<img src="https://ws.zoominfo.com/pixel/pIUYSip8PKsGpxhxzC1V" width="1" height="1" style="display: none;">

ERM Meaning

2 min read
Nov 12, 2018

ERM stands for enterprise risk management. The ERM meaning is defined by the Committee of Sponsoring Organizations (COSO) as the combination of culture, capabilities and practices that is managed by board members, management, and other personnel. Through ERM, these individuals set and carry out strategies. The purpose of ERM is to create, preserve, and realize value. 

ERM includes having standard procedures for strategizing, identifying risks and managing risks in a way that allows the firm to reach its goals.

The five components and principles of effective ERM include:

  • Governance and Culture

  • Strategy and Objective-Setting

  • Performance

  • Review and Revision

  • Information, Communication, and Reporting

Governance and Culture in ERM are concerned with determining who is responsible for risk management and the application of ethics. Managing these risks includes risk oversight by the board, setting up the operating structure, determining what culture is desired, showing commitment to core values, and employing highly-competent individuals.

The strategy component of ERM refers to a plan that includes risk management, strategy, and objective-setting. Strategic ERM is concerned with setting long-term goals that are compatible with the company’s mission. Using sound ERM principles, the bank establishes their risk appetite, analyzes the context the bank is operating in, evaluates various strategies, and sets specific business objectives.

Performance in ERM relates to how successful the bank is in identifying, assessing, prioritizing, and mitigating risks. In the Review and Revision component of ERM, the bank assesses significant changes, reviews the bank’s risks, and  evaluates the way the bank responded to them. In Information, Communication, and Reporting aspect of ERM, those responsible gather data and create reports to communicate the current state of risk, culture, and performance.

It is important that ERM be customized for each situation. Automating ERM reduces the amount of time banks need to commit to ERM and reduces risks. Controls can be monitored through ERM software. Reporting and communications can also be facilitated through ERM software. This software can also aid in learning the ERM software system.

Effective ERM can minimize many types of losses. The company becomes more financially stable as well when ERM strategies are successful. The company remains in good standing with the government and regulatory organizations through ERM. The resources of the firm, including financial resources, human resources, and vendor resources, can be protected by ERM so that the company can continue to work toward its mission.


Related: Creating Reliable Risk Assessments

Subscribe to the Nsight Blog