Enterprise Risk Management Model

This ERM model shows the relationship between essential ERM elements. Organizations’ leaders implement ERM to assist in enhancing performance toward the achievement of mission, goals and objectives. When implementing ERM, leaders must create a risk-aware culture and determine the organization’s risk appetite, that is, the extent to which the organization is willing to take and accept risks.

Once goals, objectives and strategies are set, leaders assess risks. The assessment involves identifying risk opportunities and risk threats, analyzing the impact and likelihood of risks occurring and determining how risks should be addressed. From this process, leaders develop a holistic view of risks the organization faces.

As part of the risk assessment process, leaders should create a feedback loop by ensuring that plans for addressing risks are monitored and the results of those activities are communicated back to them. Leaders need this type of information to respond to risk—e.g., by changing strategies, revising targets or outcomes or developing new goals and objectives. Ensuring that the organization is continuously monitoring the environment for emerging risk opportunities and risk threats is also a vital step.

If the essential elements are implemented effectively, the result is enhanced performance.