What is Enterprise Risk Management?
Enterprise risk management is the process whereby an organization optimizes the manner in which it takes risks. All organizations accumulate resources and invest them in uncertain activities. Successful organizations take risks that are necessary for their goals, while avoiding other risks. Accordingly, enterprise risk management is not about seeking or avoiding risk, it is about optimizing risk. Why is it important? In recent years, numerous organizations have suffered staggering losses for having taken high financial risks; Enron is only the last of a long series. The situations present two common characteristics: the problem was directly caused by the actions of a single individual or a team; it could easily have been prevented through appropriate supervision. Today, an individual can pick up a phone and place billions of dollars in notional capital at risk. The risk does not only come from derivative instruments. It arises from the many sources of leverage that are available today.
