Successful Risk Management Implementation
MANILA, Philippines - Since the formal introduction of formal concepts on risk management in early 1990s, there have been a lot of developments in the theoretical and practical methods affecting the manner in which companies implement their internal risk management system. The term risk management evolved to the presently termed enterprise wide risk management (EWRM) or simply enterprise risk management (ERM). This is followed closely by the introduction of various risk management frameworks which defines how a company manages its risks.
A Risk Management Framework (RMF) is a top-level framework - a full cycle activity that allows a consistent and repeatable expertise-driven approach to risk management.
RMF is the heart of an entity's risk management system because it sets the context that defines how risks will be managed (how the risks will be identified, analyzed, controlled, reported, monitored and reviewed). The choice of a risk management framework therefore, should vary from company to company taking into consideration its objectives, management philosophy and any internal limitations However, the choice of a risk management framework has so far, been significantly affected by the development of so many risk management standards in the international community (from the Australian/New Zealand Standard in 1992, the Canadian Standard in 1994, the British Standard in 1998 and the American Standard in 2004 - COSO Framework).
Being the latest, the COSO Framework is now given more weight by some entities presumably because it is new. This does not mean however that the other standards have stagnated or did not change. Even the COSO integrated approach, while adopted only in 2004, already had new developments which were embodied under a new standard issued in 2009.
While there is no shortage of risk management standards and guidelines in the international community, the existence and continuous divergent growth of huge amounts of related information has resulted in an uncoordinated growth pattern and, as a result, the international community is lacking in a universal approach and terminology in the area of risk management that could be recognized as the one industry or international standard. To date, there is no end in sight and new developments and guidelines will continue to be introduced - perhaps the future will be more industry related or focused than general in nature. …