Description

Book Synopsis
A practical, real-world guide for implementing enterprise risk management (ERM) programs into your organization Enterprise risk management (ERM) is a complex yet critical issue that all companies must deal with in the twenty-first century. Failure to properly manage risk continues to plague corporations around the world.

Table of Contents

Preface xiii

Acknowledgments xix

Part One ERM in Context

Chapter 1 Fundamental Concepts and Current State 3

Introduction 3

What Is Risk? 4

What Does Risk Look Like? 8

Enterprise Risk Management (ERM) 11

The Case for ERM 13

Where ERM Is Now 18

Where ERM Is Headed 19

Notes 20

Chapter 2 Key Trends and Developments 21

Introduction 21

Lessons Learned from the Financial Crisis 21

The Wheel of Misfortune Revisited 26

Global Adoption 34

Notes 37

Chapter 3 Performance-Based Continuous ERM 41

Introduction 41

Phase Three: Creating Shareholder Value 43

Performance-Based Continuous ERM 44

Case Study: Legacy Technology 56

Notes 59

Chapter 4 Stakeholder Requirements 61

Introduction 61

Stakeholders Defined 62

Managing Stakeholder Value with ERM 79

Implementing a Stakeholder Management Program 80

Appendix A: Reputational Risk Policy 83

Notes 87

Part Two Implementing an ERM Program

Chapter 5 The ERM Project 93

Introduction 93

Barriers to Change 93

Establish the Vision 95

Obtain Buy-In from Internal Stakeholders 97

Assess Current Capabilities against Best Practices 100

Develop a Roadmap 104

Appendix A: ERM Maturity Model 108

Appendix B: Practical Plan for ERM Program Implementation 111

Chapter 6 Risk Culture 115

Introduction 115

Risk Culture Success Factors 117

Best Practice: Risk Escalation 130

Conclusion 130

Notes 131

Chapter 7 The ERM Framework 132

Introduction 132

The Need for an ERM Framework 132

ERM Framework Criteria 136

Current ERM Frameworks 138

An Update: The Continuous ERM Model 145

Developing a Framework 150

Conclusion 153

Notes 153

Part Three Governance Structure and Policies

Chapter 8 The Three Lines of Defense 157

Introduction 157

COSO’s Three Lines of Defense 158

Problems with This Structure 160

The Three Lines of Defense Revisited 164

Bringing It All Together: How the Three Lines Work in Concert 172

Conclusion 173

Notes 173

Chapter 9 Role of the Board 175

Introduction 175

Regulatory Requirements 176

Current Board Practices 179

Case Study: Satyam 180

Three Levers for ERM Oversight 181

Conclusion 189

Notes 189

Chapter 10 The View from the Risk Chair 191

Introduction 191

Turnaround Story 191

The GPA Model in Action 192

Top Priorities for the Risk Oversight Committee 192

Conclusion 196

Notes 197

Chapter 11 Rise of the CRO 198

Introduction 198

History and Rise of the CRO 199

A CRO’s Career Path 201

The CRO’s Role 202

Hiring a CRO 206

A CRO’s Progress 208

Chief Risk Officer Profiles 212

Notes 225

Chapter 12 Risk Appetite Statement 227

Introduction 227

Requirements of a Risk Appetite Statement 228

Developing a Risk Appetite Statement 233

Roles and Responsibilities 239

Monitoring and Reporting 242

