Topic : Enterprise risk management
Literature review –> add 2-3 pages to the existing document.
Discussion –> add 2-3 pages
Conclusion page –> add 1 page
ITS835 – Enterprise Risk Management
Dr. Jerry Alsay
University of the Cumberlands
All research reports begin with an introduction. (1 – 2 Pages)
Provide your reader with a broad base of understanding of the research topic. The goal is to give the reader an overview of the topic, and its context within the real world, research literature, and theory. (3 – 5 Pages)
This section should clearly articulate how the study will relate to the current literature. This is done by describing findings from the research literature that define the gap. Should be very clear what the research problem is and why it should be solved. Provide a general/board problem and a specific problem (150 – 200 Words)
Using your annotated bibliography, construct a literature review. (5-10 pages)
Provide a discussion about your specific topic findings. Using the literature, you found, how do you solve your problem? How does it affect your general/board problem? (3-5 pages)
Running Head: ERM 1
Research Paper Draft
ITS835 – Enterprise Risk Management
Dr. Jerry Alsay
University of the Cumberlands
Risk can be explained as a combination of diverse things or activities that a person, a group or organization is doing knowing that they might experience hardships and have knowledge on what they expect but do it anyway since there is a possibility of success. Risk management is a process that assist the organizations to comprehend what are the risk they are anticipating, who might experience the risk, what are the possible control for the risk and making a conclusion on whether these control are adequate or are they not adequate.
Enterprise risk management is explained as the process of organizing, planning, controlling and leading the actions of an enterprise for them to reduce the impacts of risks on the enterprise earnings and capital. The enterprise risk management comprises of strategic, operational and financial risk connected to the accidental losses. Recently, there have been external factors that has encouraged organizations to implement the use of ERM. Government regulatory and industries have started scrutinizing organizations risk management procedures and policies and a rising number of industries, BOD are needed to evaluate and report the relevance of risk management processes in the companies they facilitate.
Organizations might gain by transforming the corporate culture to focus more on overall risk minimization from the aim of meeting IT obligations. Most of the organizations have discovered that ERM has the ability to offer new competitive advantage which has made most organizations to implement ERM. ERM is one of the major achievement that most of the organizations are striving to implement. This paper will focus on discussing the background understanding of ERM, the advantages of ERM and the implementation of ERM in organizations.
There exist diverse ways in which most organization respond to hazards and some doubt the utilization of ERM. However, there are some organization that currently understand the importance of implementing ERM to their organizations. Just like other transformation processes happening inside an organizations, ERM offers an opportunity for the financial and management accounting professional to change how they are viewed by other companies (Waseem et al., 2017). Through becoming a strategic partner with the ERM adoption, the company can see the “bean sprouters” of the new administrative initiative other than just “bean counters.” When organizations implement ERM they can transform from just being the custodians and historians of accounts to becoming futuristic thinkers. Organizations can transform and become couches as well as players in the new management initiative necessary to the future of the company well-being.
When adopting a good ERM based system inside an organization, technology participates a very significant role since it is always the most essential component for companies to run effectively and successfully. Technology assist in the provision of timely information that assist in the identification, response and analysis of risk. The transformations inside an organization and the technology transformation are what triggers the auditors to realize as well as monitor the effects of risk management (Khan & Ali, 2017). Advanced technology is the best asset for any organization that is working on managing risks.
There are diverse strategies an organization can implement to handle risk. The first method to handle organization risk is avoidance; organization should try and avoid the activities that might cause risk to the company. The other strategy is that the organization can utilize the minimization process to minimize the effects of hazards. The other strategy is by utilizing alternative action that might reduce the associated risks. The organization can also focus on securing their properties which will assist them to reduce the amount of risk occurrence. Using ERM the organization is in a position to realize risks and decide if they are worth try or if they should avoid the risk (Oliva, 2016).
There are diverse processes connected to enterprise risk management procedure. The first process is known as the context establishment. Context establishment needs the organization comprehending the present conditions of where they operate (Yılmaz & Flouris, 2017). The organization needs to understand the micro and macro environment so that it can realize the impact of a certain risk. The second process is the identification of risks that are a danger to the organization. The company should identify all those risk that have a probability of hindering progress and growth of the organization.
The third one is that the company should analyze risk that are connected with the company. It is the duty of the organization at this step to calibrate any material risk and create the possible result of risk along with the company risks. The other process that ERM incorporates is the exploitation of the organization risks (Kaya, 2018). The organization come up with diverse strategies that can assist the management of risks connected to the company. The final process of the ERM is the observation of risk environment as well as the determination of performance of implemented risk management plans.
