Implementing Enterprise Risk Management
From Methods to Applications
Published on 9. March 2017
432 pages
978-1-118-22156-3 (ISBN)
Description
A practical, real-world guide for implementing enterprise risk management (ERM) programs into your organization
Enterprise risk management (ERM) is a complex yet critical issue that all companies must deal with in the twenty-first century. Failure to properly manage risk continues to plague corporations around the world. ERM empowers risk professionals to balance risks with rewards and balance people with processes.
But to master the numerous aspects of enterprise risk management, you must integrate it into the culture and operations of the business. No one knows this better than risk management expert James Lam, and now, with Implementing Enterprise Risk Management: From Methods to Applications, he distills more than thirty years' worth of experience in the field to give risk professionals a clear understanding of how to implement an enterprise risk management program for every business.
* Offers valuable insights on solving real-world business problems using ERM
* Effectively addresses how to develop specific ERM tools
* Contains a significant number of case studies to help with practical implementation of an ERM program
While Enterprise Risk Management: From Incentives to Controls, Second Edition focuses on the "what" of ERM, Implementing Enterprise Risk Management: From Methods to Applications will help you focus on the "how." Together, these two resources can help you meet the enterprise-wide risk management challenge head on--and succeed.
More details
Other editions
New editions
John Fraser | Betty Simkins | Kristina Narvaez
Implementing Enterprise Risk Management
Case Studies and Best Practices
E-Book
10/2014
Wiley
€85.99
Available for download
Additional editions
Book
05/2017
Wiley
€98.00
Shipment within 10-20 days
Person
JAMES LAM is president of James Lam & Associates, a risk management consulting firm. He serves on the board of directors of E*TRADE Financial and chairs the Risk Oversight Committee. An NACD Board Leadership Fellow, he is author of the bestselling risk management title, Enterprise Risk Management.
Content
1 - Cover???????????????????????? [Seite 1]
2 - Title Page?????????????????????????????????? [Seite 5]
3 - Copyright???????????????????????????????? [Seite 6]
4 - Contents?????????????????????????????? [Seite 9]
5 - Preface???????????????????????????? [Seite 15]
6 - Acknowledgments???????????????????????????????????????????? [Seite 21]
7 - Part One: ERM in Context [Seite 25]
7.1 - Chapter 1: Fundamental Concepts and Current State???????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 27]
7.1.1 - Introduction?????????????????????????????????????? [Seite 27]
7.1.2 - What Is Risk????????????????????????????????????????? [Seite 28]
7.1.3 - What Does Risk Look Like????????????????????????????????????????????????????????????????? [Seite 32]
7.1.4 - Enterprise Risk Management (ERM)?????????????????????????????????????????????????????????????????????????????? [Seite 35]
7.1.5 - The Case for ERM?????????????????????????????????????????????? [Seite 37]
7.1.6 - Where ERM Is Now?????????????????????????????????????????????? [Seite 42]
7.1.7 - Where ERM Is Headed???????????????????????????????????????????????????? [Seite 43]
7.1.8 - Notes [Seite 44]
7.2 - Chapter 2: Key Trends and Developments?????????????????????????????????????????????????????????????????????????????????????????? [Seite 45]
7.2.1 - Introduction?????????????????????????????????????? [Seite 45]
7.2.2 - Lessons Learned from the Financial Crisis???????????????????????????????????????????????????????????????????????????????????????????????? [Seite 45]
7.2.3 - The Wheel of Misfortune Revisited???????????????????????????????????????????????????????????????????????????????? [Seite 50]
7.2.4 - Global Adoption???????????????????????????????????????????? [Seite 58]
7.2.5 - Notes???????????????????????? [Seite 61]
7.3 - Chapter 3: Performance-Based Continuous ERM???????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 65]
7.3.1 - Introduction?????????????????????????????????????? [Seite 65]
7.3.2 - Phase Three: Creating Shareholder Value???????????????????????????????????????????????????????????????????????????????????????????? [Seite 67]
7.3.3 - Performance-Based Continuous ERM?????????????????????????????????????????????????????????????????????????????? [Seite 68]