Examples of Risk Appetite Statements and Metrics 246

Notes 250

Part Four Risk Assessment and Quantification

Chapter 13 Risk Control Self-Assessments 255

Introduction 255

Risk Assessment: An Overview 255

RCSA Methodology 256

Phase 1: Setting the Foundation 259

Phase 2: Risk Identification, Assessment, and Prioritization 262

Phase 3: Deep Dives, Risk Quantification, and Management 267

Phase 4: Business and ERM Integration 270

ERM and Internal Audit Collaboration 272

Notes 273

Chapter 14 Risk Quantification Models 274

Introduction 274

Market Risk Models 275

Credit Risk Models 278

Operational Risk Models 281

Model Risk Management 283

The Loss/Event Database 288

Early Warning Indicators 289

Model Risk Case Study: AIG 289

Notes 290

Part Five Risk Management

Chapter 15 Strategic Risk Management 295

Introduction 295

The Importance of Strategic Risk 296

Measuring Strategic Risk 299

Managing Strategic Risk 301

Appendix A: Strategic Risk Models 310

Notes 312

Chapter 16 Risk-Based Performance Management 314

Introduction 314

Performance Management and Risk 316

Performance Management and Capital 317

Performance Management and Value Creation 319

Summary 323

Notes 324

Part Six Risk Monitoring and Reporting

Chapter 17 Integration of KPIs and KRIs 327

Introduction 327

What Is an Indicator? 327

Using Key Performance Indicators 329

Building Key Risk Indicators 330

KPI and KRI Program Implementation 335

Best Practices 337

Conclusion 338

Notes 339

Chapter 18 ERM Dashboard Reporting 340

Introduction 340

Traditional Risk Reporting vs. ERM Dashboard Reporting 344

General Dashboard Requirements 348

Implementing ERM Dashboards 351

Avoid Common Mistakes 357

Best Practices 358

Notes 361

Chapter 19 Feedback Loops 362

Introduction 362

What Is a Feedback Loop? 363

Examples of Feedback Loops 364

ERM Performance Feedback Loop 366

Measuring Success with the ERM Scorecard 368

Notes 371

Part Seven Other ERM Resources

Chapter 20 Additional ERM Templates and Outlines 375

Introduction 375

Strategic Risk Assessment 375

CRO Report to the Risk Committee 376

Cybersecurity Risk Appetite and Metrics 378

Model Risk Policy 380

Risk Escalation Policy 382

Notes 385

About the Author 386

Index 387

Implementing Enterprise Risk Management

Product form

£59.25

Includes FREE delivery

RRP £79.00 – you save £19.75 (25%)

Order before 4pm today for delivery by Tue 23 Dec 2025.

A Hardback by James Lam

5 in stock


    View other formats and editions of Implementing Enterprise Risk Management by James Lam

    Publisher: John Wiley & Sons Inc
    Publication Date: 12/05/2017
    ISBN13: 9780471745198, 978-0471745198
    ISBN10: 0471745197
    Also in:
    Budgeting and financial management

    Description

    Book Synopsis
    A practical, real-world guide for implementing enterprise risk management (ERM) programs into your organization Enterprise risk management (ERM) is a complex yet critical issue that all companies must deal with in the twenty-first century. Failure to properly manage risk continues to plague corporations around the world.

    Table of Contents

    Preface xiii

    Acknowledgments xix

    Part One ERM in Context

    Chapter 1 Fundamental Concepts and Current State 3

    Introduction 3

    What Is Risk? 4

    What Does Risk Look Like? 8

    Enterprise Risk Management (ERM) 11

    The Case for ERM 13

    Where ERM Is Now 18

    Where ERM Is Headed 19

    Notes 20

    Chapter 2 Key Trends and Developments 21

    Introduction 21

    Lessons Learned from the Financial Crisis 21

    The Wheel of Misfortune Revisited 26

    Global Adoption 34

    Notes 37

    Chapter 3 Performance-Based Continuous ERM 41

    Introduction 41

    Phase Three: Creating Shareholder Value 43

    Performance-Based Continuous ERM 44

    Case Study: Legacy Technology 56

    Notes 59

    Chapter 4 Stakeholder Requirements 61

    Introduction 61

    Stakeholders Defined 62

    Managing Stakeholder Value with ERM 79

    Implementing a Stakeholder Management Program 80

    Appendix A: Reputational Risk Policy 83

    Notes 87

    Part Two Implementing an ERM Program

    Chapter 5 The ERM Project 93

    Introduction 93

    Barriers to Change 93

    Establish the Vision 95

    Obtain Buy-In from Internal Stakeholders 97

    Assess Current Capabilities against Best Practices 100

    Develop a Roadmap 104

    Appendix A: ERM Maturity Model 108

    Appendix B: Practical Plan for ERM Program Implementation 111

    Chapter 6 Risk Culture 115

    Introduction 115

    Risk Culture Success Factors 117

    Best Practice: Risk Escalation 130

    Conclusion 130

    Notes 131

    Chapter 7 The ERM Framework 132

    Introduction 132

    The Need for an ERM Framework 132

    ERM Framework Criteria 136

    Current ERM Frameworks 138

    An Update: The Continuous ERM Model 145

    Developing a Framework 150

    Conclusion 153

    Notes 153

    Part Three Governance Structure and Policies

    Chapter 8 The Three Lines of Defense 157

    Introduction 157

    COSO’s Three Lines of Defense 158

    Problems with This Structure 160

    The Three Lines of Defense Revisited 164

    Bringing It All Together: How the Three Lines Work in Concert 172

    Conclusion 173

    Notes 173

    Chapter 9 Role of the Board 175

    Introduction 175

    Regulatory Requirements 176

    Current Board Practices 179

    Case Study: Satyam 180

    Three Levers for ERM Oversight 181

    Conclusion 189

    Notes 189

    Chapter 10 The View from the Risk Chair 191

    Introduction 191

    Turnaround Story 191

    The GPA Model in Action 192

    Top Priorities for the Risk Oversight Committee 192

    Conclusion 196

    Notes 197

    Chapter 11 Rise of the CRO 198

    Introduction 198

    History and Rise of the CRO 199

    A CRO’s Career Path 201

    The CRO’s Role 202

    Hiring a CRO 206

    A CRO’s Progress 208

    Chief Risk Officer Profiles 212

    Notes 225

    Chapter 12 Risk Appetite Statement 227

    Introduction 227

    Requirements of a Risk Appetite Statement 228

    Developing a Risk Appetite Statement 233

    Roles and Responsibilities 239

    Monitoring and Reporting 242

    Examples of Risk Appetite Statements and Metrics 246

    Notes 250

    Part Four Risk Assessment and Quantification

    Chapter 13 Risk Control Self-Assessments 255

    Introduction 255

    Risk Assessment: An Overview 255

    RCSA Methodology 256

    Phase 1: Setting the Foundation 259

    Phase 2: Risk Identification, Assessment, and Prioritization 262

    Phase 3: Deep Dives, Risk Quantification, and Management 267

    Phase 4: Business and ERM Integration 270

    ERM and Internal Audit Collaboration 272

    Notes 273

    Chapter 14 Risk Quantification Models 274

    Introduction 274

    Market Risk Models 275

    Credit Risk Models 278

    Operational Risk Models 281

    Model Risk Management 283

    The Loss/Event Database 288

    Early Warning Indicators 289

    Model Risk Case Study: AIG 289

    Notes 290

    Part Five Risk Management

    Chapter 15 Strategic Risk Management 295

    Introduction 295

    The Importance of Strategic Risk 296

    Measuring Strategic Risk 299

    Managing Strategic Risk 301

    Appendix A: Strategic Risk Models 310

    Notes 312

    Chapter 16 Risk-Based Performance Management 314

    Introduction 314

    Performance Management and Risk 316

    Performance Management and Capital 317

    Performance Management and Value Creation 319

    Summary 323

    Notes 324

    Part Six Risk Monitoring and Reporting

    Chapter 17 Integration of KPIs and KRIs 327

    Introduction 327

    What Is an Indicator? 327

    Using Key Performance Indicators 329

    Building Key Risk Indicators 330

    KPI and KRI Program Implementation 335

    Best Practices 337

    Conclusion 338

    Notes 339

    Chapter 18 ERM Dashboard Reporting 340

    Introduction 340

    Traditional Risk Reporting vs. ERM Dashboard Reporting 344

    General Dashboard Requirements 348

    Implementing ERM Dashboards 351

    Avoid Common Mistakes 357

    Best Practices 358

    Notes 361

    Chapter 19 Feedback Loops 362

    Introduction 362

    What Is a Feedback Loop? 363

    Examples of Feedback Loops 364

    ERM Performance Feedback Loop 366

    Measuring Success with the ERM Scorecard 368

    Notes 371

    Part Seven Other ERM Resources

    Chapter 20 Additional ERM Templates and Outlines 375

    Introduction 375

    Strategic Risk Assessment 375

    CRO Report to the Risk Committee 376

    Cybersecurity Risk Appetite and Metrics 378

    Model Risk Policy 380

    Risk Escalation Policy 382

    Notes 385

    About the Author 386

    Index 387

    Recently viewed products

    © 2025 Book Curl

      • American Express
      • Apple Pay
      • Diners Club
      • Discover
      • Google Pay
      • Maestro
      • Mastercard
      • PayPal
      • Shop Pay
      • Union Pay
      • Visa

      Login

      Forgot your password?

      Don't have an account yet?
      Create account