ebook img

Enterprise Risk Management: Advances on its Foundation and Practice PDF

211 Pages·2019·2.326 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Enterprise Risk Management: Advances on its Foundation and Practice

Enterprise Risk Management Enterprise Risk Management: Advances on its Foundation and Practice relates the fundamental enterprise risk management (ERM) concepts and current generic risk assessment and management principles that have been influential in redefining the risk field over the last decade. It defines ERM with a particular focus on understanding the nexus between risk, uncertainty, knowledge and performance. The book argues that there is critical need for ERM concepts, principles and methods to adapt to the latest and most influential risk management developments, as there are several issues with outdated ERM theories and practices; problems include the inability to effectively and systematically balance both opportunity and downside performance, or relying too much on narrow probability-based perspectives for risk assessment and decision-making. It expands traditional loss-based risk principles into new and innovative performance-risk frameworks, and presents fundamental risk principles that have recently been developed by the Society for Risk Analysis (SRA). All relevant statistical and risk concepts are clearly explained and interpreted using minimal mathematical notation. The focus of the book is centered around ideas and principles, more than technicalities. The book is primarily intended for risk professionals, researchers and graduate students in the fields of engineering and business, and should also be of interest to executive managers and policy makers with some background in quantitative methods such as statistics. Terje Aven is Professor of Risk Analysis and Risk Management at the University of Stavanger, Norway. He has recently served as Chair of the European Safety and Reliability Association (ESRA) and as the President of Society for Risk Analysis (SRA) worldwide. He is Editor-in-Chief of the Journal of Risk and Reliability, and Associate Editor for Risk Analysis. Shital Thekdi is Associate Professor of Management at the University of Richmond, USA. Enterprise Risk Management Advances on its Foundation and Practice Terje Aven and Shital Thekdi First published 2020 by Routledge 2 Park Square, Milton Park, Abingdon, Oxon OX14 4RN and by Routledge 52 Vanderbilt Avenue, New York, NY 10017 Routledge is an imprint of the Taylor & Francis Group, an informa business © 2020 Terje Aven and Shital Thekdi The right of Terje Aven and Shital Thekdi to be identified as authors of this work has been asserted by them in accordance with sections 77 and 78 of the Copyright, Designs and Patents Act 1988. All rights reserved. No part of this book may be reprinted or reproduced or utilised in any form or by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying and recording, or in any information storage or retrieval system, without permission in writing from the publishers. Trademark notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe. British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library Library of Congress Cataloging-in-Publication Data Names: Aven, Terje, author. Title: Enterprise risk management : advances on its foundation and practice / Terje Aven and Shital Thekdi. Description: Abingdon, Oxon ; New York, NY : Routledge, 2020. | Includes bibliographical references and index. Identifiers: LCCN 2019043725 (print) | LCCN 2019043726 (ebook) | ISBN 9781138386235 (hbk) | ISBN 9780429425028 (ebk) Subjects: LCSH: Risk management. | Uncertainty. Classification: LCC HD61 .A936 2020 (print) | LCC HD61 (ebook) | DDC 658.15/5—dc23 LC record available at https://lccn.loc.gov/2019043725 LC ebook record available at https://lccn.loc.gov/2019043726 ISBN: 978-1-138-38623-5 (hbk) ISBN: 978-0-429-42502-8 (ebk) Typeset in Bemo by Apex CoVantage, LLC. Contents Preface ix Acknowledgements xiii 1 Some illustrating examples 1 1.1 The GM ignition switch scandal 1 1.2 The Volkswagen emission case 2 1.3 Risk in information technology – Equifax data breach 4 2 What is risk and enterprise risk? 6 2.1 The risk and enterprise risk concepts 6 2.2 Measuring or describing risk. How big is the risk? 10 3 Basic principles of ERM 18 3.1 General risk management principles 18 3.2 A risk management framework based on the distinction between general knowledge and specific knowledge 23 3.3 More specific ERM principles 39 3.4 ERM program 40 3.5 A taxonomy of ERM maturity 41 4 Distinguishing between ERM and Task (project) Risk Management (TRM) 46 4.1 A framework for ERM 46 4.2 The ship metaphor 49 4.3 Cases showing why ERM must overrule TRM 53 4.4 Discussion 56 4.5 Conclusions 57 vi Contents 5 Potential surprises and the unforeseen (black swans) 59 5.1 Clarification of concepts. Different types of surprises 60 5.2 Assessing and managing black swans 64 6 Integrating performance, risk and resilience-based thinking and methods 77 6.1 Background and context 77 6.2 Historical impetus for the risk and performance fields to diverge 79 6.3 Common and disagreeing principles for performance and risk 80 6.4 Proposed performance-risk perspective 83 6.5 Case study I 89 6.6 Case study II 99 6.7 Conclusions 105 7 Balancing different concerns, by seeing beyond traditional cost-benefit types of analysis using expected values 107 7.1 P erformance and the need for addressing other aspects – the use of performance requirements 107 7.2 Cost-benefit type of analysis 109 7.3 D ecision-makers’ perspective on uncertainties and risks not reflected by analysts 112 7.4 How can analysts better meet decision-makers’ needs? 113 7.5 Conclusions and recommendations 114 7.6 Case study 115 8 Improving ERM practices 124 8.1 Challenges with obtaining and coordinating risk resources 124 8.2 Challenges with maintaining and growing risk expertise 125 8.3 Challenges with maintaining and growing a risk culture 126 8.4 Challenges with applying appropriate risk practices, that aligns with organizations needs 127 8.5 Methods for troubleshooting common issues in ERM and ERM programs 128 8.6 Addressing key issues resulting from the troubleshooting process 129 9 Revisiting key case study issues 135 9.1 The GM ignition switch scandal 135 9.2 The Volkswagen emission case 142 9.3 Risk in information technology – Equifax data breach 145 Contents vii References 149 Appendices 161 Appendix A. Terminology 163 Appendix B. Basic probability theory 172 Appendix C. Basic ERM theory 184 Appendix D. Critical thinking case studies 187 Index 190 Preface In recent years, ERM has elevated into a common and critical tool for mod- ern organizations, including commerce, engineering, public sector, policy and healthcare. ERM provides the concepts, frameworks, principles, methods and models for how to conceptualize, understand, assess and manage all relevant risks in a holistic way. Considerable literature has been developed – including standards like the Committee of Sponsoring Organizations of the Treadway Commission (COSO) framework (COSO 2018) – to guide organizations on how to best implement this tool in practice. This literature is influenced by risk management knowledge in general, but it is also to a large extent tailor-made for the enterprise and business context. The present book is based on the conviction that there is a potential for significant improvements in ERM foundation and practice by using recent advances in the risk field and science. These advances relate to conceptualiza- tion and characterization of risk, as well as fundamental principles for assess- ment and management of risk. Specifically, this book focuses on improving the understanding of the nexus between risk, uncertainty, knowledge and performance. It expands tra- ditional loss-based risk perspectives to new and innovative performance-risk frameworks. The current distinction between risk related to events having negative or undesirable impacts on the one hand and opportunities related to events with positive impacts on the other, is considered inadequate and is replaced by broader risk concepts in line with current ideas and principles of generic risk analysis and management. These concepts are supported by fundamental risk theory research and are endorsed and further developed by the SRA in a series of publications (SRA 2015a, 2015 b, 2017a, 2017 b). The SRA work has been conducted by a broad group of senior risk scien- tists, and is informed by and relevant for a wide variety of applications and disciplines, including business, engineering, public health, policy, safety and communication. The book also aims at providing new insights in other ways. Four areas are considered of special importance: Firstly, the book clarifies and reflects on the difference between overall enter- prise risks and more specific task or project risks, as introduced and discussed

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.