The Casualty Actuarial Society defines Enterprise Risk Management (ERM) as "the process by which organizations in all industries assess, control, exploit, finance, and monitor risks from all sources for the purpose of increasing the organization’s short and long term value to its shareholders". This seems to be as useful a definition as any. ERM is essentially a risk management perspective on management.
ERM is very fashionable as a management technique at the moment. It provides a framework based on analysing risks and opportunities, with an ultimate objective of creating value for the shareholders. It is sometime linked with Total Quality Management.
Note that ERM is not entirely consistent with the FSA’s view of risk. The FSA wants the firms that it regulates to have good processes in place to handle the risks to its (ie, the FSA’s) statutory objectives. ERM concentrates on risks to shareholder value.
The following external links are relevant:
- Report on Enterprise Risk Management
- Mastering Risk Volume 1: Concepts
- CP190: Enhanced capital requirements and individual capital assessments for non-life insurers
- CP195: Enhanced capital requirements and individual capital assessments for life insurers
- Quantifying operational risk in general insurance companies
- PS04/16: Integrated Prudential sourcebook for insurers