Risk Management Consulting Services - ERM

ERM is the process of coordinated risk management that places a greater emphasis on co-operation among departments to manage the organisation's range of risks as a whole. ERM offers a framework to effectively manage uncertainty, respond to risk and exploit opportunities as they arise. Enterprise Wide Risk Management is a framework comprising policies, processes, tools, reports and the right governance structure to help enterprises manage all material risks, the correlation between risks, linkages between strategy, risks and capital requirement.

CRIS' Enterprise Risk Management Framework encompasses the following elements:

Enterprise Wide Risk Management

Diagnostic Review
This stage primarily involves a diagnostic review of risk-management-related processes at the organisation, which forms the basis for the overall ERM implementation process. The diagnostic study includes:

  • Review of the risk management structure
  • Review of underlying policies and procedures for overall risk
  • Capital management, including risk appetite and tolerance review
  • Underlying risk infrastructure, such as risk measurement and reporting frameworks, would be assessed at this stage.
  • Risk Identification
    At this stage, a library of processes and sub-processes is defined. The underlying risk under each of the sub-processes is then identified. In addition, the loss data capture processes are reviewed and defined. The template for capturing loss events is also defined under this stage.

    Risk Assessment & Measurement
    At this stage, risks are assessed based on templates specifically designed according to the nature of risk. In case of risks that can be quantified, the measurement models are defined. Additionally, at this stage, the loss data captured is analysed to assess the likely impact on an organisation's capital.

    Risk Control & Mitigation
    At this stage, underlying controls vis-à-vis the risks are identified and assessed for effectiveness and comprehensiveness. Based on the risk and control assessment, a corrective action plan is defined. In addition, a limit management framework to mitigate the impact of risks is defined.

    Risk Monitoring & Reporting
    At this stage, the risk management monitoring and reporting templates are defined, which would be critical to ensure that there is no oversight by the board of directors and senior management. The related reporting frequency and workflow is also defined.

    Risk Based Decision Making
    The ultimate objective of the ERM process is to ensure that risk management is embedded into strategic decision making. Accordingly, a framework for risk-based pricing and a risk-based portfolio strategy is designed to ensure risk-based decision making.