A Report on Enterprise Risk Management (ERM) at Etisalat Group
VerifiedAdded on 2023/06/11
|17
|4609
|118
Report
AI Summary
This report investigates the Enterprise Risk Management (ERM) approach of Etisalat Group, exploring its importance in achieving strategic objectives. It reviews the state-of-the-art in ERM, introduces Etisalat's core business activities, financial performance, and corporate view of risk management. The report discusses how organizations link strategy, business activities, financial performance, and risk management into a coherent framework. It also suggests risks and possible responses at each organizational level, evaluates the use of the COSO framework, and addresses difficulties in collating risk intelligence. The report concludes with recommendations for improving project-level risk management activities to enhance ERM capability within Etisalat.
Running Head: RISK MANAGEMENT 1
Enterprise Risk Management in Etisalat
Enterprise Risk Management in Etisalat
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
2
Table of Contents
Introduction...........................................................................................................................................3
Review of the state-of-the-art in Enterprise Risk Management.............................................................3
Introduction to the company, organization or business unit you have chosen to study. This should also
include a narrative on strategy, core business activities, recent financial performance and corporate
view of risk management.......................................................................................................................5
A narrative on how organisations link strategy, core business activities, financial performance and risk
management into a coherent dynamic framework.................................................................................7
Depending on the nature of the organisation, there are a number of factors that should be considered
when designing and planning an ERM initiative. Details of the risk architecture, strategy and
protocols should be recorded in a risk management policy for the organisation....................................8
Suggest risks and possible responses at each level of the organisation..................................................9
Evaluate how the COSO framework can be used to add value to organisational enterprise risk
management.........................................................................................................................................11
A narrative on the difficulties associated with collating and acting upon risk intelligence as a means
for value creation in organisations.......................................................................................................12
Recommendations for improvement to existing project level risk management activities in project
portfolio management to enhance ERM capability..............................................................................13
References...........................................................................................................................................14
Table of Contents
Introduction...........................................................................................................................................3
Review of the state-of-the-art in Enterprise Risk Management.............................................................3
Introduction to the company, organization or business unit you have chosen to study. This should also
include a narrative on strategy, core business activities, recent financial performance and corporate
view of risk management.......................................................................................................................5
A narrative on how organisations link strategy, core business activities, financial performance and risk
management into a coherent dynamic framework.................................................................................7
Depending on the nature of the organisation, there are a number of factors that should be considered
when designing and planning an ERM initiative. Details of the risk architecture, strategy and
protocols should be recorded in a risk management policy for the organisation....................................8
Suggest risks and possible responses at each level of the organisation..................................................9
Evaluate how the COSO framework can be used to add value to organisational enterprise risk
management.........................................................................................................................................11
A narrative on the difficulties associated with collating and acting upon risk intelligence as a means
for value creation in organisations.......................................................................................................12
Recommendations for improvement to existing project level risk management activities in project
portfolio management to enhance ERM capability..............................................................................13
References...........................................................................................................................................14
3
Introduction
The Etisalat Group explores the proactive risk management and its importance in
attaining the strategic objectives. In the internal control function of the group, the Enterprise
Risk Management (ERM) process, it makes sure that the main risk is explored, assessed as
well as managed around the Etisalat Group of companies. ERM framework of Etisalat offers
the right assurance that significant risks are studied and examined (Wu & Olson, 2015).
The Etisalat group hires the robust system of ERM that includes three defence lines
environment of internal control. In the day to day risk management, the first defence line
goes around the OpCos. This is highly governed by the previous procedures and policies, and
it also covers up regular perspective on explored risk as well as ongoing risk mitigation
management activities (Olson & Wu, 2010). The next defence line includes the corporate
functions that continue their accountability for monitoring and oversight of risks. Deducted
tasks like Finance (Revenue assurance and fraud management), legal, regulatory affairs, and
internal control (compliance and ERM) includes different activities to reduce and manage the
massive range of risks. Along with this, capabilities of agreement in the functions of internal
control are set up or emphasizing over the legal compliance issues like corruption and anti-
bribery.
