ERM Conceptual Frameworks
A variety of thought-leadership organizations have developed conceptual frameworks that outline the critical elements of any enterprise risk management (ERM) approach to risk oversight. While each is unique in its approach, the essential elements of an ERM are provided across all the frameworks. As most organizations embrace ERM they are encouraged to consider these best practices documents as they build their critical ERM processes to ensure all necessary elements are included. Below are summaries and links to the most widely cited ERM frameworks from around the world.
COSO's "Enterprise Risk Management - Integrated Framework"
The Australian/New Zealand Risk Standard
South Africa's King Report on Corporate Governance, 2002
Casualty Actuarial Society's Overview of Enterprise Risk Management
COSO's "Enterprise Risk Management - Integrated Framework"
"This Enterprise Risk Management – Integrated Framework expands on internal control,
providing a more robust and extensive focus on the broader subject of enterprise risk
management. While it is not intended to and does not replace the internal control framework,
but rather incorporates the internal control framework within it, companies may decide to
look to this enterprise risk management framework both to satisfy their internal control needs
and to move toward a fuller risk management process. Among the most critical challenges for managements is determining how much risk the entity is prepared to and does accept as it strives to create value. This report will better enable them to meet this challenge."
Download COSO's " Enterprise Risk Managment - Integrated Framework" [pdf]
To order the full document visit www.coso.org
The Australian/New Zealand Risk Standard
"This Standard provides a generic guide for managing risk. This Standard may be applied to a very wide range of activities, decisions or operations of any public, private or community enterprise, group or individual. While the Standard has very broad applicability, risk management processes are commonly applied by organizations or groups and so, for convenience, the term 'organization' has been used throughout this Standard."
Link to Australian Standard 4360 Risk management portal to purchase
Turnbull Report
United Kingdom's Turnbull Report Financial Reporting Council Internal Control Revised Guidance for Directors on the Combined Code, October 2005.
"Internal Control: Guidance for Directors on the Combined Code (The Turnbull guidance) was first issued in 1999. In 2004, the Financial Reporting Council established the Turnbull Review Group to consider the impact of the guidance and the related disclosures and to determine whether the guidance needed to be updated.
Download document [pdf]
South Africa's King Report on Corporate Governance, 2002
In 1994 the King Report on Corporate Governance (King I) was published by the King Committee on Corporate Governance, headed by former High Court judge, Mervyn King S.C. King I, incorporating a Code of Corporate Practices and Conduct, was the first of its kind in the country and was aimed at promoting the
highest standards of corporate governance in South Africa.Although groundbreaking at the time, the evolving
global economic environment together with recent legislative developments,have necessitated that King I be updated. To this end, the King Committee on Corporate Governance developed the King Report on Corporate Governance for South Africa, 2002 (King II).
King II acknowledges that there is a move away from the single bottom line (that is, profit for shareholders) to a triple bottom line, which embraces the economic, environmental and social aspects of a company’s activities.
Download document [pdf]
Standard & Poor's Enterprise Risk Management for Financial Institutions: Rating Criteria and Best Practices
Standard & Poor’s Ratings Services presents Enterprise Risk
Management For Financial Institutions: Rating Criteria And Best Practices.
This guide presents the latest ratings criteria for assessing the trading
risk management practices of financial institutions, as well as a broad
look at current best practices within financial institutions with respect to
Enterprise Risk Management.
Download document [pdf]
Casualty Actuarial Society's Overview of Enterprise Risk Management
"This document is intended primarily to further the risk managment education of candidates for membership in the Casualty Actuarial Society (CAS). Current members of the CAS as well as other risk management professional should also find this material of interest."
Download document [pdf]
Basel II: International Convergence of Capital Measurement and Capital Standards: A Revised Framework
"This report presents the outcome of the Basel Committee on Banking Supervision’s (“the Committee”) work over recent years to secure international convergence on revisions to supervisory regulations governing the capital adequacy of internationally active banks. Following the publication of the Committee’s first round of proposals for revising the capital adequacy framework in June 1999, an extensive consultative process was set in train in all member countries and the proposals were also circulated to supervisory authorities worldwide."
Link to download document