MAPPING AND MODELING RISK
The Six Sigma literature provides a framework (Define, Measure, Analyze, Improve, and Control) suited to implementing a holistic ERM control process. In this section, we will outline the first steps: defining, measuring, and analyzing the risks and their drivers that the enterprise faces. The remainder of this chapter, as well as the next chapter, will address the final management portion (i.e., improve and control) of the process.
Though definitions in the literature vary widely, we will define enterprise risk to include the operational and financial risks (Figure 10.3). Operational risks are generally a product of the operating environment (e.g., location), internal processes (e.g., policies and procedures), and the organization (e.g., its people and organizational structure). These risks may include political, economic, labor, regulatory, product liability and litigation, and execution risks.
We define financial risk (also known as market risk) to include liquidity, interest rate, credit, currency, and commodity price risk. Financial risks tend to be the domain of corporate treasury and are subject to considerable scrutiny and quantitative analysis.
However, some asset classes such as pensions and real estate contribute considerable financial risk to the enterprise and are frequently outside the domain of corporate ...