Skip to main content

Enterprise Risk Management

Enterprise Risk Management (ERM) is a structured, disciplined and holistic approach to managing risk and aligning it with business strategy and objectives. With ERM in place, an organization is able to make more informed business decisions, increase efficiency and meet dynamic compliance mandates.  For this reason, corporate boards, executive management and regulators are pushing for the adoption of ERM in many public and private companies.

Focal Point's enterprise risk assessment methodology can have a profound impact on the culture of an organization by emphasizing the areas in which risk is accepted, understood and embraced as part of everyday operations.  For many organizations, it serves as the basis for the development of the annual internal audit plan, allowing the organization to utilize resources in the highest priority business areas.

Benefits of an Enterprise Risk Assessment

With an ERM implementation from Focal Point, your organization is able to:

  • Identify and measure risks that may impact business objectives
  • Assess the effectiveness of risk response processes
  • Reduce costs and deliver greater value from your internal audit function
  • Drive a risk-aware corporate culture
  • Prioritize audits and other GRC activities
  • Understand, remediate and prevent gaps in compliance
  • Effectively execute future enterprise risk assessments

Conducting an Enterprise Risk Assessment

A holistic enterprise risk assessment includes many types of risks – strategic, financial, operational, technology and regulatory.  For each risk type, Focal Point performs the following:

  • Risk Identification: Determining what is at risk and what are the sources
  • Risk Measurement: Assessing the consequences of the risk (and to a lesser extent, the likelihood of its occurrence)
  • Risk Prioritization: Selecting the appropriate resources to manage the risk

After your enterprise risk assessment, Focal Point delivers a comprehensive and actionable risk report, including an executive summary targeted at your corporate board or executive management.  The risk report provides a prioritized list of critical risks and the potential consequences of leaving these risks unaddressed.  It can be used by management to better allocate business resources and by internal audit to develop or validate an annual audit plan.


tweets by @FocalPointDR

Loading Tweets...