Enterprise Risk Management (ERM) is a rigorous approach to assessing and addressing risks from all sources that threaten the achievement of an organization’s strategic objectives. ERM treats managing risk holistically and strategically.
In 2006, Washington state joined other private and public sector entities striving to implement ERM as a corporate or statewide practice. Initial efforts involved a maturity model assessment tool, which the Office of Risk Management (ORM) risk specialists used to help state agencies assess their risk management commitment and activities.
ORM is committed to assisting agencies understand and apply ERM through ongoing training, information and resources. Part of this educational process is made available through the the Risk Management Basics manual – this ORM manual defines ERM in detail. For more information call Jean Jelinek at 360-407-8158.
Risk can be created by any event or outcome that has the potential to interfere with an agency’s ability to achieve its mission on time.
Enterprise Risk Management (ERM) is the discipline and its associated processes of applying a risk evaluation to each agency goal, identifying root causes of these risks, determining—as an enterprise—what changes (i.e., risk treatments) are best to address the root causes, and then monitoring the success of the risk treatments. Treatments can include:
For example, insurance transfers the possible cost of risk to the insurance company. An early resolution program minimizes the cost of negligence by resolving claims before they become lawsuits. Changing a policy and procedure so that employees know what to do in certain situations can prevent negative outcomes. Abandoning an activity that had resulted in injury eliminates the risk posed by the activity.
When you have completed steps 1 through 6 you have started the ERM process.