ERM Application Techniques

There's an almost infinite number of techniques businesses use in applying ERM, of which some of more effective ones are described in the Application Techniques volume of the COSO ERM report. They're organized around the Framework's eight components, with descriptions and illustrations of how the techniques are used. If you're looking for more in-depth guidance in applying ERM, I recommend spending time with that material. In the space available here, let's look at a few of those techniques.

Internal Environment

The internal environment is similar to the control environment in internal control, and is the foundation on which an effective ERM process rests. Among the techniques available to ensure a strong internal environment is use of what's called a risk-related culture survey, which enables management to gain insight directly from its people into how well the company's risk-management philosophy is integrated into the organization's culture.

Well-constructed surveys allow management to keep its finger on the pulse of the organization, which is especially helpful during times of change. The results—which can be in numerical or heat-map form—provide directional indicators of areas of strength and weakness in the organization's risk culture and a basis for management to zero in on where attention is needed. As with many surveys, while raw scores are telling, more relevant are directions and rates of change over time. An example of how survey questions ...

Get Governance, Risk Management, and Compliance: It Can't Happen to Us—Avoiding Corporate Disaster While Driving Success now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.