SCOPE OF ERM
RISK QUOTE: When you arrive at a fork in the road, take it.
—YOGI BERRA, BASEBALL PLAYER
RISK QUOTE: The greatest glory in living lies not in never falling
but in rising every time we fall.
—NELSON MANDELA, SOUTH AFRICAN STATESMAN
Enterprise risk management (ERM) emerged in the late 1980s as an extension of hazard risk management. It argues that an organization should manage enterprise risks in a single, comprehensive program and coordinate ERM with hazard risk management, internal control processes, internal audit, and compliance.
Like modern risk management, ERM has existed for a sufficient period of time that we can refer to 1990 to 2006 as its traditional period. ERM raised issues about risk tolerance. How much risk are we willing to take? This goes beyond loss exposures into the arena of risk identification. What risks are we managing? ERM involved itself in risk assessment. Which risks are unbearable? Which are important? Which are unimportant?
It is difficult to deny the role and importance of enterprise risk management. The world changed dramatically after 9/11 and the corporate scandals that followed at Enron, WorldCom, and other major corporations. It became an organizational priority to identify and manage new exposures. ERM became a buzzword on the