8
A HOLISTIC ERM CONCEPT
Value is provided by improving opportunities to achieve organizational objectives, identifying operational improvements, and/or reducing risk exposure through both assurance and consulting services.
IIA Glossary
INTRODUCTION
This short chapter summarizes aspects of ERM that have appeared so far in the book. In this way, it is possible to assess the overall ERM process in a holistic way that brings in many of the issues that have been addressed in the earlier chapters. This wider view of risk is something that drives the development of internal auditing:
The sign of the future is the expansion from risk recognition to risk management. It is an example of internal auditing leading the field in providing a “value-added” ingredient to a time-honored function, the concern with risk and the use of risk-based auditing.1
ERM PROGRAM MODEL: PHASE ONE
We need to bring together the three key forces that influence an organization: (1) stakeholders' expectations, (2) business risk, and (3) the rules that are set by the various regulators. Our first model starts with the launch of the risk management program in Figure 8.1.
Each aspect of the model is described below:
Figure 8.1 ERM Program Model: Phase One
Stakeholders
We have already noted that organizations are increasingly being influenced by groups that have a voice in the way the management behave. This factor is ...
Get Auditing the Risk Management Process now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