The last line of defence offers the personal assurance about the company’s internal
control environment through conducting an internal audit, along with other functions of
reliability that are outlined in second defence line (Choi, Ye, Zhao & Luo, 2015). Both the
internal audit and internal control functions continue to move independently from the report
functionally and executive management to Etisalat Group Audit committee that is authorized
by the board of directors, to supervise the area.
Introduction
The Etisalat Group explores the proactive risk management and its importance in
attaining the strategic objectives. In the internal control function of the group, the Enterprise
Risk Management (ERM) process, it makes sure that the main risk is explored, assessed as
well as managed around the Etisalat Group of companies. ERM framework of Etisalat offers
the right assurance that significant risks are studied and examined (Wu & Olson, 2015).
The Etisalat group hires the robust system of ERM that includes three defence lines
environment of internal control. In the day to day risk management, the first defence line
goes around the OpCos. This is highly governed by the previous procedures and policies, and
it also covers up regular perspective on explored risk as well as ongoing risk mitigation
management activities (Olson & Wu, 2010). The next defence line includes the corporate
functions that continue their accountability for monitoring and oversight of risks. Deducted
tasks like Finance (Revenue assurance and fraud management), legal, regulatory affairs, and
internal control (compliance and ERM) includes different activities to reduce and manage the
massive range of risks. Along with this, capabilities of agreement in the functions of internal
control are set up or emphasizing over the legal compliance issues like corruption and anti-
bribery.
The last line of defence offers the personal assurance about the company’s internal
control environment through conducting an internal audit, along with other functions of
reliability that are outlined in second defence line (Choi, Ye, Zhao & Luo, 2015). Both the
internal audit and internal control functions continue to move independently from the report
functionally and executive management to Etisalat Group Audit committee that is authorized
by the board of directors, to supervise the area.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
4
Review of the state-of-the-art in Enterprise Risk Management
Enterprise risk management (ERM) holds the holistic approach towards the company
risk. A holistic approach is considered as the risk in the context of the group, gathered
components of risks or either the combination of risks for viewing the individual issue. While
analysing the enterprise risk management through the perspective of practitioners, who can
apply as well as practice any concepts related to management in the actual business world. In
the case of enterprise risk, one is a Casual actuarial society (CAS), as per CAS committee,
ERM is explained as a discipline through which companies in assessing the industry,
exploits, controls, monitors, and finance from every source, with an aim to enhance the
companies both short and long-term stakeholders value (Sun, Apley & Staum, 2011). To
undertake the detailed analysis of enterprise risk management in the context of this study, it is
essential to have an understanding of the critical viewpoints of risk management from
practitioner’s perspective.
The perception of the practitioners provides an ability to analyse the actual time
involved in organization risk management and differentiation in risk management in context
of practical and conceptual application. Therefore, this literature includes the few views of
practitioners over risk management. ERP is the new term that has come up as an ultimate
approach towards managing risk (Ansaripoor, Oliveira & Liret, 2014). This strategy has also
proved by the adequate performance, and the same make the company move from traditional
risk management towards ERP. The other definition of ERM for practitioners is that, it’s a
process through which companies methodically examine the risk related with activities. This
is usually known as enterprise risk management, and its aim is to increase the highest value in
these activities. As per Ho, Wu & Olson (2009), enterprise risk assists in managing the
complete organization activities in an aggregate way, which is different from the traditional
risk problems individually. Besides this, ERM emphasizes risk and mention it as a potential
Review of the state-of-the-art in Enterprise Risk Management
Enterprise risk management (ERM) holds the holistic approach towards the company
risk. A holistic approach is considered as the risk in the context of the group, gathered
components of risks or either the combination of risks for viewing the individual issue. While
analysing the enterprise risk management through the perspective of practitioners, who can
apply as well as practice any concepts related to management in the actual business world. In
the case of enterprise risk, one is a Casual actuarial society (CAS), as per CAS committee,
ERM is explained as a discipline through which companies in assessing the industry,
exploits, controls, monitors, and finance from every source, with an aim to enhance the
companies both short and long-term stakeholders value (Sun, Apley & Staum, 2011). To
undertake the detailed analysis of enterprise risk management in the context of this study, it is
essential to have an understanding of the critical viewpoints of risk management from
practitioner’s perspective.
The perception of the practitioners provides an ability to analyse the actual time
involved in organization risk management and differentiation in risk management in context
of practical and conceptual application. Therefore, this literature includes the few views of
practitioners over risk management. ERP is the new term that has come up as an ultimate
approach towards managing risk (Ansaripoor, Oliveira & Liret, 2014). This strategy has also
proved by the adequate performance, and the same make the company move from traditional
risk management towards ERP. The other definition of ERM for practitioners is that, it’s a
process through which companies methodically examine the risk related with activities. This
is usually known as enterprise risk management, and its aim is to increase the highest value in
these activities. As per Ho, Wu & Olson (2009), enterprise risk assists in managing the
complete organization activities in an aggregate way, which is different from the traditional
risk problems individually. Besides this, ERM emphasizes risk and mention it as a potential
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
5
risk alternative, instead of stressing over controlling risks. This is the main reason for the
companies to move from traditional risk towards ERM. Various authors hold common
approach towards ERM, as per Zhang, Avasarala & Subbu (2010), a company can efficiently
manage risk in two variant ways, and manage it at single time, which is referred as traditional
approach and manage all risks by considering every factor, while risk assessment is
conducted, and the same is known as holistic approach.
Factors such as increase in quantity of complicated issues like hazard risks that is
considered as pure risk, financial risk is known as business that enhances the uncertainty
between the corporate world, and create the corporate risks, as well as external pressure, for
example corporate governance like risk regulation, intervention of government in corporate
area by insisting the top management to ensure about holistic way, and develop the
combination of different parts of risk by collecting risk, that is considered a portfolio of risks
(Xu, Zhou & Wu, 2011). In case of Enterprise risk management, developing a risk portfolio
is the core objective, and it sums up the threat, a portfolio of risk by analysing the individual
components of risk within groups. One of the main features related to enterprise risk
management is seen as an opportunity for making advantages at an early stage, instead of
taking the measures to control it (Bogatai & Bogatai, 2007). In the today’s business world,
enterprise risk management has become new trends.
Introduction to the company, organization or business unit you have chosen to study.
This should also include a narrative on strategy, core business activities, recent financial
performance and corporate view of risk management
Core business activities
Etisalat is the famous and largest telecommunication company offering corporation in
the GCC. Its headquarters are located in Abu Dhabi, UAE. The company serves around 11.6
risk alternative, instead of stressing over controlling risks. This is the main reason for the
companies to move from traditional risk towards ERM. Various authors hold common
approach towards ERM, as per Zhang, Avasarala & Subbu (2010), a company can efficiently
manage risk in two variant ways, and manage it at single time, which is referred as traditional
approach and manage all risks by considering every factor, while risk assessment is
conducted, and the same is known as holistic approach.
Factors such as increase in quantity of complicated issues like hazard risks that is
considered as pure risk, financial risk is known as business that enhances the uncertainty
between the corporate world, and create the corporate risks, as well as external pressure, for
example corporate governance like risk regulation, intervention of government in corporate
area by insisting the top management to ensure about holistic way, and develop the
combination of different parts of risk by collecting risk, that is considered a portfolio of risks
(Xu, Zhou & Wu, 2011). In case of Enterprise risk management, developing a risk portfolio
is the core objective, and it sums up the threat, a portfolio of risk by analysing the individual
components of risk within groups. One of the main features related to enterprise risk
management is seen as an opportunity for making advantages at an early stage, instead of
taking the measures to control it (Bogatai & Bogatai, 2007). In the today’s business world,
enterprise risk management has become new trends.
Introduction to the company, organization or business unit you have chosen to study.
This should also include a narrative on strategy, core business activities, recent financial
performance and corporate view of risk management
Core business activities
Etisalat is the famous and largest telecommunication company offering corporation in
the GCC. Its headquarters are located in Abu Dhabi, UAE. The company serves around 11.6
6
million customers, and they have more than 300000 large, small, and medium enterprise and
government customers in the country (Enterprise Risk management, 2017).
Finances
A corporate view of risk management
Operational threats
Cybersecurity threats- the external cyber-attack threat around Etisalat network as well as
information technology infrastructure will continue, especially in North Africa and Middle
East areas. Both the IT and network security team try to proactively monitor all the activities
going around the group network for exploring and reducing the expected threats of
cybersecurity and breach of data privacy (Goh, Lim & Meng, 2007).
million customers, and they have more than 300000 large, small, and medium enterprise and
government customers in the country (Enterprise Risk management, 2017).
Finances
A corporate view of risk management
Operational threats
Cybersecurity threats- the external cyber-attack threat around Etisalat network as well as
information technology infrastructure will continue, especially in North Africa and Middle
East areas. Both the IT and network security team try to proactively monitor all the activities
going around the group network for exploring and reducing the expected threats of
cybersecurity and breach of data privacy (Goh, Lim & Meng, 2007).
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
7
The pressure of competition and prices- the Etisalat market operates are featured through the
increased competition level, including both new and existing, along with a reduction in cost,
substitution of technology, product and market convergence, as well as customer churn. The
group within the company try to analyse and monitor the market trends and invest in the
products, networks, and services provide to compete in an effective manner (Gaudenzi &
Borghesi, 2006).
Financial Risks
Exposure of foreign exchange- Etisalat is highly exposed towards the prevailing uncertainty
of international rate of exchange volatility in individual countries, in which they are working.
Mainly, this volatility might impact the consolidated outcome and total Etisalat investment
value in foreign operations. Group finances have also set up the policies, tools, and
procedures for monitoring, managing as well as reporting the exposures.
Other exposure to finance- Both the financial assets and liabilities of the group are exposed to
the different economic threats, which includes liquidity, the rate of interest as well as credit
risks (Wu, Blackhurst & Chidambaram, 2006).
The Etisalat internal control group functions try to develop the yearly plan, by
outlining the enterprise risk management as well as compliance activities that are approved
by the audit committee. Its primary objective is to strengthen the lying three defence model
lines by measuring the ERM maturing process as well as it also coordinates with compliance
activities around the group.
A narrative on how organisations link strategy, core business activities, financial
performance and risk management into a coherent dynamic framework.
Risk management is the primary function related to project-based companies, as well
as its ultimate aim to create the corporation value. In current years, various project-based
companies have tried to implement the system of project risk management for measuring and
The pressure of competition and prices- the Etisalat market operates are featured through the
increased competition level, including both new and existing, along with a reduction in cost,
substitution of technology, product and market convergence, as well as customer churn. The
group within the company try to analyse and monitor the market trends and invest in the
products, networks, and services provide to compete in an effective manner (Gaudenzi &
Borghesi, 2006).
Financial Risks
Exposure of foreign exchange- Etisalat is highly exposed towards the prevailing uncertainty
of international rate of exchange volatility in individual countries, in which they are working.
Mainly, this volatility might impact the consolidated outcome and total Etisalat investment
value in foreign operations. Group finances have also set up the policies, tools, and
procedures for monitoring, managing as well as reporting the exposures.
Other exposure to finance- Both the financial assets and liabilities of the group are exposed to
the different economic threats, which includes liquidity, the rate of interest as well as credit
risks (Wu, Blackhurst & Chidambaram, 2006).
The Etisalat internal control group functions try to develop the yearly plan, by
outlining the enterprise risk management as well as compliance activities that are approved
by the audit committee. Its primary objective is to strengthen the lying three defence model
lines by measuring the ERM maturing process as well as it also coordinates with compliance
activities around the group.
A narrative on how organisations link strategy, core business activities, financial
performance and risk management into a coherent dynamic framework.
Risk management is the primary function related to project-based companies, as well
as its ultimate aim to create the corporation value. In current years, various project-based
companies have tried to implement the system of project risk management for measuring and
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
8
managing the associated project risk. The Etisalat group hire the system of robust ERM that
creates the part of three defence lines within the internal control environment. The first
defence line is related to regular risk management around the (Blackhurst, Scheibe, &
Johnson, 2008). This is highly governed by the previous policies and procedures and also
cover up the day to day review of explored risks and regular risk mitigation activities
management.
