Enterprise risk management (ERM) in business includes the methods and processes used by organisations to manage risks and seize opportunities related to the achievement of their objectives.
Enterprise risk management needs to be conducted within the framework of a complete risk management system consisting of:
- a policy statement approved by the board of directors
- a risk management manual
- a risk management tool
EP personnel have the qualifications and experience to assist your in all of the above areas of risk management.
Our purpose-built software, EPRisk covers the entire life of risks including:
Identify risk;
Assess the risk (using a three stage process);
Assign mitigation actions;
Monitor mitigation actions;
Identify recovery or contingency measures;
Re-assessment;
Close-out.
We have also developed a modified opportunity/risk matrix in which risks are shown negatively below the X axis, while opportunities are shown positively above the X axis.
EPEn personnel are multi-disciplinary and have diverse backgrounds, which gives great depth and breadth to our risk assessment capability. In addition to facilitating risk management workshops, other specialist risk assessments include:
Cost Risk assessment;
Schedule Risk assessment;
Decision Risk Assessment using Event Tree Analysis.
Typical categories of risk that might impact an organisation include:
- Strategic
- Financial
- Commercial
- Operational
- Organisational
- Political
- Legal
- Technical
Assessment of risks needs to be undertaken, bearing in mind the risk appetite of the organisation. Companies preferring to be seen as 'rock solid' may be very much risk averse, whereas others are more prepared to take risks to maximise returns for the stakeholders.
EP’s experienced personnel will help your organisation identify its top risks and determine its overall risk exposure. Based on projections of the scope for improvement and effectiveness of the mitigation actions, a forecast of the risk reduction profile can then be made.