Enterprise Risk Management (ERM) is the approach that manages the full spectrum of risks and their combined impact as an interrelated risk profile to the organization. ERM enables an organization to consider the potential impact of all types of risks on all processes, activities, stakeholders, products and services1. ERM helps an organization to align its strategy, processes, technology, and knowledge with the purpose of evaluating and managing the uncertainties it faces2. ERM is a holistic and integrated approach that covers strategic, operational, financial, and compliance risks, as well as opportunities3. References:
ISO 31000:2018, clause 3.1
ISO 22301 Auditing eBook, page 11
Enterprise Risk Management - Integrating with Strategy and Performance, page 4
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit