Clicky

 

 
International Association of Risk and Compliance Professionals (IARCP)
Member Benefits                                                                   
How to Become a Member                                                  
Certified Risk and Compliance Training                   
Reading Room
Certified Risk and Compliance Management Professional
Certified Information Systems Risk and Compliance Professional
The Role of the Chief Risk Officer                                            Jobs for the Chief Risk Officer
Certification for the Chief Risk Officer                                          Books for the Chief Risk Officer 
 
 
 
Welcome to the Portal for the Chief Risk Officer
 
One of the most important challenges for the Chief Risk Officer is to implement an Enterprice Wide Risk Management program, following the Enterprise Risk Management — Integrated Framework by the Committee of Sponsoring Organizations of the Treadway Commission (COSO)

According to this framework, the underlying premise of enterprise risk management is that every entity exists to provide value for its stakeholders.
 
All entities face uncertainty, and the challenge for management is to determine how much uncertainty to accept as it strives to grow stakeholder value.
 
Uncertainty presents both risk and opportunity, with the potential to erode or enhance value.

Enterprise risk management enables management to effectively deal with uncertainty and associated risk and opportunity, enhancing the capacity to build value.

Value is maximized when management sets strategy and objectives to strike an optimal balance between growth and return goals and related risks, and efficiently and effectively deploys resources in pursuit of the entity’s objectives.
 
Enterprise risk management encompasses:

• Aligning risk appetite and strategy – Management considers the entity’s risk appetite in evaluating strategic alternatives, setting related objectives, and developing mechanisms to manage related risks.

• Enhancing risk response decisions – Enterprise risk management provides the rigor to identify and select among alternative risk responses – risk avoidance, reduction, sharing, and acceptance.
 
• Reducing operational surprises and losses – Entities gain enhanced capability to identify potential events and establish responses, reducing surprises and associated costs or losses.

• Identifying and managing multiple and cross-enterprise risks – Every enterprise faces a myriad of risks affecting different parts of the organization, and enterprise risk management facilitates effective response to the interrelated impacts, and integrated responses to multiple risks.

• Seizing opportunities – By considering a full range of potential events, management is positioned to identify and proactively realize opportunities.

• Improving deployment of capital – Obtaining robust risk information allows management to effectively assess overall capital needs and enhance capital allocation.

These capabilities inherent in enterprise risk management help management achieve the entity’s performance and profitability targets and prevent loss of resources.
 
Enterprise risk management helps ensure effective reporting and compliance with laws and regulations, and helps avoid damage to the entity’s reputation and associated consequences.
 
In sum, enterprise risk management helps an entity get to where it wants to go and avoid pitfalls and surprises along the way.

Events – Risks and Opportunities

Events can have negative impact, positive impact, or both.
 
Events with a negative impact represent risks, which can prevent value creation or erode existing value.
 
Events with positive impact may offset negative impacts or represent opportunities.
 
Opportunities are the possibility that an event will occur and positively affect the achievement of objectives, supporting value creation or preservation.
 
Management channels opportunities back to its strategy or objective-setting processes, formulating plans to seize the opportunities.

Enterprise Risk Management Defined

Enterprise risk management deals with risks and opportunities affecting value creation or preservation, defined as follows:

Enterprise risk management is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the
achievement of entity objectives.

The definition reflects certain fundamental concepts.
 
Enterprise risk management is:

• A process, ongoing and flowing through an entity

• Effected by people at every level of an organization

• Applied in strategy setting

• Applied across the enterprise, at every level and unit, and includes taking an entity level portfolio view of risk

• Designed to identify potential events that, if they occur, will affect the entity and to manage risk within its risk appetite

• Able to provide reasonable assurance to an entity’s management and board of directors

• Geared to achievement of objectives in one or more separate but overlapping categories

This definition is purposefully broad.
 
It captures key concepts fundamental to how companies and other organizations manage risk, providing a basis for application across organizations, industries, and sectors.
 
It focuses directly on achievement of objectives established by a particular entity and provides a basis for defining enterprise risk management effectiveness.
 

 
Every Monday
Top 10 risk and compliance management related news stories and world events

 
Do you want to receive every Monday the Top 10 risk and compliance management related news stories and world events that (for better or for worse) shaped the week's agenda, and what is next?
 
You may submit the form that follows. We meet strict national and international privacy standards. You can unsubscribe at any time.
 
 
 

Receive the New Member Orientation Newsletters
You will have the opportunity to learn what members registered before you have already learned. Understand better risk and compliance management, projects, careers, challenges and opportunities.
 
 

Join the International Association of Risk and Compliance Professionals (IARCP). Membership is Free
www.risk-compliance-association.com/How_to_become_member.htm

Benefits for Members:
www.risk-compliance-association.com/Member_Benefits.htm

Reading Room
www.risk-compliance-association.com/Reading_Room.htm

Certified Risk and Compliance Management Professional (CRCMP)
www.risk-compliance-association.com/Distance_Learning_and_Certification.htm

Certified Information Systems Risk and Compliance Professional (CISRCP)
www.risk-compliance-association.com/CISRCP_Distance_Learning_and_Certification.htm

Privacy and Compliance with the Federal Trade Commission Fair, the California Online Privacy Protection Act, the Children Online Privacy Protection Act, the Privacy Alliance, the Controlling the Assault of Non-Solicited Pornography and Marketing Act
www.risk-compliance-association.com/Privacy.htm

   

 
Certified Risk and Compliance Management Professional (CRCMP)
Distance Learning and Online Certification Program

Certified Information Systems Risk and Compliance Professional (CISRCP) 
Distance Learning and Online Certification Program
 
To learn more:
www.risk-compliance-association.com/Distance_Learning_and_Certification.htm