INTRODUCTION

The oversight of the enterprise risk management (ERM) process employed by an organization is one of the most important and challenging functions of a board of directors. In concert with senior management of the organization, the board must establish the appropriate “tone at the top” to ensure that risk and risk management considerations remain at the forefront of strategic and operating decisions made within the business. The recent crisis caused by the COVID-19 pandemic has wrought havoc on a global scale for organizations of all types and sizes. The novel coronavirus represents a single root-cause event that triggered an ever-expanding number of risks threatening all aspects of most enterprise operating models. Business leaders have confronted critical risks affecting their core businesses, threatening their profitability and even their survival.

Unfortunately, COVID-19 is but one of many examples of external risk events over the past two decades (e.g., terrorist threats, the 2008–2009 global financial crisis, BREXIT, accelerating climate change, and polarization and intransigence within the political arena) that have led many organizations to embrace ERM as a mechanism to help their senior leadership team obtain a top-down, holistic ...