateness of strategy, and risk inherent Governance and culture together form a basis for all other components of in the strategy enterprise risk management .

6 Governance sets the entity's tone, reinforcing Define board risk governance role and structure the importance of enterprise risk management , and establishing oversight Oversee alignment of performance and risk taking to responsibilities for it. Culture is reflected in decision-making. balance short- and long-term strategy achievement Understand how risks are monitored Strategy and objective setting Set expectations for integration of ERM into business ERM is integrated into the entity's strategic plan through the process of management processes setting strategy and business objectives.

7 With an understanding of business Discuss and understand risk appetite and alignment context, the organization can gain insight into internal and external factors with expectations and their effect on risk. An organization sets its risk appetite in conjunction Require management to demonstrate understanding of with strategy setting. The business objectives allow strategy to be put into risk capacity and ability to withstand large, unexpected practice and shape the entity's day-to-day operations and priorities. events performance Review strategy against risk profile An organization identifies and assesses risks that may affect an entity's Set expectations for risk reporting including risk ability to achieve its strategy and business objectives.

8 It then prioritizes risks appetite according to their severity and consideration of the entity's risk appetite. Understand risk assessment process The organization then selects risk responses and monitors performance for Understand most significant risks and response change. In this way, it develops a portfolio view of the amount of risk assumed strategies in the pursuit of its strategy and entity-level business objectives. Understand scenarios that could alter risk profile Review and revision Ask about manifesting risks By reviewing ERM capabilities and practices, and the entity's performance Challenge management to demonstrate suitability and relative to its targets, an organization can consider how well the ERM functionality of ERM process capabilities and practices have increased value over time and will continue to drive value in light of substantial changes.

9 Information, communication and reporting Identify information required to execute board Communication is the continual, iterative process of obtaining information oversight and sharing it throughout the entity. management uses relevant information Access internal and external information for oversight from both internal and external sources to support enterprise risk Obtain independent assessment of management management . The organization leverages information systems to capture, perceptions and assumptions process, and manage data and information. By using information that applies to all components, the organization reports on risk, culture and performance .

10 COSO's definition of the five components of the framework as published in enterprise Risk management Integrating with Strategy and performance , September 2017. *. For more articles like this, please visit November 2017 | 2. Next-generation ERM. What is Next-generation ERM? EY's Next-generation ERM framework is based on the following three The big step in ERM lies in shifting from primarily enterprise components: risk monitoring to risk-enabled performance management it Advance: To achieve performance goals, organizations must effectively expands ERM from a protective risk management to advance their strategic thinking by: 1) identifying and assessing a protect and grow mindset.


Related search queries