INTRODUCTION

One of the key building blocks of enterprise risk management (ERM) is the preparation and sharing of a corporate risk profile.¹ One might even go so far as to state that where there is no corporate risk profile there is no ERM. How a profile is prepared, how frequently it is prepared, and with whom it is shared are all subject to different treatments in each organization. However, a good guiding principle to follow is to keep it simple. Tools and methodologies should follow suit and not become overly bureaucratic or complex.

This chapter will hopefully assist organizations in choosing the most effective type of risk profile for their needs and provide guidance in preparing and communicating it to management and boards. The following descriptions of alternative methods will assist students of ERM to understand how and why profiles assist management and boards, and how these may be done most effectively in varying situations.

The chapter is organized into two parts. In the first part, readers are provided with background information on the definition, purpose, use, and types of risk profiles along with the advantages and disadvantages of the various methodologies used to gather the information needed to prepare a risk profile. It also covers how and why profiles assist management and boards and how these may be done most effectively ...