762 resultados para Enterprise risk management
Resumo:
Purpose The paper examines the impact of internal auditors’ involvement in Enterprise Risk Management (ERM) on perceptions of their willingness to report a breakdown in risk procedures and whether a strong relationship with the audit committee affects such willingness to report. The study also investigates the use of ERM and the role of internal audit in ERM in Australian private and public sector entities. Design/methodology/approach The study uses an experimental design, manipulating (i) the internal auditor’s involvement in ERM and (ii) the strength of the relationship between internal audit and the audit committee. Participants are 117 certified internal auditors. The study also gathers descriptive data on the use of ERM. Findings The study indicates that a high involvement in ERM impacts the perceptions of internal auditors’ willingness to report a breakdown in risk procedures to the audit committee. However, a strong relationship with the audit committee does not appear to affect their perceived willingness to report. The study also finds that the majority of organisations have recently adopted ERM. Internal auditors are involved in ERM assurance activities but some also engage in activities that could compromise objectivity.
Resumo:
Enterprise Risk Management (ERM) is the discipline by which enterprises monitor, analyze, and control risks from across the enterprise, with the goal of identifying underlying correlations and thus optimizing the risk-taking behavior in a portfolio context. This study analyzes the valuation implications of ERM Maturity. We use data from the industry leading Risk and Insurance Management Society Risk Maturity Model over the period from 2006 to 2011, which scores firms on a five-point maturity scale. Our results suggest that firms that have reached mature levels of ERM are exhibiting a higher firm value, as measured by Tobin's Q. We find a statistically significant positive relation to the magnitude of 25 percent. Upon decomposition of the maturity score, we find that the most important aspects of ERM from a valuation perspective relate to the level of top–down executive engagement and the resultant cascade of ERM culture throughout the firm. Firms that have successfully integrated the ERM process into both their strategic activities and everyday practices display superior ability in uncovering risk dependencies and correlations across the entire enterprise and as a consequence enhanced value when undertaking the ERM maturity journey ceteris paribus.
Resumo:
Dissertação de Mestrado apresentado ao Instituto de Contabilidade e Administração do Porto para a obtenção do grau de Mestre em Auditoria, sob orientação do Mestre Fernando Teixeira Pinto
Resumo:
Enterprise Risk Management (ERM) is gaining relevance among financial and non-financial companies but its benefits still are uncertain. This paper aims at investigating the relationship between ERM adoption and firm performance based on a sample of 1130 non-financial companies belonging to the STOXX® index. A content analysis of individual accounts is performed to distinguish adopters, and a regression analysis explores the effect of ERM adoption on firm performance, proxied by Tobin’s Q. The findings suggest that there is a statistical significant positive effect of ERM adoption on firm performance, meaning that firms are benefiting from the implementation of this process.
Resumo:
Risk and knowledge are two concepts and components of business management which have so far been studied almost independently. This is especially true where risk management (RM) is conceived mainly in financial terms, as for example, in the financial institutions sector. Financial institutions are affected by internal and external changes with the consequent accommodation to new business models, new regulations and new global competition that includes new big players. These changes induce financial institutions to develop different methodologies for managing risk, such as the enterprise risk management (ERM) approach, in order to adopt a holistic view of risk management and, consequently, to deal with different types of risk, levels of risk appetite, and policies in risk management. However, the methodologies for analysing risk do not explicitly include knowledge management (KM). This research examines the potential relationships between KM and two RM concepts: perceived quality of risk control and perceived value of ERM. To fulfill the objective of identifying how KM concepts can have a positive influence on some RM concepts, a literature review of KM and its processes and RM and its processes was performed. From this literature review eight hypotheses were analysed using a classification into people, process and technology variables. The data for this research was gathered from a survey applied to risk management employees in financial institutions and 121 answers were analysed. The analysis of the data was based on multivariate techniques, more specifically stepwise regression analysis. The results showed that the perceived quality of risk control is significantly associated with the variables: perceived quality of risk knowledge sharing, perceived quality of communication among people, web channel functionality, and risk management information system functionality. However, the relationships of the KM variables to the perceived value of ERM are not identified because of the low performance of the models describing these relationships. The analysis reveals important insights into the potential KM support to RM such as: the better adoption of KM people and technology actions, the better the perceived quality of risk control. Equally, the results suggest that the quality of risk control and the benefits of ERM follow different patterns given that there is no correlation between both concepts and the distinct influence of the KM variables in each concept. The ERM scenario is different from that of risk control because ERM, as an answer to RM failures and adaptation to new regulation in financial institutions, has led organizations to adopt new processes, technologies, and governance models. Thus, the search for factors influencing the perceived value of ERM implementation needs additional analysis because what is improved in RM processes individually is not having the same effect on the perceived value of ERM. Based on these model results and the literature review the basis of the ERKMAS (Enterprise Risk Knowledge Management System) is presented.
