Al-QURAN - NED University

By: Mohammad Umair KhanzadaIM-27/ B.ESome form of Enterprise Risk Management (ERM)has always been practiced by managers, whenthey have tried to identify and manage this risksthat are faced by their organizations. Suchmanagement of risks is done through transfer ofrisks to insurers or reinsurers, and also throughplanning for contingencies and crisis. However, inrecent years, organizations have started toconsider risks in a more holistic, organization-widemanner, and to elevate risk management to asenior management responsibility.What is ERM?Enterprise Risk Management is defined as aprocess which is put in place: firstly, to identifypotential risks that can affect an organization; andsecondly, to manage this risk to ensure that theyremain within its risk appetite.The goal of the process is to have reasonableassurance that the organization’s objectives canbe achieved. The process should be applied bothin strategy setting and cross the enterprise.The following are some of the trends which areleading to an evolution in ERM practice:New and more complicated risks are emerging,such as foreign exchange risk, due to growingglobalization, advances in technology andincreasing sophistication in financial markets.Recent high profile cases, such as Barings Bankand Enron, are motivating rating agencies,regulators and lenders to insist that seniormanagement take more responsibility formanaging risks on an enterprise-wide scale.Developments in financial and managementtheory are a leading to an increasing awareness ofthe interactions of many risks, and the realizationthat such risks must be managed with the totalorganization in view.Advances in research and computing power havemade quantification of risks easier, and enabledorganizations to more easily analyze “what if”scenarios.Organizations are increasingly recognizing thatrisks can also be a source of opportunity, and thatcertain risks can be kept and actively pursuedbecause of confidence in the management’sability to exploit such risks.BENEFITS:Applying the ERM process will result in thefollowing benefits for an organization:The organization’s risk appetite is explicitlyconsidered when business strategies andcorporate objectives are analyzed.The organization is better able to identify andselect the best response for a risk – whether toavoid, reduce, share or accept.The organization gains enhanced capability toidentify potential events and establish responses.This will reduce “surprises” and associated costsor losses.The organization is able to develop integrated andeffective responses to inter-related risks whichaffect different parts of the organization.By considering the full range of potential events,the organization is better able to identify andseize opportunities.The organization is more effectively able to assessthe overall capital needs and enhance capitalallocation cross the business.In summary, “enterprise risk management helpsan entity to get to where it wants to go and avoidpitfalls and surprises along the way”.PROCESS STEPS:A summary of the steps which are taken by anorganization to implement an enterprise riskmanagement process are described below:Establish Context – This step includes defining therelationship of the enterprise with itsenvironment, including identification of theenterprise’s strengths, weaknesses, opportunities,and threats (“SWOT Analysis”); gaining anunderstanding of the overall objectives, strategiesand key performance indicators of the21