7.3.4 - Case Study: Legacy Technology???????????????????????????????????????????????????????????????????????? [Seite 80]
7.3.5 - Notes???????????????????????? [Seite 83]
7.4 - Chapter 4: Stakeholder Requirements???????????????????????????????????????????????????????????????????????????????????? [Seite 85]
7.4.1 - Introduction?????????????????????????????????????? [Seite 85]
7.4.2 - Stakeholders Defined?????????????????????????????????????????????????????? [Seite 86]
7.4.3 - Managing Stakeholder Value with ERM???????????????????????????????????????????????????????????????????????????????????? [Seite 103]
7.4.4 - Implementing a Stakeholder Management Program???????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 104]
7.4.5 - Appendix A: Reputational Risk Policy?????????????????????????????????????????????????????????????????????????????????????? [Seite 107]
7.4.6 - Notes???????????????????????? [Seite 111]
8 - Part Two: Implementing an ERM Program [Seite 115]
8.1 - Chapter 5: The ERM Project?????????????????????????????????????????????????????????????????? [Seite 117]
8.1.1 - Introduction?????????????????????????????????????? [Seite 117]
8.1.2 - Barriers to Change?????????????????????????????????????????????????? [Seite 117]
8.1.3 - Establish the Vision?????????????????????????????????????????????????????? [Seite 119]
8.1.4 - Obtain Buy-In from Internal Stakeholders?????????????????????????????????????????????????????????????????????????????????????????????? [Seite 121]
8.1.5 - Assess Current Capabilities against Best Practices?????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 124]
8.1.6 - Develop a Roadmap???????????????????????????????????????????????? [Seite 128]
8.1.7 - Appendix A: ERM Maturity Model?????????????????????????????????????????????????????????????????????????? [Seite 132]
8.1.8 - Appendix B: Practical Plan for ERM Program Implementation???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 135]
8.2 - Chapter 6: Risk Culture???????????????????????????????????????????????????????????? [Seite 139]
8.2.1 - Introduction?????????????????????????????????????? [Seite 139]
8.2.2 - Risk Culture Success Factors?????????????????????????????????????????????????????????????????????? [Seite 141]
8.2.3 - Best Practice: Risk Escalation?????????????????????????????????????????????????????????????????????????? [Seite 154]
8.2.4 - Conclusion?????????????????????????????????? [Seite 154]
8.2.5 - Notes [Seite 155]
8.3 - Chapter 7: The ERM Framework?????????????????????????????????????????????????????????????????????? [Seite 156]
8.3.1 - Introduction?????????????????????????????????????? [Seite 156]
8.3.2 - The Need for an ERM Framework???????????????????????????????????????????????????????????????????????? [Seite 156]
8.3.3 - ERM Framework Criteria?????????????????????????????????????????????????????????? [Seite 160]
8.3.4 - Current ERM Frameworks?????????????????????????????????????????????????????????? [Seite 162]
8.3.5 - An Update: The Continuous ERM Model???????????????????????????????????????????????????????????????????????????????????? [Seite 169]
8.3.6 - Developing a Framework?????????????????????????????????????????????????????????? [Seite 174]
8.3.7 - Conclusion?????????????????????????????????? [Seite 177]
8.3.8 - Notes???????????????????????? [Seite 177]
9 - Part Three: Governance Structure and Policies [Seite 179]
9.1 - Chapter 8: The Three Lines of Defense???????????????????????????????????????????????????????????????????????????????????????? [Seite 181]
9.1.1 - Introduction?????????????????????????????????????? [Seite 181]
9.1.2 - COSO's Three Lines of Defense???????????????????????????????????????????????????????????????????????? [Seite 182]
9.1.3 - Problems with This Structure?????????????????????????????????????????????????????????????????????? [Seite 184]
9.1.4 - The Three Lines of Defense Revisited?????????????????????????????????????????????????????????????????????????????????????? [Seite 188]
9.1.5 - Bringing It All Together: How the Three Lines Work in Concert???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 196]
9.1.6 - Conclusion?????????????????????????????????? [Seite 197]
9.1.7 - Notes???????????????????????? [Seite 197]
9.2 - Chapter 9: Role of the Board?????????????????????????????????????????????????????????????????????? [Seite 199]
9.2.1 - Introduction?????????????????????????????????????? [Seite 199]
9.2.2 - Regulatory Requirements???????????????????????????????????????????????????????????? [Seite 200]