The second defence line includes the corporate functions that are responsible towards
the monitoring and oversight of risks. Committed tasks like finance (revenue assurance and
fraud management), internal control (compliance and ERM), legal and regulatory affairs, that
conduct the different activities for reducing and managing the enormous risks (Heckmann,
Comes & Nickel, 2015). Along with this, compliance capabilities in the function of internal
control is set up for emphasizing over the legal compliance matters like corruption and anti-
bribery needs.
Depending on the nature of the organisation, there are a number of factors that should
be considered when designing and planning an ERM initiative. Details of the risk
architecture, strategy and protocols should be recorded in a risk management policy for
the organisation.
The process of ERM includes the identification, management, assessment as well as
regular review of the risks and uncertainties that can negatively create influence over Etisalat
ability for attaining the strategic aim. Evaluation of ordinary risk around different areas in
which Etisalat group operate through considering the explained tolerance level and risk
appetite. Assessment of risk and reduction is the essential part of group yearly business
budgeting and planning process. The ERM framework of Etisalat is linked with the global
best practices like ISO 31000 standards (Hult, Craighead & Ketchen, 2010). The Etisalat
group also monitor and conduct a review of risk principle that can impact the business,
managing the associated project risk. The Etisalat group hire the system of robust ERM that
creates the part of three defence lines within the internal control environment. The first
defence line is related to regular risk management around the (Blackhurst, Scheibe, &
Johnson, 2008). This is highly governed by the previous policies and procedures and also
cover up the day to day review of explored risks and regular risk mitigation activities
management.
The second defence line includes the corporate functions that are responsible towards
the monitoring and oversight of risks. Committed tasks like finance (revenue assurance and
fraud management), internal control (compliance and ERM), legal and regulatory affairs, that
conduct the different activities for reducing and managing the enormous risks (Heckmann,
Comes & Nickel, 2015). Along with this, compliance capabilities in the function of internal
control is set up for emphasizing over the legal compliance matters like corruption and anti-
bribery needs.
Depending on the nature of the organisation, there are a number of factors that should
be considered when designing and planning an ERM initiative. Details of the risk
architecture, strategy and protocols should be recorded in a risk management policy for
the organisation.
The process of ERM includes the identification, management, assessment as well as
regular review of the risks and uncertainties that can negatively create influence over Etisalat
ability for attaining the strategic aim. Evaluation of ordinary risk around different areas in
which Etisalat group operate through considering the explained tolerance level and risk
appetite. Assessment of risk and reduction is the essential part of group yearly business
budgeting and planning process. The ERM framework of Etisalat is linked with the global
best practices like ISO 31000 standards (Hult, Craighead & Ketchen, 2010). The Etisalat
group also monitor and conduct a review of risk principle that can impact the business,
9
reputation and financial performance. While various other risks are existing, it even
breakdown different and essential threats are going around different operations of the
company.
Suggest risks and possible responses at each level of the organisation
The risk radar of Etisalat depict the business risk in the telecommunication sector
through categorizing the risk in around four quadrants, which correspond towards the
universe risk model, these quadrants are related with compliance threats, which originate in
law, policies, and corporate governance; operational threats that affect the process, people,
system and complete business value chain; strategic threats that are related with competitors,
customers and investors, and financial threats that stemmed through the market vitality in the
actual economy (Demarzo, Fishman, He & Wang, 2012). Below is the figure that shows the
risk ongoing in telecom sectors in the year 2014.
reputation and financial performance. While various other risks are existing, it even
breakdown different and essential threats are going around different operations of the
company.
Suggest risks and possible responses at each level of the organisation
The risk radar of Etisalat depict the business risk in the telecommunication sector
through categorizing the risk in around four quadrants, which correspond towards the
universe risk model, these quadrants are related with compliance threats, which originate in
law, policies, and corporate governance; operational threats that affect the process, people,
system and complete business value chain; strategic threats that are related with competitors,
customers and investors, and financial threats that stemmed through the market vitality in the
actual economy (Demarzo, Fishman, He & Wang, 2012). Below is the figure that shows the
risk ongoing in telecom sectors in the year 2014.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
10
These risk relate to failure in realizing the new roles associated with evolving
structure of market; failure to having regulatory certainty over new structure of market;
avoiding the new privacy and security imperatives; failure in enhancing the agility of
organization; failure to have data integrity for driving efficiency and growth; inability to have
performance measurement in driving the execution; lack of understanding about value of
customers; inability in adequately extracting the value from the network assets; wrongly
explaining the inorganic agenda of growth; and failure to adopting the innovative routes
(Nejad & Kuzgunkaya, 2015).
