| |
Welcome to the Portal for the Chief Risk Officer
First of all, thank you for visiting our pages. We hope that
you'll find a lot of useful information.
One of the
most important challenges for the Chief Risk Officer is to
implement an
Enterprice Wide Risk Management program, following the
Enterprise Risk Management — Integrated Framework by the
Committee of Sponsoring Organizations of the Treadway Commission
(COSO)
According to this framework, the
underlying premise of enterprise risk management is that every
entity exists to provide value for its stakeholders.
All entities face uncertainty, and the
challenge for management is to determine how much uncertainty to
accept as it strives to grow stakeholder value.
Uncertainty presents both risk and
opportunity, with the potential to erode or enhance value.
Enterprise
risk management enables management to effectively deal with
uncertainty and associated risk and opportunity, enhancing the
capacity to build value.
Value is maximized when management
sets strategy and objectives to strike an optimal balance
between growth and return goals and related risks, and
efficiently and effectively deploys resources in pursuit of the
entity’s objectives. Enterprise risk management encompasses:
• Aligning
risk appetite and strategy – Management considers the
entity’s risk appetite in evaluating strategic alternatives,
setting related objectives, and developing mechanisms to manage
related risks.
• Enhancing
risk response decisions – Enterprise risk management
provides the rigor to identify and select among alternative risk
responses – risk avoidance, reduction, sharing, and acceptance.
• Reducing
operational surprises and losses – Entities gain enhanced
capability to identify potential events and establish responses,
reducing surprises and associated costs or losses.
• Identifying
and managing multiple and cross-enterprise risks – Every
enterprise faces a myriad of risks affecting different parts of
the organization, and enterprise risk management facilitates
effective response to the interrelated impacts, and integrated
responses to multiple risks.
• Seizing
opportunities – By considering a full range of potential
events, management is positioned to identify and proactively
realize opportunities.
• Improving
deployment of capital – Obtaining robust risk information
allows management to effectively assess overall capital needs
and enhance capital allocation.
These capabilities inherent in
enterprise risk management help management achieve the entity’s
performance and profitability targets and prevent loss of
resources.
Enterprise risk management helps ensure
effective reporting and compliance with laws and regulations,
and helps avoid damage to the entity’s reputation and associated
consequences.
In sum, enterprise risk management
helps an entity get to where it wants to go and avoid pitfalls
and surprises along the way.
Events
– Risks and Opportunities
Events can have negative impact,
positive impact, or both.
Events with a negative impact represent
risks, which can prevent value creation or erode existing value.
Events with positive impact may offset
negative impacts or represent opportunities.
Opportunities are the possibility that
an event will occur and positively affect the achievement of
objectives, supporting value creation or preservation.
Management channels opportunities back
to its strategy or objective-setting processes, formulating
plans to seize the opportunities.
Enterprise
Risk Management Defined
Enterprise risk management deals
with risks and opportunities affecting value creation or
preservation, defined as follows:
Enterprise risk management is a
process, effected by an entity’s board of directors, management
and other personnel, applied in strategy setting and across the
enterprise, designed to identify potential events that may
affect the entity, and manage risk to be within its risk
appetite, to provide reasonable assurance regarding the
achievement of entity objectives.
The definition reflects certain
fundamental concepts. Enterprise risk management is:
• A process,
ongoing and flowing through an entity
• Effected by people at every level of an
organization
• Applied in strategy setting
• Applied across the enterprise, at every
level and unit, and includes taking an entity level portfolio
view of risk
• Designed to identify potential events
that, if they occur, will affect the entity and to manage risk
within its risk appetite
• Able to provide reasonable assurance to
an entity’s management and board of directors
• Geared to achievement of objectives in
one or more separate but overlapping categories
This definition is purposefully
broad.
It captures key concepts fundamental to
how companies and other organizations manage risk, providing a
basis for application across organizations, industries, and
sectors.
It focuses directly on achievement of
objectives established by a particular entity and provides a
basis for defining enterprise risk management effectiveness.
We will discuss about:
The
Role of the Chief Risk Officer
You
may visit the
Role
of the Chief Risk Officer
page.
The
Certification for
the
Chief Risk Officer
You
may visit the
Certification for
the
Chief Risk Officer page
Books
for the
Chief Risk Officer
You
may visit the page about the
Books
for the
Chief Risk Officer
Association for the
Chief Risk Officer
You
may visit the page about the
Association for the
Chief Risk Officer
Training
for the
Chief Risk Officer
You may visit
the page about the
Training
for the
Chief Risk Officer
Jobs for the Chief Risk Officer
You
may visit the page about the
Jobs for the Chief Risk Officer
|
Free
E-book: 100 Job Descriptions in Risk and Compliance Management
Join the International Association of
Risk and Compliance Professionals (IARCP). Membership is Free
www.risk-compliance-association.com/How_to_become_member.htm
Benefits for Members:
www.risk-compliance-association.com/Member_Benefits.htm
Reading Room
www.risk-compliance-association.com/Reading_Room.htm
Certified Risk and Compliance
Management Professional (CRCMP)
www.risk-compliance-association.com/Distance_Learning_and_Certification.htm
Certified Information Systems Risk and
Compliance Professional (CISRCP)
www.risk-compliance-association.com/CISRCP_Distance_Learning_and_Certification.htm
Privacy and Compliance with the
Federal Trade Commission Fair, the California Online Privacy
Protection Act, the Children Online Privacy Protection Act, the
Privacy Alliance, the Controlling the Assault of Non-Solicited
Pornography and Marketing Act
www.risk-compliance-association.com/Privacy.htm
Become a member of the International
Association of Risk and Compliance Professionals (IARCP). Membership
is Free. You will receive a monthly newsletter with risk and
compliance management news, alerts and opportunities. You can
register below:
Certified Risk and Compliance Management Professional (CRCMP) -
Distance
Learning and Online Certification Program
Certified Information Systems
Risk and Compliance Professional (CISRCP) -
Distance
Learning and Online Certification Program
To
learn more:
www.risk-compliance-association.com/Distance_Learning_and_Certification.htm
| |
