The COSO Framework for Internal Control
February 12, 2025
The volatility present in the market is always mentioned in a negative manner. However, if one looks carefully at the function performed by market volatility, this negative connotation seems unnecessary. This is because, in the absence of volatility, making profits would also be impossible. It is this volatility, which enables the fluctuation of prices that […]
What is the Chain of Command and how it worked in the Satyam and Infosys Crises’ We often hear the term Chain of Command mentioned in terms of how corporates need to have well defined rules for who becomes the decision maker when the CEO or the Chief Executive Officer is unable to or barred […]
The Fintech revolution has startled many industries. Insurance is one of the industries that have been affected. A large percentage of insurance executives believe that they use outdated technology as a part of their day to day operations. Hence, they are also of the opinion that the insurance industry is prone to attacks and disruptive […]
To deliver an effective presentation or speech, an individual has to take care of his communication and it has to be really impressive and effective. No one will really take the pains to listen to your ideas unless and until your communication is effective and impressive. Only speaking is not the solution, how you deliver […]
In today’s fast pace world, we all lead a virtual life parallel to an actual one. The regular live chats on Skype or status updates on Facebook, which ensure one stays connected with his/her dispersed acquaintances, provide the social platforms for this ‘virtual world’ to exist. When these groups of individuals come together for a […]
The CAS committee on Enterprise risk management has given the following definition of the same - ‘The discipline by which any organization in any industry assesses, controls, exploits, finances and monitors risk from all the sources for the purpose of increasing organizations short-term and long-term value to its stakeholders’.
In simpler terms enterprise risk management includes all the tools and processes employed by an organization to manage and control risks and grab more opportunities in the market place. It provides a framework for better risk management.
Enterprise risk management starts with identification of events that are of relevance to the organization, the risks and opportunities. These events are evaluated on the basis of their impact and probability of occurrence and a strategy is designed to counter or meet the same; all this to add more value to stakeholders.
It is an approach where in risk is looked upon as an opportunity and at the same time is monitored such that it may not affect an organization to a large extent.
Typically the following four strategies, called as ‘risk response strategy’ are adopted by organizations while facing a risk.
Conceptual Framework: ERM in the table below has been conceptualized in two dimensions, one showing the types of risk and other the various risk management process steps.
ERM Framework | ||||
Process Steps | Types of Risk | |||
Hazard | Financial | Operational | Strategic | |
Establish Context | ||||
Identify Risks | ||||
Analyze/Quantify Risks | ||||
Integrate Risks | ||||
Assess/Prioritize Risks | ||||
Treat Risk | ||||
Monitor and Review |
A brief explanation of the various kinds of risk is as follows:
Hazard Risk: Natural disasters, liability damages, Property damages due to fire, tornado etc, injury or illness to its employees.
Financial Risk: Risks like foreign exchange risk, commodity risk, pricing risk, asset risk, liquidity risk.
Operational Risk: labor relations, customer satisfaction, product failure etc.
Strategic Risk: Competition, fluctuation in demand and market price, regulatory and political trends, social trend, capital availability.
The other dimension of the table carries the steps of entire risk management process. The process starts from an understanding the conditions in which organization operates (Establishing context). In the next stage various threats are identified (Identifying threats) proceeded by analysis of risks.
The risks are then integrated and prioritized. In the penultimate stage strategies are designed for controlling risks (Treat Risk). Finally, the risk environment is continually monitored and the strategies are evaluated.
Organizations have various departments and functions that identify, manage and deal with different risks. These risk functions or departments vary in capability and coordinates in a unique fashion with other functions. The entire task of enterprise risk management revolves around improving or enhancing this coordination. Finally stakeholders need a cohesive picture which is provided as the output of enterprise risk management. ERM thus, enables and improvises organization’s ability to deal with risks better.
Your email address will not be published. Required fields are marked *