9.2.3 - Current Board Practices???????????????????????????????????????????????????????????? [Seite 203]
9.2.4 - Case Study: Satyam?????????????????????????????????????????????????? [Seite 204]
9.2.5 - Three Levers for ERM Oversight?????????????????????????????????????????????????????????????????????????? [Seite 205]
9.2.6 - Conclusion?????????????????????????????????? [Seite 213]
9.2.7 - Notes???????????????????????? [Seite 213]
9.3 - Chapter 10: The View from the Risk Chair?????????????????????????????????????????????????????????????????????????????????????????????? [Seite 215]
9.3.1 - Introduction?????????????????????????????????????? [Seite 215]
9.3.2 - Turnaround Story?????????????????????????????????????????????? [Seite 215]
9.3.3 - The GPA Model in Action???????????????????????????????????????????????????????????? [Seite 216]
9.3.4 - Top Priorities for the Risk Oversight Committee???????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 216]
9.3.5 - Conclusion?????????????????????????????????? [Seite 220]
9.3.6 - Notes???????????????????????? [Seite 221]
9.4 - Chapter 11: Rise of the CRO???????????????????????????????????????????????????????????????????? [Seite 222]
9.4.1 - Introduction?????????????????????????????????????? [Seite 222]
9.4.2 - History and Rise of the CRO???????????????????????????????????????????????????????????????????? [Seite 223]
9.4.3 - A CRO's Career Path???????????????????????????????????????????????????? [Seite 225]
9.4.4 - The CRO's Role?????????????????????????????????????????? [Seite 226]
9.4.5 - Hiring a CRO?????????????????????????????????????? [Seite 230]
9.4.6 - A CRO's Progress?????????????????????????????????????????????? [Seite 232]
9.4.7 - Chief Risk Officer Profiles???????????????????????????????????????????????????????????????????? [Seite 236]
9.4.8 - Notes???????????????????????? [Seite 249]
9.5 - Chapter 12: Risk Appetite Statement???????????????????????????????????????????????????????????????????????????????????? [Seite 251]
9.5.1 - Introduction?????????????????????????????????????? [Seite 251]
9.5.2 - Requirements of a Risk Appetite Statement???????????????????????????????????????????????????????????????????????????????????????????????? [Seite 252]
9.5.3 - Developing a Risk Appetite Statement?????????????????????????????????????????????????????????????????????????????????????? [Seite 257]
9.5.4 - Roles and Responsibilities?????????????????????????????????????????????????????????????????? [Seite 263]
9.5.5 - Monitoring and Reporting?????????????????????????????????????????????????????????????? [Seite 266]
9.5.6 - Examples of Risk Appetite Statements and Metrics?????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 270]
9.5.7 - Notes???????????????????????? [Seite 274]
10 - Part Four: Risk Assessment and Quantification [Seite 277]
10.1 - Chapter 13: Risk Control Self-Assessments???????????????????????????????????????????????????????????????????????????????????????????????? [Seite 279]
10.1.1 - Introduction?????????????????????????????????????? [Seite 279]
10.1.2 - Risk Assessment: An Overview?????????????????????????????????????????????????????????????????????? [Seite 279]
10.1.3 - RCSA Methodology?????????????????????????????????????????????? [Seite 280]
10.1.4 - Phase 1: Setting the Foundation???????????????????????????????????????????????????????????????????????????? [Seite 283]
10.1.5 - Phase 2: Risk Identification, Assessment, and Prioritization?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 286]
10.1.6 - Phase 3: Deep Dives, Risk Quantification, and Management?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 291]
10.1.7 - Phase 4: Business and ERM Integration???????????????????????????????????????????????????????????????????????????????????????? [Seite 294]
10.1.8 - ERM and Internal Audit Collaboration?????????????????????????????????????????????????????????????????????????????????????? [Seite 296]
10.1.9 - Notes???????????????????????? [Seite 297]
10.2 - Chapter 14: Risk Quantification Models?????????????????????????????????????????????????????????????????????????????????????????? [Seite 298]
10.2.1 - Introduction?????????????????????????????????????? [Seite 298]
10.2.2 - Market Risk Models?????????????????????????????????????????????????? [Seite 299]
10.2.3 - Credit Risk Models?????????????????????????????????????????????????? [Seite 302]
10.2.4 - Operational Risk Models???????????????????????????????????????????????????????????? [Seite 305]
