Enterprise Risk Management
In the 21st Century, the news of corporate scandals involving corruption enormously spread across not only the country but across the globe also. Accounting firms, investors, lenders, corporate managers and innocent bystanders were all embroiled in the chaos with the extent of corporate malfeasance being indeterminable. Collateral damage inflicted by scandals involving corporations such as Enron, Arthur Andersen LLP, WorldCom, Adelphia Communications, etc, was shocking. The occurrence of such business and audit failures led individuals in a state of contemplation. How did such situations occur; what could have been done to prevent them? This is where Enterprise Risk Management (ERM) comes in effect. As discussed below, one will see how the need for ERM arises and when it does, what functions ERM serves, the process it goes through, who participates, their roles and the advantages of having ERM in place. The focus will be on how to identify, measure, and respond to risk as well as what the role of the board of directors, management and employees is in risk management. Enterprise Risk Management
Risk is where it all begins. Events may have a positive or negative affect on a company and its strategy. If the events can be foreseen, the company has the opportunity to reduce any negative impacts and in turn reduce risk; or they can amplify the success of a positive event, which would in turn, present opportunities. (COSO, 2004) Risk can be defined as the probability of a known loss. ERM deals with risks and opportunities affecting value creation or preservation. Enterprise risk management, as defined by COSO is a process, affected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives. (2004) If the negative event were to occur, mitigation through ERM would allow maintenance of the companies’ objectives. The level of negative impact that a company can absorb and still meet its objectives and/or continue to exist is defined as risk appetite. The negative impacts that are important to avoid are the unforeseeable ones. The most elusive characteristic of risk is that it is never definite, and as a result, the planning and measures that go into place are contingent on the event occurring, otherwise a waste of valuable resources may occur. For example, Jones Construction Company, with 200 employees, requires its employees to wear hard hats provided by the company while on-site. When Jones purchased the hats, they did not purchase through the cheapest bid because the plastic was brittle, weak and not enough padding was provided. The company spent over $20,000 on their initial purchase of quality hats and now replaces the hats annually. Despite the fact that no one may ever get hurt due to falling objects, the company is still committed to purchasing and replacing the hats. That is an easy cost to bear as opposed to other situations. What if a falling object was to injure two employees because the cheaper hats failed to properly protect? Jones may have to pay a lot more in medical bills and workman’s compensation. Additionally, if the hats were not replaced due to neglect, the employees may file a lawsuit costing the company even more money in attorney’s fees and court ordered damages. In this case, the $20,000 in purchasing quality hats and replacing them annually is a better alternative in comparison to the excessive losses the company would possibly have to absorb. In order to prevent these losses, effective preparation is necessary. Identifying Risks
In order to identify situations in which risk avoidance is possible, it’s important to have in place ERM. ERM has the potential to provide many benefits to a corporation that...
Please join StudyMode to read the full document