The Risk Management CycleAs indicated in yesterday's post, there is considerable depth of resources relating to risk management at the Global Association of Risk Professionals website. An item I would recommend for an overview of what is involved in establishing integrated risk management is an eighteen-slide presentation (pdf) by Scott Kwarta, Director of Advisory Services at OpenPages, Inc., that he gave at GARP's 2007 convention.
Kwarta adopts the definition of enterprise risk management (pdf) that was published by the Committee of Sponsoring Organizations of the Treadway Commission in 2004:
Enterprise risk management is a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.The key graphic from the presentation, reproduced below, shows the risk management cycle.
Once you have the phases of the cycle set in your in mind, the details of Kwarta's presentation are easier to comprehend and absorb.
Labels: Risk management