10.2.5 - Model Risk Management???????????????????????????????????????????????????????? [Seite 307]
10.2.6 - The Loss/Event Database???????????????????????????????????????????????????????????? [Seite 312]
10.2.7 - Early Warning Indicators?????????????????????????????????????????????????????????????? [Seite 313]
10.2.8 - Model Risk Case Study: AIG?????????????????????????????????????????????????????????????????? [Seite 313]
10.2.9 - Notes???????????????????????? [Seite 314]
11 - Part Five: Risk Management [Seite 317]
11.1 - Chapter 15: Strategic Risk Management???????????????????????????????????????????????????????????????????????????????????????? [Seite 319]
11.1.1 - Introduction?????????????????????????????????????? [Seite 319]
11.1.2 - The Importance of Strategic Risk?????????????????????????????????????????????????????????????????????????????? [Seite 320]
11.1.3 - Measuring Strategic Risk?????????????????????????????????????????????????????????????? [Seite 323]
11.1.4 - Managing Strategic Risk???????????????????????????????????????????????????????????? [Seite 325]
11.1.5 - Appendix A: Strategic Risk Models???????????????????????????????????????????????????????????????????????????????? [Seite 334]
11.1.6 - Notes???????????????????????? [Seite 336]
11.2 - Chapter 16: Risk-Based Performance Management???????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 338]
11.2.1 - Introduction?????????????????????????????????????? [Seite 338]
11.2.2 - Performance Management and Risk???????????????????????????????????????????????????????????????????????????? [Seite 340]
11.2.3 - Performance Management and Capital?????????????????????????????????????????????????????????????????????????????????? [Seite 341]
11.2.4 - Performance Management and Value Creation???????????????????????????????????????????????????????????????????????????????????????????????? [Seite 343]
11.2.5 - Summary???????????????????????????? [Seite 347]
11.2.6 - Notes???????????????????????? [Seite 348]
12 - Part Six: Risk Monitoring and Reporting [Seite 349]
12.1 - Chapter 17: Integration of KPIs and KRIs?????????????????????????????????????????????????????????????????????????????????????????????? [Seite 351]
12.1.1 - Introduction?????????????????????????????????????? [Seite 351]
12.1.2 - What Is an Indicator????????????????????????????????????????????????????????? [Seite 351]
12.1.3 - Using Key Performance Indicators?????????????????????????????????????????????????????????????????????????????? [Seite 353]
12.1.4 - Building Key Risk Indicators?????????????????????????????????????????????????????????????????????? [Seite 354]
12.1.5 - KPI and KRI Program Implementation?????????????????????????????????????????????????????????????????????????????????? [Seite 359]
12.1.6 - Best Practices?????????????????????????????????????????? [Seite 361]
12.1.7 - Conclusion?????????????????????????????????? [Seite 362]
12.1.8 - Notes???????????????????????? [Seite 363]
12.2 - Chapter 18: ERM Dashboard Reporting???????????????????????????????????????????????????????????????????????????????????? [Seite 364]
12.2.1 - Introduction?????????????????????????????????????? [Seite 364]
12.2.2 - Traditional Risk Reporting vs. ERM Dashboard Reporting?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 368]
12.2.3 - General Dashboard Requirements?????????????????????????????????????????????????????????????????????????? [Seite 372]
12.2.4 - Implementing ERM Dashboards???????????????????????????????????????????????????????????????????? [Seite 375]
12.2.5 - Avoid Common Mistakes???????????????????????????????????????????????????????? [Seite 381]
12.2.6 - Best Practices?????????????????????????????????????????? [Seite 382]
12.2.7 - Notes???????????????????????? [Seite 385]
12.3 - Chapter 19: Feedback Loops?????????????????????????????????????????????????????????????????? [Seite 386]
12.3.1 - Introduction?????????????????????????????????????? [Seite 386]
12.3.2 - What Is a Feedback Loop??????????????????????????????????????????????????????????????? [Seite 387]
12.3.3 - Examples of Feedback Loops?????????????????????????????????????????????????????????????????? [Seite 388]
12.3.4 - ERM Performance Feedback Loop???????????????????????????????????????????????????????????????????????? [Seite 390]
12.3.5 - Measuring Success with the ERM Scorecard?????????????????????????????????????????????????????????????????????????????????????????????? [Seite 392]
12.3.6 - Notes???????????????????????? [Seite 395]
13 - Part Seven: Other ERM Resources [Seite 397]
13.1 - Chapter 20: Additional ERM Templates and Outlines???????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 399]
13.1.1 - Introduction?????????????????????????????????????? [Seite 399]
13.1.2 - Strategic Risk Assessment???????????????????????????????????????????????????????????????? [Seite 399]
13.1.3 - CRO Report to the Risk Committee?????????????????????????????????????????????????????????????????????????????? [Seite 400]
13.1.4 - Cybersecurity Risk Appetite and Metrics???????????????????????????????????????????????????????????????????????????????????????????? [Seite 402]
13.1.5 - Model Risk Policy???????????????????????????????????????????????? [Seite 404]
13.1.6 - Risk Escalation Policy?????????????????????????????????????????????????????????? [Seite 406]
13.1.7 - Notes???????????????????????? [Seite 409]
14 - About the Author?????????????????????????????????????????????? [Seite 410]
15 - Index???????????????????????? [Seite 411]
16 - EULA [Seite 430]
2 - Title Page?????????????????????????????????? [Seite 5]
3 - Copyright???????????????????????????????? [Seite 6]
4 - Contents?????????????????????????????? [Seite 9]
5 - Preface???????????????????????????? [Seite 15]
6 - Acknowledgments???????????????????????????????????????????? [Seite 21]
7 - Part One: ERM in Context [Seite 25]
7.1 - Chapter 1: Fundamental Concepts and Current State???????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 27]
7.1.1 - Introduction?????????????????????????????????????? [Seite 27]
7.1.2 - What Is Risk????????????????????????????????????????? [Seite 28]
7.1.3 - What Does Risk Look Like????????????????????????????????????????????????????????????????? [Seite 32]
7.1.4 - Enterprise Risk Management (ERM)?????????????????????????????????????????????????????????????????????????????? [Seite 35]
7.1.5 - The Case for ERM?????????????????????????????????????????????? [Seite 37]
7.1.6 - Where ERM Is Now?????????????????????????????????????????????? [Seite 42]
7.1.7 - Where ERM Is Headed???????????????????????????????????????????????????? [Seite 43]
7.1.8 - Notes [Seite 44]
7.2 - Chapter 2: Key Trends and Developments?????????????????????????????????????????????????????????????????????????????????????????? [Seite 45]
7.2.1 - Introduction?????????????????????????????????????? [Seite 45]
7.2.2 - Lessons Learned from the Financial Crisis???????????????????????????????????????????????????????????????????????????????????????????????? [Seite 45]
7.2.3 - The Wheel of Misfortune Revisited???????????????????????????????????????????????????????????????????????????????? [Seite 50]
7.2.4 - Global Adoption???????????????????????????????????????????? [Seite 58]
7.2.5 - Notes???????????????????????? [Seite 61]
7.3 - Chapter 3: Performance-Based Continuous ERM???????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 65]
7.3.1 - Introduction?????????????????????????????????????? [Seite 65]
7.3.2 - Phase Three: Creating Shareholder Value???????????????????????????????????????????????????????????????????????????????????????????? [Seite 67]
7.3.3 - Performance-Based Continuous ERM?????????????????????????????????????????????????????????????????????????????? [Seite 68]
7.3.4 - Case Study: Legacy Technology???????????????????????????????????????????????????????????????????????? [Seite 80]
7.3.5 - Notes???????????????????????? [Seite 83]
7.4 - Chapter 4: Stakeholder Requirements???????????????????????????????????????????????????????????????????????????????????? [Seite 85]
7.4.1 - Introduction?????????????????????????????????????? [Seite 85]
7.4.2 - Stakeholders Defined?????????????????????????????????????????????????????? [Seite 86]
7.4.3 - Managing Stakeholder Value with ERM???????????????????????????????????????????????????????????????????????????????????? [Seite 103]
7.4.4 - Implementing a Stakeholder Management Program???????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 104]
7.4.5 - Appendix A: Reputational Risk Policy?????????????????????????????????????????????????????????????????????????????????????? [Seite 107]
7.4.6 - Notes???????????????????????? [Seite 111]
8 - Part Two: Implementing an ERM Program [Seite 115]
8.1 - Chapter 5: The ERM Project?????????????????????????????????????????????????????????????????? [Seite 117]
8.1.1 - Introduction?????????????????????????????????????? [Seite 117]
8.1.2 - Barriers to Change?????????????????????????????????????????????????? [Seite 117]
8.1.3 - Establish the Vision?????????????????????????????????????????????????????? [Seite 119]
8.1.4 - Obtain Buy-In from Internal Stakeholders?????????????????????????????????????????????????????????????????????????????????????????????? [Seite 121]
8.1.5 - Assess Current Capabilities against Best Practices?????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 124]
8.1.6 - Develop a Roadmap???????????????????????????????????????????????? [Seite 128]
8.1.7 - Appendix A: ERM Maturity Model?????????????????????????????????????????????????????????????????????????? [Seite 132]
8.1.8 - Appendix B: Practical Plan for ERM Program Implementation???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 135]
8.2 - Chapter 6: Risk Culture???????????????????????????????????????????????????????????? [Seite 139]
8.2.1 - Introduction?????????????????????????????????????? [Seite 139]
8.2.2 - Risk Culture Success Factors?????????????????????????????????????????????????????????????????????? [Seite 141]
8.2.3 - Best Practice: Risk Escalation?????????????????????????????????????????????????????????????????????????? [Seite 154]
8.2.4 - Conclusion?????????????????????????????????? [Seite 154]
8.2.5 - Notes [Seite 155]
8.3 - Chapter 7: The ERM Framework?????????????????????????????????????????????????????????????????????? [Seite 156]
8.3.1 - Introduction?????????????????????????????????????? [Seite 156]
8.3.2 - The Need for an ERM Framework???????????????????????????????????????????????????????????????????????? [Seite 156]
8.3.3 - ERM Framework Criteria?????????????????????????????????????????????????????????? [Seite 160]
8.3.4 - Current ERM Frameworks?????????????????????????????????????????????????????????? [Seite 162]
8.3.5 - An Update: The Continuous ERM Model???????????????????????????????????????????????????????????????????????????????????? [Seite 169]
8.3.6 - Developing a Framework?????????????????????????????????????????????????????????? [Seite 174]
8.3.7 - Conclusion?????????????????????????????????? [Seite 177]
8.3.8 - Notes???????????????????????? [Seite 177]
9 - Part Three: Governance Structure and Policies [Seite 179]
9.1 - Chapter 8: The Three Lines of Defense???????????????????????????????????????????????????????????????????????????????????????? [Seite 181]
9.1.1 - Introduction?????????????????????????????????????? [Seite 181]
9.1.2 - COSO's Three Lines of Defense???????????????????????????????????????????????????????????????????????? [Seite 182]
9.1.3 - Problems with This Structure?????????????????????????????????????????????????????????????????????? [Seite 184]
9.1.4 - The Three Lines of Defense Revisited?????????????????????????????????????????????????????????????????????????????????????? [Seite 188]
9.1.5 - Bringing It All Together: How the Three Lines Work in Concert???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 196]
9.1.6 - Conclusion?????????????????????????????????? [Seite 197]
9.1.7 - Notes???????????????????????? [Seite 197]
9.2 - Chapter 9: Role of the Board?????????????????????????????????????????????????????????????????????? [Seite 199]
9.2.1 - Introduction?????????????????????????????????????? [Seite 199]
9.2.2 - Regulatory Requirements???????????????????????????????????????????????????????????? [Seite 200]
9.2.3 - Current Board Practices???????????????????????????????????????????????????????????? [Seite 203]
9.2.4 - Case Study: Satyam?????????????????????????????????????????????????? [Seite 204]
9.2.5 - Three Levers for ERM Oversight?????????????????????????????????????????????????????????????????????????? [Seite 205]
9.2.6 - Conclusion?????????????????????????????????? [Seite 213]
9.2.7 - Notes???????????????????????? [Seite 213]
9.3 - Chapter 10: The View from the Risk Chair?????????????????????????????????????????????????????????????????????????????????????????????? [Seite 215]
9.3.1 - Introduction?????????????????????????????????????? [Seite 215]
9.3.2 - Turnaround Story?????????????????????????????????????????????? [Seite 215]
9.3.3 - The GPA Model in Action???????????????????????????????????????????????????????????? [Seite 216]
9.3.4 - Top Priorities for the Risk Oversight Committee???????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 216]
9.3.5 - Conclusion?????????????????????????????????? [Seite 220]
9.3.6 - Notes???????????????????????? [Seite 221]
9.4 - Chapter 11: Rise of the CRO???????????????????????????????????????????????????????????????????? [Seite 222]
9.4.1 - Introduction?????????????????????????????????????? [Seite 222]
9.4.2 - History and Rise of the CRO???????????????????????????????????????????????????????????????????? [Seite 223]
9.4.3 - A CRO's Career Path???????????????????????????????????????????????????? [Seite 225]
9.4.4 - The CRO's Role?????????????????????????????????????????? [Seite 226]
9.4.5 - Hiring a CRO?????????????????????????????????????? [Seite 230]
9.4.6 - A CRO's Progress?????????????????????????????????????????????? [Seite 232]
9.4.7 - Chief Risk Officer Profiles???????????????????????????????????????????????????????????????????? [Seite 236]
9.4.8 - Notes???????????????????????? [Seite 249]
9.5 - Chapter 12: Risk Appetite Statement???????????????????????????????????????????????????????????????????????????????????? [Seite 251]
9.5.1 - Introduction?????????????????????????????????????? [Seite 251]
9.5.2 - Requirements of a Risk Appetite Statement???????????????????????????????????????????????????????????????????????????????????????????????? [Seite 252]
9.5.3 - Developing a Risk Appetite Statement?????????????????????????????????????????????????????????????????????????????????????? [Seite 257]
9.5.4 - Roles and Responsibilities?????????????????????????????????????????????????????????????????? [Seite 263]
9.5.5 - Monitoring and Reporting?????????????????????????????????????????????????????????????? [Seite 266]
9.5.6 - Examples of Risk Appetite Statements and Metrics?????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 270]
9.5.7 - Notes???????????????????????? [Seite 274]
10 - Part Four: Risk Assessment and Quantification [Seite 277]
10.1 - Chapter 13: Risk Control Self-Assessments???????????????????????????????????????????????????????????????????????????????????????????????? [Seite 279]
10.1.1 - Introduction?????????????????????????????????????? [Seite 279]
10.1.2 - Risk Assessment: An Overview?????????????????????????????????????????????????????????????????????? [Seite 279]
10.1.3 - RCSA Methodology?????????????????????????????????????????????? [Seite 280]
10.1.4 - Phase 1: Setting the Foundation???????????????????????????????????????????????????????????????????????????? [Seite 283]
10.1.5 - Phase 2: Risk Identification, Assessment, and Prioritization?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 286]
10.1.6 - Phase 3: Deep Dives, Risk Quantification, and Management?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 291]
10.1.7 - Phase 4: Business and ERM Integration???????????????????????????????????????????????????????????????????????????????????????? [Seite 294]
10.1.8 - ERM and Internal Audit Collaboration?????????????????????????????????????????????????????????????????????????????????????? [Seite 296]
10.1.9 - Notes???????????????????????? [Seite 297]
10.2 - Chapter 14: Risk Quantification Models?????????????????????????????????????????????????????????????????????????????????????????? [Seite 298]
10.2.1 - Introduction?????????????????????????????????????? [Seite 298]
10.2.2 - Market Risk Models?????????????????????????????????????????????????? [Seite 299]
10.2.3 - Credit Risk Models?????????????????????????????????????????????????? [Seite 302]
10.2.4 - Operational Risk Models???????????????????????????????????????????????????????????? [Seite 305]
10.2.5 - Model Risk Management???????????????????????????????????????????????????????? [Seite 307]
10.2.6 - The Loss/Event Database???????????????????????????????????????????????????????????? [Seite 312]
10.2.7 - Early Warning Indicators?????????????????????????????????????????????????????????????? [Seite 313]
10.2.8 - Model Risk Case Study: AIG?????????????????????????????????????????????????????????????????? [Seite 313]
10.2.9 - Notes???????????????????????? [Seite 314]
11 - Part Five: Risk Management [Seite 317]
11.1 - Chapter 15: Strategic Risk Management???????????????????????????????????????????????????????????????????????????????????????? [Seite 319]
11.1.1 - Introduction?????????????????????????????????????? [Seite 319]
11.1.2 - The Importance of Strategic Risk?????????????????????????????????????????????????????????????????????????????? [Seite 320]
11.1.3 - Measuring Strategic Risk?????????????????????????????????????????????????????????????? [Seite 323]
11.1.4 - Managing Strategic Risk???????????????????????????????????????????????????????????? [Seite 325]