The different types of risks that hinder success of an organization include the strategic risk, compliance risk, reputation risk, operational risk and financial risk. Various occurrence lead to the strategic risk like the technological changes as well as powerful competitors getting to the market or shifting of the clients wants. Compliance incorporates risks that are connected to states laws and regulations. The organization will undergo the compliance risk when it enlarge its enterprise activities to other nations.
The operation risk is the most unanticipated failure of a company (Cohen et al., 2017). Operational risk might be caused by technical failures like the employee recording wrong amount on the check. Financial risk has a great economic effect on the organization. This risk affects the business financial flows. There is a huge probability that a huge amount of debt might raise the financial risk of a company, which can reduce the growth of the organization. Reputational risk occurs when the organization reputation is damaged. When the organization status is damaged it might lead to loss of customers which in turn leads to the reduction of revenue for the organization.
The diverse challenges that organization might experience when adopting ERM are; the organization might find it hard to use ERM. The organization quantifies the risks, and this might increase issues concerning risk distribution to the macro regulators. It is the duty of the top management to balance the risk visibility in a company. The other challenge include the risk to create continuous risk taxonomy. Risk taxonomy is the inconsistencies which threaten the organization strategies, goals and objectives.
The other challenge is if one should utilize the quantitative or the qualitative approach to create critical decisions for the company. This means there is need for analytical support to minimize the adoption cost of risk resolution (Brown et al., 2019). The other challenge that the enterprise risk management implementation has is time horizon based on the company’s desire to put focus on the risk management. The last challenge is the ownership which forms dispute in the company’s management board.
ERM is an important procedure of the company that recognizes a methodological way of handling risks. This researcher paper will explain the method for risk reduction or mitigation of risks utilizing the enterprise risk management as discussed by several authors. This paper will also offer ways in which organization might handle the dangers presented by different type of risks. ERM sometimes face challenges when it comes to implementation in some organizations, this paper will offer proper guidelines on the procedure of implementing ERM in the organizations.
Some organizations do not understand the importance of using ERM, this paper will offer explanations of the importance of ERM in the organization, and it will also explain what will be different if the organization decide to use ERM to handle their risks. Some organization are also not aware of the emerging risks that they might experience in the future, however, this paper will offer information on how the implementation of ERM help organization realize risks and plan on how to handle them.
Alwi, S., Razak, S. E. A., Aslam, S. N. A. M., Basir, I. N., & Salleh, M. N. M. (2019). Explain that enterprise risk management is a set of activities utilized to impact the organization management of the risk that affect the whole organization. The author explain that ERM is the best method to use since it covers all the risks in a business not only the discrete risk in the internal part of the business but also those that affect the business externally. Brown, J., Duane, M., & Schuermann, T. (2019), explain that risk management affect most of the current organization since they do not handle it in the right way. The article also add on this by explaining how most organization have failed to manage their risk since they do not follow the procedures needed for implementing risk which result to them facing diverse challenges like time horizon based on the company’s desire to put focus on the risk management.
According to Oliva, F. L. (2016) article, enterprise risk management is mostly an issue in most of the current organizations. The article explains the diversity of what most organizations believe about ERM. The author explains that there is an increasingly competition that is brought by organizations that implement the use of ERM. There are some importance that the author explain for using ERM such as the preparation of risk, risk mitigation and risk reduction. Companies that use ERM are not comparable to those that do not use ERM, there is a great difference when it comes to performance.
Waseem-Ul-Hameed, F. H., Ali, M., & Arif, M. (2017), explain that the level of risk management adoption is the main element in the prosperity of ERM. Most organization fail to apply the risk management procedures which cause their risk management not to perform as well as expected to mitigate the expected risks. It is importance that organizations understand the need of applying the risk management procedure to ensure that ERM is successful in their organization. The author offers ways of developing a better ERM system through solving the issue of risk management application.
According to Brustbauer, J. (2016), there are some preconditions that one should follow for the implementation of ERM. According to the author most small enterprises either use active or the passive ERM method, that which impact the organization strategic orientation. The passive ERM approach is the approach is a defensive strategy while the active approach is referred to as the offensive method. There is need that organization utilize these two methods depending on the type of market they are dealing with. These methods help the organizations to realize the best method that they can use to adopt to the changing environment and the risk presented with the changing environment. Yılmaz, A. K., & Flouris, T. (2017), supports thes analysis by explaining how most business use the holistic and the tailored methodology to run their business. According to the author different organizations will need a different method to handle their risk, however, it is best that the organizations utilizes the ERM method as their way of managing risk since it has proved to be a successful methods.
