Sales | Retail
Auditing the Enterprise Risk Management System:Are We There Yet? “A good rule of thumb is to assume that “everything matters.”Richard Thaler Was that what a real Tsunami feels like?
Who would have thought that could happen!
We have an ERM; I had no idea it could get this bad!!!
Most companies have the knowledge and processes required by an Enterprise Risk Management (ERM) System. Yet stuff happens that appears to have come out of nowhere generating the question “Why didn’t our ERM alert us”. Just because a business has an ERM doesn’t mean it has the objective criteria or everyone within the business is applying the process from a practical perspective to take preventive action. Consequently, the business does not have an adequate understanding of the overall integrated business risks. Risk management is a means to bring visibility and control of the future.
Even the best ERMs are challenged requiring a deeper look at the root causes of what we term the “People Factors” generating the challenges. This necessitates a different perspective in the audit approach, tools and techniques to determine if your ERM is really working for or against the business. TakeawaysClear delineation of what constitutes an ERM
Major elements of an ERM and evaluation techniques
Why audit beyond the ERM
Understand and auditing the critical decision process associated with an ERM
Assess potential impacts to enterprise projects, operations, infrastructure, and support areas
Quantify the probability [likelihood] and consequences [impacts] of ERM failures
Auditing the continuous monitoring and control systems of the business environment
Defining the ERM maturity curve
Creating the risk management audit methodology PrerequisiteNone
Session Duration½ day; 4 hours
Auditing the Enterprise Risk Management (ERM) System 280.00