As noted, telecom business looks quite comparatively in managing the risks of
information security. Etisalat had started taking action for achieving the improved ongoing
insight level and ecosystem intelligence in the dynamic threats and vulnerabilities. Telecom
companies are boosting their information related to security budgets importantly. In this year,
the survey explored that the average of security budgets was US$5.4 billion, which includes
the gain of 35% by the year 2012 (Nejad & Kuzgunkaya, 2015). In the context of complete,
IT was spending increased to an average of US$162 million by the year 2013, which included
the rise of 17% in the last year. Despite this rise, the budgets of information security depict
These risk relate to failure in realizing the new roles associated with evolving
structure of market; failure to having regulatory certainty over new structure of market;
avoiding the new privacy and security imperatives; failure in enhancing the agility of
organization; failure to have data integrity for driving efficiency and growth; inability to have
performance measurement in driving the execution; lack of understanding about value of
customers; inability in adequately extracting the value from the network assets; wrongly
explaining the inorganic agenda of growth; and failure to adopting the innovative routes
(Nejad & Kuzgunkaya, 2015).
As noted, telecom business looks quite comparatively in managing the risks of
information security. Etisalat had started taking action for achieving the improved ongoing
insight level and ecosystem intelligence in the dynamic threats and vulnerabilities. Telecom
companies are boosting their information related to security budgets importantly. In this year,
the survey explored that the average of security budgets was US$5.4 billion, which includes
the gain of 35% by the year 2012 (Nejad & Kuzgunkaya, 2015). In the context of complete,
IT was spending increased to an average of US$162 million by the year 2013, which included
the rise of 17% in the last year. Despite this rise, the budgets of information security depict
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
11
the 3.4% of total IT spending, which is relatively less investment and had even stayed
constant in current years (Sawik, 2011).
Other progress measures that were taken by Etisalat was gleaned through how
correctly executives understand their program of organization security with the business
strategy and entire spending. In this manner, the optimism of Etisalat was robust. In this
context, 72% of the survey participants mention that security strategy is linked to the
particular requirements of the business (Wakolbinger & Cruz, 2011). This kind of feedback
depicts from top to bottom, and in this security had become elemental components related to
corporate culture and excellent business imperative, but simultaneously, it was a challenge
for IT.
Evaluate how the COSO framework can be used to add value to organisational
enterprise risk management
The committee of sponsoring organizations of the Treadway Commission (COSO)
had published the standards of enterprise risk management in the year 2004. The ERM cube
of COSO is popularly known as practitioners of risk management, and it offers a framework
for undertaking the ERM practices. It had attained considerable profitable influence, after
linking with the Sarbanes Oxley needs for organizations listed in America. In the year 2009,
ISO 31000 has also published the globally agreed standards for implementing the principles
of risk management (Nejad & Kuzgunkaya, 2015). Previously, ERM practices were applied
to emphasize the value protection and functions of risk with exploring the organization
business objectives threats. Rapidly, it had included different external threats, while assessing
the underlying issues to understand how the business is undertaken (Wu, Huang, Blackhurst,
Zhang & Wang, 2013). But during this implementation, the focus of ERM over the dangers,
risk down siding, missing upside, when it was made the essential element in the process of
decision making. It also consults the ability to spot and assess the risks of helping the
the 3.4% of total IT spending, which is relatively less investment and had even stayed
constant in current years (Sawik, 2011).
Other progress measures that were taken by Etisalat was gleaned through how
correctly executives understand their program of organization security with the business
strategy and entire spending. In this manner, the optimism of Etisalat was robust. In this
context, 72% of the survey participants mention that security strategy is linked to the
particular requirements of the business (Wakolbinger & Cruz, 2011). This kind of feedback
depicts from top to bottom, and in this security had become elemental components related to
corporate culture and excellent business imperative, but simultaneously, it was a challenge
for IT.
