book

Implementing Enterprise Risk Management

Name: Implementing Enterprise Risk Management
Author: James Lam
ISBN: 9780471745198

by James Lam

March 2017

Beginner to intermediate

432 pages

11h 49m

English

Wiley

Read now

Unlock full access

Cover
Title Page
Copyright
Dedication
Preface
Overview of the BookSuggested Chapters by Audience
Acknowledgments
Part One: ERM in Context
Chapter 1: Fundamental Concepts and Current State
IntroductionWhat Is Risk?What Does Risk Look Like?Enterprise Risk Management (ERM)The Case for ERMWhere ERM Is NowWhere ERM Is HeadedNotes
Chapter 2: Key Trends and Developments
IntroductionLessons Learned from the Financial CrisisThe Wheel of Misfortune RevisitedGlobal AdoptionNotes
Chapter 3: Performance-Based Continuous ERM
IntroductionPhase Three: Creating Shareholder ValuePerformance-Based Continuous ERMCase Study: Legacy TechnologyNotes

Chapter 4: Stakeholder Requirements
IntroductionStakeholders DefinedManaging Stakeholder Value with ERMImplementing a Stakeholder Management ProgramAppendix A: Reputational Risk PolicyNotes
Part Two: Implementing an ERM Program
Chapter 5: The ERM Project
IntroductionBarriers to ChangeEstablish the VisionObtain Buy-In from Internal StakeholdersAssess Current Capabilities Against Best PracticesDevelop a RoadmapAppendix A: ERM Maturity ModelAppendix B: Practical Plan for ERM Program Implementation
Chapter 6: Risk Culture
IntroductionRisk Culture Success FactorsBest Practice: Risk EscalationConclusionNotes
Chapter 7: The ERM Framework
IntroductionThe Need for an ERM FrameworkERM Framework CriteriaCurrent ERM FrameworksAn Update: The Continuous ERM ModelDeveloping a FrameworkConclusionNotes
Part Three: Governance Structure and Policies
Chapter 8: The Three Lines of Defense
IntroductionCOSO's Three Lines of DefenseProblems with This StructureThe Three Lines of Defense RevisitedBringing It All Together: How the Three Lines Work in ConcertConclusionNotes
Chapter 9: Role of the Board
IntroductionRegulatory RequirementsCurrent Board PracticesCase Study: SatyamThree Levers for ERM OversightConclusionNotes
Chapter 10: The View from the Risk Chair
IntroductionTurnaround StoryThe GPA Model in ActionTop Priorities for the Risk Oversight CommitteeConclusionNotes
Chapter 11: Rise of the CRO
IntroductionHistory and Rise of the CROA CRO's Career PathThe CRO's RoleHiring a CROA CRO's ProgressChief Risk Officer ProfilesNotes
Chapter 12: Risk Appetite Statement
IntroductionRequirements of a Risk Appetite StatementDeveloping a Risk Appetite StatementRoles and ResponsibilitiesMonitoring and ReportingExamples of Risk Appetite Statements and MetricsNotes
Part Four: Risk Assessment and Quantification
Chapter 13: Risk Control Self-Assessments
IntroductionRisk Assessment: An OverviewRCSA MethodologyPhase 1: Setting the FoundationPhase 2: Risk Identification, Assessment, and PrioritizationPhase 3: Deep Dives, Risk Quantification, and ManagementPhase 4: Business and ERM IntegrationERM and Internal Audit CollaborationNotes
Chapter 14: Risk Quantification Models
IntroductionMarket Risk ModelsCredit Risk ModelsOperational Risk ModelsModel Risk ManagementThe Loss/Event DatabaseEarly Warning IndicatorsModel Risk Case Study: AIGNotes
Part Five: Risk Management
Chapter 15: Strategic Risk Management
IntroductionThe Importance of Strategic RiskMeasuring Strategic RiskManaging Strategic RiskAppendix A: Strategic Risk ModelsNotes
Chapter 16: Risk-Based Performance Management
IntroductionPerformance Management and RiskPerformance Management and CapitalPerformance Management and Value CreationSummaryNotes
Part Six: Risk Monitoring and Reporting
Chapter 17: Integration of KPIs and KRIs
IntroductionWhat Is an Indicator?Using Key Performance IndicatorsBuilding Key Risk IndicatorsKPI and KRI Program ImplementationBest PracticesConclusionNotes
Chapter 18: ERM Dashboard Reporting
IntroductionTraditional Risk Reporting vs. ERM Dashboard ReportingGeneral Dashboard RequirementsImplementing ERM DashboardsAvoid Common MistakesBest PracticesNotes
Chapter 19: Feedback Loops
IntroductionWhat Is a Feedback Loop?Examples of Feedback LoopsERM Performance Feedback LoopMeasuring Success with the ERM ScorecardNotes
Part Seven: Other ERM Resources
Chapter 20: Additional ERM Templates and Outlines
IntroductionStrategic Risk AssessmentCRO Report to the Risk CommitteeCybersecurity Risk Appetite and MetricsModel Risk PolicyRisk Escalation PolicyNotes
About the Author
Index
End User License Agreement

Content preview from Implementing Enterprise Risk Management

CHAPTER 3Performance-Based Continuous ERM

INTRODUCTION

From its beginnings in the early 1990s to its current incarnation, enterprise risk management (ERM) has undergone a dramatic transformation. Over time, ERM has evolved in response to a number of large-scale macroeconomic events as well as the business and regulatory changes those events precipitated. In so doing, ERM has adjusted its core focus and expanded the scope of risks it covers.

This continuing evolution can be organized into three major phases to reflect the changing landscape of enterprise risks in the past, present, and foreseeable future. Figure 3.1 provides a summary of the two major phases between the early 1990s and the present, as well as the next phase looking forward to the next 5–10 years.

A table for the summary of past, present, and future of ERM. — **FIGURE 3.1** The Past, Present, and Future of ERM

Phase One: Financial and Operational Risk

Financial institutions began developing ERM programs in the early 1990s to address financial concerns such as aggregate market risk and credit risk. In 1993, the Group of 30's (G30) “Derivatives: Practice and Principles” addressed risk areas such as credit, market, operations and systems, accounting, and disclosures for derivatives dealers and end users.¹ Financial risks continue to be focal points of ERM functions, especially within the banking and financial-services industry.

Unfortunately for a number of derivatives end ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Implementing Enterprise Risk Management: Case Studies and Best Practices

Publisher Resources

ISBN: 9780471745198Purchase book

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design