ERM Roles and Responsibilities.docx - ERM Roles and Responsibilities The board of directors management risk officers financial officers internal

ERM Roles and Responsibilities.docx - ERM Roles and...

This preview shows page 1 - 3 out of 5 pages.

ERM Roles and Responsibilities The board of directors, management, risk officers, financial officers, internal auditors, and, indeed, every individual within an organization contribute to effective ERM. A brief description of their role and responsibilities in ERM are as follows. 1. Board of directors. While the board has some role throughout all aspects of ERM, most of its responsibilities relate to the risk governance and culture component. The board’s primary role relates to principle #1, its risk oversight responsibility. The board also helps management establish the governance and operating models, define culture and desired behaviors, demonstrate commitment to integrity and ethics, and assign accountability and authority for risk management. 2. Management. Management is responsible for carrying out all activities of an organization, including ERM. In fact, management is responsible for aspects of all five components of ERM. However, these responsibilities will vary, depending on the level in the organization and the organization’s characteristics. The CEO is ultimately responsible for the effectiveness and success of ERM. One of the most important aspects of this responsibility is ensuring that a positive and ethical tone is set. The CEO influences the composition and conduct of the board, provides leadership and direction to senior managers, and monitors the organization’s overall risk activities in relation to its risk appetite. When evolving circumstances, emerging risks, strategy implementation, or anticipated actions indicate potential misalignment with risk criteria, the CEO takes the necessary actions to re-establish alignment. Senior managers in charge of the various organizational units have responsibility for managing risks related to their specific units’ objectives. They convert the organization’s overall strategy into ongoing operations activities, identify potential risk events, assess the related risks, and implement actions to manage those risks. Managers guide the application of the organization’s ERM components relative to and within their spheres of responsibility, ensuring the application of those components is consistent with the board’s and management’s
Image of page 1
levels of acceptable variation in performance. They assign
Image of page 2
Image of page 3

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture