Enterprise Risk Management (ERM) is the process by which organizations identify and manage a broad portfolio of significant risks in an integrated way. ERM is foundational for organizations of all sizes to ensure that they are prepared to the extent possible to mitigate and/or capitalize, as appropriate, on risks to their organizational strategy. In the fall of 2020 through the Spring of 2021, APQC partnered with Dr. Paul Walker (Schiro/Zurich Chair in Enterprise Risk Management at St. John’s University) to carry out the Evolving Practices in Enterprise Risk Management study. The purpose of the study was to understand current practices and tools for ERM and how these practices are evolving in light of the COVID-19 pandemic.
This white paper summarizes the results of the study and provides guidance about:
- how leading organizations set up governance and reporting structures for ERM;
- common ERM processes and practices; and
- ERM benefits, measures, and results.