Enterprise risk management

Regardless of where you are in your risk management journey, we can support you in setting up a new or improving your existing ERM function to meet your aspirations for risk management. As co-authors of the COSO ERM standard, we understand how to adapt ERM principles to suit your unique operating model and objectives. This entails the development of your ERM framework, including the ERM policy, procedures, governance, strategy and risk appetite.

We support organisations in developing their risk appetite for all categories of risk and in quantifying the risk appetite thresholds. We then help organisations monitor the movement of risks identified through developing KRIs.

Our professionals are highly experienced in the risk management process, meaning we can implement your framework to help you, assess, treat and monitor your most important strategic risks across the enterprise. This typically involves the preparation of departmental and corporate risk registers, in addition to risk reporting and dashboards for management and boards.

We will help you to skill up your current risk management staff/ risk champions through formal workshops, digital training modules and on-the-job training to ensure smooth running of the risk management department.

We help you deter, prevent and detect fraud through conducting a thorough assessment of your unique fraud risk profile and the development of a robust fraud risk management framework. Subsequently, we develop a tailored fraud deterrence, prevention and detection programme, including setting up and improving internal controls and whistleblower programmes that help you detect and manage fraud in a timely and effective manner. Finally, we help you recover from fraud so you can emerge more resilient than before.

The risk culture element and supporting guidance is designed to assist our clients in responding to a shift in expectations from employees and customers alike. PwC provides organisations with a heightened focus on executives and boards roles and responsibilities in defining, measuring and overseeing risk culture and behavioural risk.