Enterprise Risk Management Implementation Research Articles

Enterprise Risk Management: Internal Auditor’s Role Perspective

The role of internal auditor in enterprise risk management (ERM) implementation is being highlighted by Institute of Internal Auditors (IIA) in 1999 where internal audit scope is to include assurance and consulting activities in risk management, control and governance. Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its integrated framework in 2004 (updated in 2017). After announcing of the released COSO framework in 2004, IIA then released a statement in the commencement of internal auditor’s role in risk management. Both internal and external audit are said to play a key role in the effectiveness of risk management within their organization. However, even though ERM has been introduced in 2004, the implementation is still not widely used and outgrowing. Since many organizations are still in developing their own risk management procedure, there are many arguments and debates over the involvement and the role of internal audit in risk management. The purpose of this paper is to highlight the issues and challenges which are faced by internal auditors in conducting their role in auditing risk management of an organization.

Does internal control process and firm characteristics improve firm value? An empirical analysis in the manufacturing sector.

The purpose of this research is to investigate the role of enterprise risk management (ERM), Big4 auditors and firm characteristics on firm value. This population study was conducted in the Indian manufacturing sector. Annual panel data for 11 years (2007–2017) was collected from 60 firms on the National Stock Exchange (NSE). Empirical findings prove that there is variation in Tobin’s Q but no difference in return on assets (ROA) and return on equity (ROE) among firms that have implemented ERM and included Big4 audit firms. The study documents that Q was influenced by the implementation of ERM, liquidity, firm age and firm size. Findings reveal that ERM, firm size, leverage, firm age, liquidity and firm complexity impacted ROA. The study outcome also shows ROE was affected by leverage, firm size, liquidity and firm complexity. This study is a valuable addition to the existing studies on the Indian manufacturing sector and has contributed incredible insights to the empirical literature on firm value from the multidimensional outlook of the purchasers, management, and investors. The findings have several implications for investors, managers and researchers.

Enterprise Risk Management and Earnings Volatility: Investigating the Role of Care Ethics

This study analyzes the impact of the ethics of care implementation, complemented by the effectiveness of enterprise risk management (ERM), on earnings volatility; and to investigate the moderating or mediating role of care ethics in the association. Care ethics emphasizes a good relationship with other stakeholders. This is interpreted in the corporate risk management context with adequate precautionary efforts to mitigate risks. Moreover, the complementary nature of care ethics and ERM implementation has been argued to affect a company’s performance in terms of earnings volatility. Data from a sample of companies listed on the Indonesia Stock Exchange were collected for the period 2012–2016. Quantitative data were analyzed using descriptive statistics and panel regression. From the ethics of care perspective, companies are expected to manage the risks effectively, which is represented in the effectiveness of ERM implementation. The results confirm this proposition, that is, ERM complements care ethics principles applied by a company in alleviating earnings volatility. The additional analysis shows that care ethics strengthens the association between ERM and earnings volatility. ERM is a growing research topic and has been investigated in previous studies. This research complements the previous studies by presenting an alternative, innovative perspective to analyze the effectiveness of ERM in correspondence with the spirit of care ethics.

The challenges of implementing enterprise risk management: a study on manufacturing companies in the Tehran Stock Exchange

Implementing enterprise risk management (ERM) is one of the important solutions in reducing the uncertainty and survival of companies. The study aims to explore the challenges of implementing ERM and possible solutions that may address these challenges in the manufacturing companies listed in the Tehran Stock Exchange. In the study, semi-structured interviews with the ERM experts among selected Iranian manufacturing companies are used. The identified challenges related to implementing ERM include intra-organisational and extra-organisational challenges. Intra-organisational challenges include risk governance, risk culture, ERM process, and infrastructures. Besides, extra-organisational challenges include the roles of government and policymakers, political and economic conditions, international restrictions, and the lack of a competitive environment (exclusiveness). Our study found that establishment of a risk committee, strengthening risk culture through ERM training top management commitment to ERM and the provision of sufficient funds were the factors that may be used to mitigated ERM implementation challenges.

The challenges of implementing enterprise risk management: a study on manufacturing companies in the Tehran Stock Exchange

The challenges of implementing enterprise risk management: a study on manufacturing companies in the Tehran Stock Exchange

Enterprise Risk Management (ERM) Practices to Achieve Long Term and Sustainable Organization’s Goals: Case of Institut Teknologi Bandung (ITB)

Every choice made in the pursuit of objectives has its risks. From day-to-day operational decisions to the fundamental trade-offs in the boardroom, dealing with uncertainty in these choices is a part of the organizational lives. A strategy is nothing more than a commitment to a set of coherent, mutually reinforcing policies or behaviours aimed at achieving a specific competitive goal. In order to ensure the implementation of efforts and the allocation of resources to achieve strategic goals, top management should conduct integrated risk management practices to all activities/initiatives of the organization’s management, both individually and collectively. Risk management is an intrinsic part of business planning and decision making. No direction is taken without looking at the potential risks and comparing them against the organization’s risk appetite. This paper aims to research in general the practice of enterprise risk management within Institut Teknologi Bandung (ITB) as a well-known and public-state-owned university in Indonesia. This research concludes that the enterprise risk management implementation is not fully implemented yet within ITB as an enterprise. Almost all respondents agree that the implementation of enterprise risk management has a positive and significant influence on the organization’s objectives achievement. Improving university performance overall will require an effective enterprise risk management practice. Author highly recommends ITB to adopt risk management practice based on ISO-31000 standard, and it can be combined with other risk management standards available nowadays if necessary. ITB needs to start the implementation at the soonest as possible, in order to maintain its strategic position as a top university in Indonesia, increase its competitive advantages to compete in the global scale, and at the same time achieving its vision and mission in a long-term and sustainable manner.

The Impact of Enterprise Risk Management and Sustainability Reporting on Business Performance of Listed Enterprises on Vietnam Stock Market

Enterprise Risk Management (ERM) is becoming a critical issue in the current dynamic environment where organizations have been exposed to more risks from different perspectives. Additionally, Sustainability Reporting also emerges as one of the burning topics in recent management literature. This paper examines whether ERM implementation and Sustainability Reporting could bring any effect on the business performance of Vietnamese listed companies. The paper constructs the index to measure the level of ERM implementation of listed firms in Vietnam and uses the generalized least square method (GLS) to analyze the impact of these two concerns on business performance. The regression results indicate that there are significant positive relationships between ERM as well as Sustainability Reporting and the business performance of listed companies on the Vietnam stock exchange over the period 2016-2019. The result strengthens the previous studies that companies with more sustainability disclosure and more efficient ERM implementation are likely to be better in terms of financial performance and market performance. Moreover, there is growing support for the argument that companies will improve their performance by employing the ERM concept and enhancing sustainability transparency to stakeholders.

The Impact of Enterprise Risk Management and Sustainability Reporting on Business Performance of Listed Enterprises on Vietnam Stock Market

Enterprise Risk Management (ERM) is becoming a critical issue in the current dynamic environment where organizations have been exposed to more risks from different perspectives. Additionally, Sustainability Reporting also emerges as one of the burning topics in recent management literature. This paper examines whether ERM implementation and Sustainability Reporting could bring any effect on the business performance of Vietnamese listed companies. The paper constructs the index to measure the level of ERM implementation of listed firms in Vietnam and uses the generalized least square method (GLS) to analyze the impact of these two concerns on business performance. The regression results indicate that there are significant positive relationships between ERM as well as Sustainability Reporting and the business performance of listed companies on the Vietnam stock exchange over the period 2016-2019. The result strengthens the previous studies that companies with more sustainability disclosure and more efficient ERM implementation are likely to be better in terms of financial performance and market performance. Moreover, there is growing support for the argument that companies will improve their performance by employing the ERM concept and enhancing sustainability transparency to stakeholders.

Empirical investigation of risk management practices

In risk management research, dealing with known risks and helping companies foresee new risks are areas for subject matter experts. In practice, risk management is often perceived as a set of formal tools and procedures that must be delegated to the professionals. Despite this overall perception of risk, general managers, department managers, and other senior or line managers in organizations deal with questions associated with risk on a daily basis. They are, therefore, sometimes—even without consciously realizing it—involved in risk management practices. This article aims to analyze 'managers' involvement in risk management by empirically exploring how managers identify, assess, and respond to risks. Based on thematic analysis of observational and interview data, management practices used to manage risks were identified, and risk management as a non-linear process that is anchored on the strategic and operational levels and supported by learning from failures was defined. Two different ways of risk management can co-exist in an organization as a result of formal Enterprise Risk Management implementation.

The Effect of Enterprise Risk Management on Ameliorating Competitive Advantage: A Cross-Sectional Study of Software Houses in Pakistan

In the current dynamic environment, organizations need a more anticipatory and effective risk management system. Implementing the holistic Enterprise Risk Management (ERM) process will perceive, analyze, and assess risks as they must be regarded from the entire enterprise’s perspective. The research aims to empirically analyze the effect of ERM practices on the Competitive Advantage (CA) and examine the moderating role of Organizational Culture (OC) in the Software industry of Pakistan. The primary data were obtained from 250 respondents through the questionnaire method. The validity and reliability were analyzed by using Structural Equation Modeling Analysis, PLS Algorithm, and Bootstrapping. The results show that the implementation of ERM has a significant effect on firms’ competitive advantage. The analysis supports the hypothesis and identifies the positive moderating effect of organizational culture in carrying out ERM programs, which can enhance organizational competitiveness. This study is useful for managers to help them in the planning and decision-making phase so that they can act responsibly in a rapidly changing environment and consider organizational culture as one of the key factors of the ERM program that helps accomplish organizational competitiveness.

Board attributes, ownership structure and risk management: A proposed model for insurance firms in Nigeria

As a response to the weaknesses in corporate governance and risk management created by the 2007/2008 financial crises, Enterprise Risk Management (ERM) becomes imperative, especially in the financial sector. Therefore, in understanding the board's responsibility in ensuring good governance through ERM implementation, two fundamental questions need to be answered; what determines the makeup of the board? And what determines boards' action? Consequently, this study proposed a conceptual framework for investigating the moderating role of ownership structure on the relationship between board attributes and risk management of insurance firms in Nigeria using the model approach. Hence, the control, resource acquisition, and service roles of the board as explained by agency, stewardship, and resource dependence theories explain this relationship. Board attributes are measured by board composition, board structure, board characteristics, and board process, ownership structure is measured by ownership concentration, board ownership, and foreign ownership, and ERM is measured using the disclosure index. Findings from the review of literature reveal that governance attributes in board attributes-risk management relationships have been measured on single or fragmented criteria, leading to contradictory or conflicting findings. Hence, the significance of the study lies in the conceptualization and choice of board attributes as explained by board roles and an integrative theoretical perspective to propose the choice of board attributes in the board attributes-risk management relationship and how ownership structure can influence the relationship, adding to the existing literature onboard attributes, ownership structure, and risk management.

Board of Directors and Commissioners Fulfillment of Commitments in Enterprise Risk Management Implementation and Supervision in Indonesian Coal Mining Company (Case Study of PT XYZ)

The goal of this study is to learn about, analyze, and describe two things, namely the Board of Directors and board commissioners' commitment to implementing and monitoring ERM in order to protect and create value for the company and the Management's perspectives on ERM's ability to protect and create value for the company. Data were gathered through structured interviews and a documentation study. The findings showed that the boards had followed through on their promise to implement and supervise ERM. This study identifies areas for improvement in integrating ERM into strategy development, risk culture, common risk language, risk management tools, and the role of the ERM function. Although numerous studies have looked at the influence of ERM implementation on firm value, this study seeks to fill a knowledge gap on the Boards' commitment to implementing and monitoring ERM to protect and build value for the company. Effective ERM implementation necessitates the involvement of the boards of directors.Keywords: Enterprise Risk Management (ERM), Board’s Commitment, and Protect and Create Value for Company. AbstrakTujuan dari penelitian ini adalah untuk mempelajari, menganalisis, dan mendeskripsikan dua hal, yaitu komitmen Direksi dan dewan komisaris dalam menerapkan dan memantau ERM dalam rangka melindungi dan menciptakan nilai bagi perusahaan dan perspektif Manajemen terhadap kemampuan ERM untuk melindungi dan menciptakan nilai bagi perusahaan. Pengumpulan data dilakukan melalui wawancara terstruktur dan studi dokumentasi. Temuan menunjukkan bahwa dewan telah menepati janji mereka untuk menerapkan dan mengawasi ERM. Studi ini mengidentifikasi area untuk perbaikan dalam mengintegrasikan ERM ke dalam pengembangan strategi, budaya risiko, bahasa risiko umum, alat manajemen risiko, dan peran fungsi ERM. Meskipun banyak penelitian telah melihat pengaruh penerapan ERM pada nilai perusahaan, penelitian ini berusaha untuk mengisi kesenjangan pengetahuan tentang komitmen Dewan untuk menerapkan dan memantau ERM untuk melindungi dan membangun nilai bagi perusahaan. Implementasi ERM yang efektif memerlukan keterlibatan dewan direksi.Kata kunci: Enterprise Risk Management (ERM); Komitmen Dewan; Protect and Create Value for Company.

Three-factor model of Enterprise Risk Management implementation: exploratory study of non-financial companies

Three-factor model of Enterprise Risk Management implementation: exploratory study of non-financial companies

Operational Risk Management Design In The Indonesia Mining Growth Program (P3I) Using House Of Risk Method

The Indonesia Mining Growth Program (P3I) is a development project activity for nickel Mining Enterprise and Processing Plant in the "X" Region in Sulawesi. This research will design a risk management framework for P3I by implementing Enterprise Risk Management (ERM). In this study, the method is used to analyze the potential operational risks that exist in P3I namely the House of Risk (HOR) model. The results of the identification of risk events in the operational business processes of P3I found 25 risk events divided into each business process, namely 8 risk events in the mine planning process, 7 risk events in the design implementation process, 8 risk events in the production process, 1 risk event in the product delivery process and 1 risk event in the process of returning waste from Processing Plant. Thus, the results of the identification of risk triggers (risk agents) found 23 risk causes (risk agents). The result of the Aggregate Risk Potential (ARP) recapitulation is an output calculation based on the HOR model phase 1, there are 7 top-ranked risk agents since it is considered to be able to hamper the company's goals. Thus, in determining the preventive actions, 17 preventive actions were obtained, which were then put into the HOR phase 2 model to rank the most effective prevention measures based on cost and resources.

Application of Enterprise Risk Management to Banking Risk

Abstract
 
 The implementation of Enterprise Risk Management (ERM) proactively determines the appropriate type and level of risk to achieve the organization's strategic objectives and assists management in understanding and managing all company business risks using an integrated structure and coordinated management. Although risks cannot be completely avoided or eliminated, they can be managed and minimized with an integrated risk management system. The purpose of this study is to prove whether the application of ERM can minimize credit risk, interest rate risk, and liquidity risk in banking companies and whether the internal audit function can strengthen the effect of ERM implementation in minimizing the risks faced by banks. The sample of this research is banks listed on the Indonesia Stock Exchange in 2011-2016. The results of this study indicate that the application of ERM for banks is not proven to have an effect in minimizing credit risk, interest rate risk, and liquidity risk. ERM does not manage risk individually but manages risk collectively so that it can identify company activities that contribute the most to the company's total risk and mitigation is carried out, and ERM is a process designed to manage risk so that it is at optimal risk that does not endanger the banking business, and management tends to take risks to optimize the profits to be obtained and companies tend to dare to take risks if the risk is not at a level that endangers the banking business condition. The internal audit function also has no effect in strengthening the relationship between ERM implementation and credit risk, interest rate risk, and liquidity risk.
 

Enterprise risk management and sustainability of banks performance

PurposeThis study investigates firm attributes (namely level of capitalisation, scope of operation, organisational structure, organisational lifecycle, systemic importance and size) affecting the robustness of enterprise risk management (ERM) practice, the extent to which ERM affects the performance of banks and the impact of ERM on the long-term sustainability of banks in Nigeria. This was against the backdrop that the 2012 banking reform was a major regulatory intervention that mainstreamed ERM in the Nigerian banking sector.Design/methodology/approachThe study employed a mixed methodology of content, trend and quantitative analyses. Ex post facto research design was deployed to analyse performance differential of banks, with respect to the implementation of ERM, over a 10-year period (2008–2017). A disclosure checklist developed from the COSO ERM integrated framework was used to assess the robustness of ERM by content-analysing divulgence on risk management in published annual reports. The banking reform periods were dichotomised into pre- (2008–2012) and post- (2013–2017) reform periods. Jonckheere–Terpstra test, independent sample t-test and Mann–Whitney test were applied to analyse a total of 1,036 firm-year observations over the period 2008–2017.FindingsResult shows that bank attributes significantly affecting the robustness of risk management practice are level of capitalisation, scope of operation, systemic importance and size. Performance of banks improved slightly during the post-2012 banking reform period. This suggests that as banks consolidate on the gains of ERM, benefits of the regulatory policy on risk management may be realised in the long run. Result also shows that ERM enhances long-term performance, connoting that effective risk management could serve as a competitive strategy for surviving turbulence that typically characterises the banking sector.Practical implicationsThe emergence of level of capitalisation, scope of operation, systemic importance and size as determinants of ERM provides empirical evidence to support the practice of reviewing the capital requirements for banking business from time to time by regulatory authorities (i.e. recapitalisation policy) as a strategy for managing systemic risk. Top management of banks may consider instituting mechanisms that will ensure risk management is given prominence. A proactive approach must be taken to convert risks to opportunities by banks and other financial institutions, going forward, to cope with the vicissitudes of financial intermediation.Originality/valueThe originality of the study stems from the consideration that it provides some new insights into the impact of ERM on banks long-term sustainability in a developing country. The study also contributes to knowledge by exposing the factors determining the robustness of risk management practice. The study developed a checklist for assessing ERM practice from annual reports and other risk management disclosure documents. The paper also adds to the scarce literature on risk governance and risk management.

Analysis of enterprise risk management practices in Malaysian waqf institutions

PurposeThis study aims to assess enterprise risk management (ERM) practices in waqf institutions (WIs) along with their strengths and weaknesses; highlight ERM trends in WIs; and determine the best ERM practices for these institutions.Design/methodology/approachData were collected via structured interviews with nine WI managers in Malaysia. A standardised questionnaire was adopted for the interviews, which focussed on ERM implementation in WIs. The collected data were analysed in three steps, namely, data reduction, data display and verification/conclusion. The frequency distribution of these data were then illustrated and the mean values and differences of the studied groups/variables were examined.FindingsWIs have a sub-optimal ERM implementation, whose aspects need to be improved over time. These institutions have focussed on their ERM practices at the strategic level yet ignored those at the operational level. Specifically, WI officers have well-defined internal environments and objectives, but risk monitoring, which ensures effective implementation of ERM, is lacking. The presence of risk management committees and units may be linked with the successful implementation of ERM. However, ERM knowledge and top management support do not show clearly associations with ERM implementation. WIs should focus on improving their ERM implementation governance.Research limitations/implicationsFindings underscore the need for WIs to launch a formal ERM programme and for relevant stakeholders to create the appropriate infrastructures that support ERM implementation, including amended rules, ERM policies and allocated funds for training and education, to promote ERM implementation knowledge and awareness. The successful implementation of ERM not only improves the service quality, sustainability and performance of WIs but also promotes the national waqf agenda as a key economic driver.Originality/valueERM in non-profit organisations, such as WIs, has received limited research attention relative to that in profit-driven organisations despite having unique risks. To the best of the knowledge, this study is the first to identify those trends that explain ERM practices and to determine the ERM best practices of WIs.

The History of Enterprise Risk Management at Hydro One Inc.

Hydro One Inc. is widely regarded as having had one of the most successful implementations of enterprise risk management (ERM). The purpose of this article is to record the history of this successful implementation so that it will benefit other companies and organizations who are at the beginning or in the early part of their ERM journey. In this article, we delve deeper into the dynamics at work and the steps involved in the implementation of ERM. This article is an interview by Betty Simkins with John Fraser and Rob Quail so as to record the challenges, successes, and methods used at Hydro One. This article covers the period from 1999 to when John Fraser left the ERM function in 2014 but many of the processes they implemented have continued to the date of writing (2021). This article should also be of interest to academic researchers who seek to understand why some ERM implementations succeed while other flounder or fail to achieve their objectives.

Competitive strategies-performance nexus and the mediating role of enterprise risk management practices: a multi-group analysis for fully fledged Islamic banks and conventional banks with Islamic window in Pakistan

PurposeThis paper aims to investigate whether the effect of competitive strategies on the performance is significantly different for fully fledged Islamic banks vis-a-vis conventional banks with Islamic window. Specifically, two competitive strategies namely the low-cost strategy and the differentiation strategy were considered. In addition, we examined further the competitive strategies–performance nexus by introducing enterprise risk management as a mediating factor.Design/methodology/approachThis study used structured questionnaires to collect data from 506 respondents (251 from fully fledged Islamic banks and 255 from conventional banks with Islamic window). A disjoint two-stage approach was employed to analyze a hierarchical component model. Construct Level Correction and Measured Latent Marker Variable approaches were employed to assess the common method variance. As a robustness check, two-stage approach was used to explore the curvilinear relationship, and the Gaussian copula approach was adopted to address the endogeneity issue.FindingsThe findings show the evidence of complementary partial mediation in the relationships between low-cost strategy, differentiation strategy, and performance through enterprise risk management practices in both types of banks.Practical implicationsCompetitive strategies are essential as they send signals to owners, managers, policymakers, and regulatory authorities. On the one hand, fully fledged Islamic banks face dual competition from pure conventional counterparts as well as conventional banks with Islamic window. On the other hand, Islamic window banks also face strong competition from the fully fledged Islamic banks due to their strong Shariah roots. Hence, this competitive pressure on both types of banks calls for more attention to focus on competitive strategies and enterprise risk management practices to accelerate their performance and overcome the bank risk. Moreover, these competitive strategies can be used as a tool to enter into a new market by reducing costs and risks. Besides, banks cannot achieve a competitive advantage without implementing enterprise risk management practices because competitive strategies are significant antecedents of enterprise risk management practices. Therefore, this study recommends both types of banks to focus on enterprise risk management practices to make these strategies successful.Originality/valueTo the best of our knowledge, this is the first study to examine the competitive strategies–performance nexus and the mediating role of enterprise risk management practices in an unexplored area of Islamic banking.

ORGANIZATION OF RISK-MANAGEMENT IN EQUINOR ASA

The article reveals modern approaches to enterprise risk management based on the introduction of ERM (enterprise risk management) system, aimed at the integration of all types of risks in the company's strategy and the transition from protection from negative situations to the concept of risk appetite. The special importance of risk management for oil and gas companies in the conditions of global instability and high price volatility is emphasized. The author analyzes the experience of the Norwegian oil and gas company Equinor in the development and implementation of ERM, changes in the organization of risk management and methods of analysis and evaluation.