Resumo:
This paper starts from the viewpoint that enterprise risk management is a specific application of knowledge in order to control deviations from strategic objectives, shareholders’ values and stakeholders’ relationships. This study is looking for insights into how the application of knowledge management processes can improve the implementation of enterprise risk management. This article presents the preliminary results of a survey on this topic carried out in the financial services sector, extending a previous pilot study that was in retail banking only. Five hypotheses about the relationship of knowledge management variables to the perceived value of ERM implementation were considered. The survey results show that the two people-related variables, perceived quality of communication among groups and perceived quality of knowledge sharing were positively associated with the perceived value of ERM implementation. However, the results did not support a positive association for the three variables more related to technology, namely network capacity for connecting people (which was marginally significant), risk management information system functionality and perceived integration of the information systems. Perceived quality of communication among groups appeared to be clearly the most significant of these five factors in affecting the perceived value of ERM implementation.
Resumo:
Risk management and knowledge management have so far been studied almost independently. The evolution of risk management to the holistic view of Enterprise Risk Management requires the destruction of barriers between organizational silos and the exchange and application of knowledge from different risk management areas. However, knowledge management has received little or no attention in risk management. This paper examines possible relationships between knowledge management constructs related to knowledge sharing, and two risk management concepts: perceived quality of risk control and perceived value of enterprise risk management. From a literature review, relationships with eight knowledge management variables covering people, process and technology aspects were hypothesised. A survey was administered to risk management employees in financial institutions. The results showed that the perceived quality of risk control is significantly associated with four knowledge management variables: perceived quality of risk knowledge sharing, perceived quality of communication among people, web channel functionality, and risk management information system functionality. However, the relationships of the knowledge management variables to the perceived value of enterprise risk management are not significant. We conclude that better knowledge management is associated with better risk control, but that more effort needs to be made to break down organizational silos in order to support true Enterprise Risk Management.
Resumo:
Risk management and knowledge management have so far been studied almost independently. The evolution of risk management to the holistic view of Enterprise Risk Management requires the destruction of barriers between organizational silos and the exchange and application of knowledge from different risk management areas. However, knowledge management has received little or no attention in risk management. This paper examines possible relationships between knowledge management constructs related to knowledge sharing, and two risk management concepts: perceived quality of risk control and perceived value of enterprise risk management. From a literature review, relationships with eight knowledge management variables covering people, process and technology aspects were hypothesised. A survey was administered to risk management employees in financial institutions. The results showed that the perceived quality of risk control is significantly associated with four knowledge management variables: perceived quality of risk knowledge sharing, perceived quality of communication among people, web channel functionality, and risk management information system functionality. However, the relationships of the knowledge management variables to the perceived value of enterprise risk management are not significant. We conclude that better knowledge management is associated with better risk control, but that more effort needs to be made to break down organizational silos in order to support true Enterprise Risk Management.
Resumo:
This article takes the perspective that risk knowledge and the activities related to RM practice can benefit from the implementation of KM processes and systems, to produce a better enterprise wide implementation of risk management. Both in the information systems discipline and elsewhere, there has been a trend towards greater integration and consolidation in the management of organizations. Some examples of this are: Enterprise Resource Planning (Stevens, 2003), Enterprise Architecture (Zachmann, 1996) and Enterprise Content Management (Smith & McKeen, 2003). Similarly, risk management is evolving into Enterprise Risk Management. KM’s importance in breaking down silos within an organization can help it to do so.
Resumo:
In any organization, risk plays a huge role in the success or failure of any business endeavour. Measuring and managing risk is a difficult and often complicated task and the global financial crisis of the late noughties can be traced to a worldwide deficiency in risk management regimes. One of the problems in understanding how best to manage risk is a lack of detailed examples of real world practice. In this accessible textbook the author sets the world of risk management in the context of the broader corporate governance agenda, as well as explaining the core elements of a risk management system. Material on the differences between risk management and internal auditing is supplemented by a section on the professionalization of risk – a relatively contemporary evolution. Enterprise risk management is also fully covered. With a detailed array of risk management cases – including Tesco, RBS and the UK government – lecturers will find this a uniquely well researched resource, supplemented by materials that enable the cases to be easily integrated into the classroom. Risk managers will be delighted with the case materials made available for the first time with the publication of this book.
Resumo:
Definitions and perceptions of the role and styles of risk management, and performance management/strategic control systems have evolved over time, but it can be argued that risk management is primarily concerned with ensuring the achievement of strategic objectives. This paper shows the extent of overlap between a broad-based view of risk management, namely Enterprise Risk Management (ERM), and the balanced scorecard, which is a widely used strategic control system. A case study of one of the UK's largest retailers, Tesco plc, is used to show how ERM can be introduced as part of an existing strategic control system. The case demonstrates that, despite some differences in lines of communications, the strategic controls and risk controls can be used to achieve a common objective. Adoption of such an integrated approach, however, has implications for the profile of risk and the overall risk culture within an organisation.
Resumo:
This article argues that, post Enron, governance reforms around the world have served to raise the profile of risk management, and emphasise the need for a corporate wide approach to internal control that is overseen by the Board of Directors. In the US, this is most clearly demonstrated by the emergence of Enterprise Risk Management (ERM), defined as 'a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.' (COSO, 2004, p.2). In practical terms, however, the introduction of an enterprise wide holistic risk management system poses a big challenge to all but the smallest of organisations. The financial crisis has clearly shown that enterprise wide risk management remains a dream rather than a reality for even the world's largest and once highly respected companies.