Cohen, J., Krishnamoorthy, G., & Wright, A. (2017), explain the impact of ERM in the financial reporting processes. According to the authors, the current financial crisis happening in most organization has presented the need for organization to manage and handle their risk one approach that most organizations have supported is the use of enterprise risk management. The link amid ERM and financial reporting’s of organizations is important since the financial reporting show the financial position and the connected risk of the organization as identified by the enterprise risk management.
Kaya, İ. (2018). According to this author, the utilization of ERM is important in the organization since it offers the organization closure to identifying the possible risks and how to mitigate the risks. The author explains how risk affects the business financial flows. There is a huge probability that a huge amount of debt might raise the financial risk of a company, which can reduce the growth of the organization. ERM help realize the financial risks and help the organization avoid these risks or mitigate the financial risk after the occurrence.
The article written by Khan, S. N., & Ali, E. I. E. (2017) explains how using ERM is beneficial to organizations. The article explain how in the recent years most institutions have reported advancement due to the utilization of ERM framework in managing the different type of risks. ERM is known to be the most adminrable way to handle risk in the current era. Through moderating the function of intellectual capital in connection between firm performance and ERM one can realize that the difference is brought in by the use of ERM. Firms that have more intellectual capital are in a position to tackle the impacts of the unanticipated transformation in markets and economies. To achieve best performance organizations have adopted the use of ERM.
All organizations include the SMEs should implement the use of ERM. ERM has a lot of advantages to the business than the challenges that it might face. The challenges that organizations face after the implementation of ERM are mostly as a result of failure to follow the right procedure for risk management. If the organization follow the risk procedure then there will be no disadvantages since they will be in a position to realize the risk and weigh them to see if they are valuable or they should be avoided (Alwi et al., 2019). Not all risk should be avoided some risk are worth the try and that is why ERM is important to realize if the risk are worthy or not. When adopting a good ERM based system inside an organization, technology participates a very significant role since it is always the most essential component for companies to run effectively and successfully.
When organizations implement ERM they can transform from just being the custodians and historians of accounts to becoming futuristic thinkers. Organizations can transform and become couches as well as players in the new management initiative necessary to the future of the company well-being. Technology assist in the provision of timely information that assist in the identification, response and analysis of risk. The different types of risks that hinder success of an organization include the strategic risk, compliance risk, reputation risk, operational risk and financial risk (Brustbauer, 2016).
There are diverse strategies an organization can implement to handle risk. The first method to handle organization risk is avoidance; organization should try and avoid the activities that might cause risk to the company (Vij, 2019). There are some preconditions that one should follow for the implementation of ERM. According to the author most small enterprises either use active or the passive ERM method, that which impact the organization strategic orientation. The passive ERM approach is the approach is a defensive strategy while the active approach is referred to as the offensive method.
Alwi, S., Razak, S. E. A., Aslam, S. N. A. M., Basir, I. N., & Salleh, M. N. M. (2019). Enterprise Risk Management and Corporate Governance Strategic: Emerging Firm Value. Enterprise Risk, 28(18), 305-315. Retrieved from
Brustbauer, J. (2016). Enterprise risk management in SMEs: Towards a structural model. International Small Business Journal, 34(1), 70-85. Retrieved from
Brown, J., Duane, M., & Schuermann, T. (2019). What is enterprise risk management?. Journal of Risk Management in Financial Institutions, 12(4), 311-319. Retrieved from
Cohen, J., Krishnamoorthy, G., & Wright, A. (2017). Enterprise risk management and the financial reporting process: The experiences of audit committee members, CFO s, and external auditors. Contemporary Accounting Research, 34(2), 1178-1209. Retrieved from
Kaya, İ. (2018). Perspectives on Internal Control and Enterprise Risk Management. In Eurasian Business Perspectives (pp. 379-389). Springer, Cham. Retrieved from
Khan, S. N., & Ali, E. I. E. (2017). The moderating role of intellectual capital between enterprise risk management and firm performance: A conceptual review. American Journal of Social Sciences and Humanities, 2(1), 9-15. Retrieved from
Oliva, F. L. (2016). A maturity model for enterprise risk management. International Journal of Production Economics, 173, 66-79. Retrieved from
Waseem-Ul-Hameed, F. H., Ali, M., & Arif, M. (2017). Enterprise risk management (ERM) system: Implementation problem and role of audit effectiveness in Malaysian firms. Asian Journal of Multidisciplinary Studies, 5(11). Retrieved from
Yılmaz, A. K., & Flouris, T. (2017). Business and Strategy Via Integration of Enterprise Risk Management: Air Transportation Case Study. Springer-Verlag Singapore Pte LTD. Retrieved from
Vij, M. (2019). The emerging importance of risk management and enterprise risk management strategies in the Indian hospitality industry. Worldwide Hospitality and Tourism Themes. Retrieved from