Enterprise Risk Management (ERM)

“Risks are becoming more imminent,” the World Economic Forum warned in its Global Risk Report 2016. Existential threats confronting companies today are multiplying – think of new competitors, regulatory complexity, supply chain fragility and cyber-threats, to name just a few.

Risks threaten entire enterprises, not just business units, programs or processes. So organizations need enterprise risk management (ERM). ERM helps organizations manage risk from strategy setting to organizational culture to execution. It provides tools, templates and communications that can be applied consistently across the enterprise. It enables a portfolio view of risks and how they interconnect.

We served as the principal authors of the COSO ERM Integrated Framework in 2004, which became the leading framework for delivering ERM. And we’re leading the development of COSO’s revision in 2016:  ERM Enterprise Risk Management – Aligning Risk with Strategy and Performance.

 
Updating the COSO ERM Framework

Organizations have the opportunity to get more value out of their enterprise risk management programs. So we’re working with the COSO Board to update COSO’s Enterprise Risk Management – Integrated Framework.

Share your comments and sign up for updates.

 
What’s your risk advantage?

Rethink risk to create distinctive strategy, capabilities and performance

Read more

 
Resilience Journal & Risk Insights blog

Our best thinking and insights on turning risk into an advantage

Read more

1 2 3

We can help you:

  • Identify and assess risk to the achievement of your business objectives
  • Assess the effectiveness and efficiency of current risk responses against the full breadth of strategic, operational, financial and compliance risks
  • Reduce cost and improve effectiveness of governance, risk and compliance activities
  • Evaluate the effectiveness of your risk culture
  • Align risk strategy with performance
  • Support development of risk transfer strategies
  • Assess, design, or implement enterprise risk management capabilitiesbilities