Skip Ribbon Commands
Skip to main content


What is ERM?

Enterprise Risk Management (“ERM”) is a strategic business discipline that supports the achievement of an organization’s objectives by addressing the full spectrum of its risks and managing the combined impact of those risks as an interrelated risk portfolio.

ERM represents a significant evolution beyond previous approaches to risk management in that it:

  1. Encompasses all areas of organizational exposure to risk (financial, operational, reporting, compliance, governance, strategic, reputational, etc.);
  2. Prioritizes and manages those exposures as an interrelated risk portfolio rather than as individual “silos”;
  3. Evaluates the risk portfolio in the context of all significant internal and external environments, systems, circumstances, and stakeholders;
  4. Recognizes that individual risks across the organization are interrelated and can create a combined exposure that differs from the sum of the individual risks;
  5. Provides a structured process for the management of all risks, whether those risks are primarily quantitative or qualitative in nature;
  6. Views the effective management of risk as a competitive advantage; and
  7. Seeks to embed risk management as a component in all critical decisions throughout the organization.


Risk Knowledge is a searchable library of relevant information for today's risk professionals. Available materials include RIMS Executive Reports, survey findings.

Search By Categories
Search By Types
Search By Date


Access the most comprehensive directory of solution providers for risk professionals.


Lloyd's is often the first to insure new, unusual or complex risks...

RWH Myers

RWH Myers is committed to helping the Risk Manager through business interruption and...


PwC understands that significant risk is rarely confined to discrete areas...