Diffusion of Enterprise Risk Management in Greek companies

Abstract

In an extremely volatile business environment, all companies have to deal with a wide range of risks that pose threat to their organization longevity. Traditional risk management is not sufficient to handle modern risks or to fully take advantage of them. Risk management needs to be done centrally, across all the organization’s functions, with a common approach and a common set of goals. Enterprise Risk Management can be used as a solution to this issue and if implemented properly can be used by any organization as a tool to help maximize its profits, minimize its losses, and increase the overall value generated. One of the problems researchers face when investigating the implementation of ERM is the lack of a robust method for evaluating the level of implementation and integration of ERM in an organization’s functions. This thesis addresses the aforementioned problem by proposing a reliable ERM measurement method. For the purposes of this thesis, a questionnaire was created which was communicated and answered by companies all over Greece. The data gathered were evaluated and graded with the use of dedicated grading matrixes which were then used as an input for a maturity model. Based on this information, the maturity level for each organization was assessed, as well as a general overview of the maturity level in Greece was defined. Furthermore, by analyzing the data, an insight was gained on the practices used by Greek companies regarding to risk management and the business tools that they use.