11.1.5 - Appendix A: Strategic Risk Models???????????????????????????????????????????????????????????????????????????????? [Seite 334]
11.1.6 - Notes???????????????????????? [Seite 336]
11.2 - Chapter 16: Risk-Based Performance Management???????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 338]
11.2.1 - Introduction?????????????????????????????????????? [Seite 338]
11.2.2 - Performance Management and Risk???????????????????????????????????????????????????????????????????????????? [Seite 340]
11.2.3 - Performance Management and Capital?????????????????????????????????????????????????????????????????????????????????? [Seite 341]
11.2.4 - Performance Management and Value Creation???????????????????????????????????????????????????????????????????????????????????????????????? [Seite 343]
11.2.5 - Summary???????????????????????????? [Seite 347]
11.2.6 - Notes???????????????????????? [Seite 348]
12 - Part Six: Risk Monitoring and Reporting [Seite 349]
12.1 - Chapter 17: Integration of KPIs and KRIs?????????????????????????????????????????????????????????????????????????????????????????????? [Seite 351]
12.1.1 - Introduction?????????????????????????????????????? [Seite 351]
12.1.2 - What Is an Indicator????????????????????????????????????????????????????????? [Seite 351]
12.1.3 - Using Key Performance Indicators?????????????????????????????????????????????????????????????????????????????? [Seite 353]
12.1.4 - Building Key Risk Indicators?????????????????????????????????????????????????????????????????????? [Seite 354]
12.1.5 - KPI and KRI Program Implementation?????????????????????????????????????????????????????????????????????????????????? [Seite 359]
12.1.6 - Best Practices?????????????????????????????????????????? [Seite 361]
12.1.7 - Conclusion?????????????????????????????????? [Seite 362]
12.1.8 - Notes???????????????????????? [Seite 363]
12.2 - Chapter 18: ERM Dashboard Reporting???????????????????????????????????????????????????????????????????????????????????? [Seite 364]
12.2.1 - Introduction?????????????????????????????????????? [Seite 364]
12.2.2 - Traditional Risk Reporting vs. ERM Dashboard Reporting?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 368]
12.2.3 - General Dashboard Requirements?????????????????????????????????????????????????????????????????????????? [Seite 372]
12.2.4 - Implementing ERM Dashboards???????????????????????????????????????????????????????????????????? [Seite 375]
12.2.5 - Avoid Common Mistakes???????????????????????????????????????????????????????? [Seite 381]
12.2.6 - Best Practices?????????????????????????????????????????? [Seite 382]
12.2.7 - Notes???????????????????????? [Seite 385]
12.3 - Chapter 19: Feedback Loops?????????????????????????????????????????????????????????????????? [Seite 386]
12.3.1 - Introduction?????????????????????????????????????? [Seite 386]
12.3.2 - What Is a Feedback Loop??????????????????????????????????????????????????????????????? [Seite 387]
12.3.3 - Examples of Feedback Loops?????????????????????????????????????????????????????????????????? [Seite 388]
12.3.4 - ERM Performance Feedback Loop???????????????????????????????????????????????????????????????????????? [Seite 390]
12.3.5 - Measuring Success with the ERM Scorecard?????????????????????????????????????????????????????????????????????????????????????????????? [Seite 392]
12.3.6 - Notes???????????????????????? [Seite 395]
13 - Part Seven: Other ERM Resources [Seite 397]
13.1 - Chapter 20: Additional ERM Templates and Outlines???????????????????????????????????????????????????????????????????????????????????????????????????????????????? [Seite 399]
13.1.1 - Introduction?????????????????????????????????????? [Seite 399]
13.1.2 - Strategic Risk Assessment???????????????????????????????????????????????????????????????? [Seite 399]
13.1.3 - CRO Report to the Risk Committee?????????????????????????????????????????????????????????????????????????????? [Seite 400]
13.1.4 - Cybersecurity Risk Appetite and Metrics???????????????????????????????????????????????????????????????????????????????????????????? [Seite 402]
13.1.5 - Model Risk Policy???????????????????????????????????????????????? [Seite 404]
13.1.6 - Risk Escalation Policy?????????????????????????????????????????????????????????? [Seite 406]
13.1.7 - Notes???????????????????????? [Seite 409]
14 - About the Author?????????????????????????????????????????????? [Seite 410]
15 - Index???????????????????????? [Seite 411]
16 - EULA [Seite 430]
