Introduction Enterprise Risk Management (ERM) is on the rise designed to oversee the portfolio of risks facing an enterprise. This is especially after the recent corporate financial reporting scandals occurred frequently. Entity stakeholders are demanding greater oversight of key risks facing the enterprise to ensure that stakeholder value is preserved and enhanced (Walkeret al., 2002). As an effective response to risk management and a holistic approach that is different from the traditional risk management separately addressing risks, ERM should help companies to deal with risks and opportunities more effectively, enhancing the entity’s capacity to create and preserve value for its stakeholders (COSO, 2004). However, whether each part of COSO is performing effectively to the enterprise risk management or not and what can we do to improve the effectiveness, this paper aims to discuss about some major parts below. 1. Internal environment’s effect on ERM effectiveness environment’ The COSO introduces the Internal Environment to be the tone of an organization, influencing the risk consciousness of its people, and is the basis for all other components of enterprise risk management, providing discipline and structure (COSO, 2004). However, some organizations pay little attention to this since they regard it useless on improving ERM effectiveness. We seek to take a step in this direction to analysis some major parts in it:
1.1 Risk management philosophy
Under normal circumstances, the organization’s philosophy should be conveyed to
both internal employees and external stakeholders at first. It reflects the organization’s whole values, mission, beliefs and attitudes. To see different entities’ philosophies, we find them almost using the same content and style. In spite of this, the risk management philosophy still takes the tiller of ERM, helping to draw stakeholders’ attention and encourage the employees with everyday actions.
1.2 Risk appetite
Some researchers claim they find no evidence from their survey results that risk appetite improve ERM effectiveness (Paape and Spelké, 2012). However their survey data mostly rely on public sector and not-for-profit organizations (40.5%). This conclusion cannot stand for the companies and other entities. Risk appetite provides a boundary around the amount of risk an organization might pursue (Larry and Frank, 2012). When the entity board starts to set up its objective and consider the operating strategy, it should take its risk appetite into account. To be risk-loving, risk-neutral or risk-averse has big differences in strategy chosen. And it does really affect the goal setting and management decisions making. For example, a risk-averse entity will pay more attention to the uncertainty to avoid risks and it may need more rigorous event identification and risk assessment procedure. Thus, an accurate consideration about the risk appetite will help the entity to balance risks and opportunities to achieve the operation goals.
1.3 Integrity and...