Evaluate how the COSO framework can be used to add value to organisational
enterprise risk management
The committee of sponsoring organizations of the Treadway Commission (COSO)
had published the standards of enterprise risk management in the year 2004. The ERM cube
of COSO is popularly known as practitioners of risk management, and it offers a framework
for undertaking the ERM practices. It had attained considerable profitable influence, after
linking with the Sarbanes Oxley needs for organizations listed in America. In the year 2009,
ISO 31000 has also published the globally agreed standards for implementing the principles
of risk management (Nejad & Kuzgunkaya, 2015). Previously, ERM practices were applied
to emphasize the value protection and functions of risk with exploring the organization
business objectives threats. Rapidly, it had included different external threats, while assessing
the underlying issues to understand how the business is undertaken (Wu, Huang, Blackhurst,
Zhang & Wang, 2013). But during this implementation, the focus of ERM over the dangers,
risk down siding, missing upside, when it was made the essential element in the process of
decision making. It also consults the ability to spot and assess the risks of helping the
12
organization in developing the value and seizing the competitive benefits. Through COSO
2004 publication of ERM, the risk management undertook the essential steps. The framework
came as the base for conducting conventional risk thinking. Buts its implementation in
various companies emphasizes over isolation, mitigation, and management of known risks
(Giannakis & Louis, 2011).
In the last few years, Etisalat operating environment had expanded as complex, highly
technologically driven, international, as well as involved risk and business leaders that needs
high ability to explore, assess as well as prepare the external focuses that might impact the
strategy of organization; shift the conditions that might affect the strategy assumptions, and
risk that might came through carrying out the procedure (Giannakis & Louis, 2011).
A narrative on the difficulties associated with collating and acting upon risk intelligence
as a means for value creation in organisations.
The risk intelligence is referred as the subset of the executive team of management.
Its primary role is to come together for examining the risks of enterprise and actions that are
taken for reducing them, review and aggregate the information of risk from various groups in
business and even escalate the risk problems to the board, in case it’s required. The problem
is that, in fact of risk intelligence, responsibilities are pass on to the existing executive
committee, if the company had a proper mix of members (Giannakis & Louis, 2011). In risk
intelligence, just like various companies approach towards enterprise risk management act as
an essential part of managing the strategy and operations of the enterprise, or either as the
soloed process. In the risk intelligent enterprise management, it is analysed that the
executives dissect every action that can help in creating value and undertake the potential
risk. They also identify the discussion on risk and value cannot be separated, and therefore,
risk is viewed as the decision driver, instead of results of decision that is already taken.
organization in developing the value and seizing the competitive benefits. Through COSO
2004 publication of ERM, the risk management undertook the essential steps. The framework
came as the base for conducting conventional risk thinking. Buts its implementation in
various companies emphasizes over isolation, mitigation, and management of known risks
(Giannakis & Louis, 2011).
In the last few years, Etisalat operating environment had expanded as complex, highly
technologically driven, international, as well as involved risk and business leaders that needs
high ability to explore, assess as well as prepare the external focuses that might impact the
strategy of organization; shift the conditions that might affect the strategy assumptions, and
risk that might came through carrying out the procedure (Giannakis & Louis, 2011).
A narrative on the difficulties associated with collating and acting upon risk intelligence
as a means for value creation in organisations.
The risk intelligence is referred as the subset of the executive team of management.
Its primary role is to come together for examining the risks of enterprise and actions that are
taken for reducing them, review and aggregate the information of risk from various groups in
business and even escalate the risk problems to the board, in case it’s required. The problem
is that, in fact of risk intelligence, responsibilities are pass on to the existing executive
committee, if the company had a proper mix of members (Giannakis & Louis, 2011). In risk
intelligence, just like various companies approach towards enterprise risk management act as
an essential part of managing the strategy and operations of the enterprise, or either as the
soloed process. In the risk intelligent enterprise management, it is analysed that the
executives dissect every action that can help in creating value and undertake the potential
risk. They also identify the discussion on risk and value cannot be separated, and therefore,
risk is viewed as the decision driver, instead of results of decision that is already taken.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 17
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.