Back Bedryfsrisikobestuur Afrikaans إدارة مخاطر المؤسسة Arabic Enterprise Risk Management German Enterprise risk management Spanish Կազմակերպության ռիսկերի կառավարում Armenian Manajemen risiko korporasi ID Enterprise Risk Management Italian Управление рисками организаций Russian Kurumsal risk yönetimi Turkish 企业风险管理 Chinese
Enterprise risk management (ERM) is an organization-wide approach to identifying, assessing, and managing risks that could impact an entity's ability to achieve its strategic objectives. ERM differs from traditional risk management by evaluating risk considerations across all business units and incorporating them into strategic planning and governance processes.
ERM addresses broad categories of risk, including operational, financial, compliance, strategic, and reputational risks. ERM frameworks emphasize establishing a risk appetite, implementing governance, and creating systematic processes for risk monitoring and reporting.
Enterprise risk management has been widely adopted across industries, particularly highly regulated sectors such as financial services, healthcare, and energy. Implementation is often guided by established frameworks, notably the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Enterprise Risk Management Framework (updated in 2017) and the International Organization for Standardization's ISO 31000 risk management standard.