Word of the Day: enterprise risk management (ERM)

Word of the Day Daily updates on the latest technology terms |April 13, 2018

enterprise risk management (ERM) Enterprise risk management (ERM) is the process of planning, organizing, leading, and controlling the activities of an organization in order to minimize the effects of risk on an organization's capital and earnings. Enterprise risk management includes financial, strategic and operational risks, in addition to risks associated with accidental losses. In recent years, external factors have fueled a heightened interest by organizations in ERM. Industry and government regulatory bodies, as well as investors, have begun to scrutinize companies' risk-management policies and procedures and in an increasing number of industries, boards of directors are required to review and report on the adequacy of risk-management processes in the organizations they administer. Organizations can benefit by shifting the corporate culture from one that focuses on meeting IT compliance obligations to one that targets overall risk reduction. Visibility into the overall security posture of the organization is the cornerstone to establishing this new dialogue.   Reducing enterprise risk and developing a common risk management language requires an organization to:   Define scope - identify and prioritize critical business processes and their related risks.   Map risk - determine which threats could jeopardize business objectives or critical strategy and set controls to offset these risks.   Develop an action plan - create a risk treatment plan to identify unacceptable risks and resolve risk gaps.   Automate - use AI technologies to automate inefficient and ineffective manual processes.   Treat, measure and monitor - establish metrics to identify key control deficiencies and evaluate how the enterprise risk management program is progressing, how it varies from policy and the number of risk incidents. Quote of the Day "Risk almost always has two sides. The risk of doing something is often counterbalanced by the risk of not doing it." - Johna Till Johnson   Trending Terms business activity monitoring risk profile risk map risk management enterprise security governance chief risk officer risk assessment framework   Learning Center How cybersecurity risk fits into enterprise risk management Minimize cybersecurity risk by using an ERM framework as a guide, but supplement it with a range of strategies, including insurance and a strategic acceptance of some risk. What are the best risk assessment frameworks? Risk assessment frameworks are an important part of an organization's security program. Expert Mike O. Villegas discusses the best framework options. What's the best risk analysis method for enterprises? Enterprises looking for a risk analysis method have a lot of choices. Here are some of the top risk analysis methodologies in the industry. Information security risk management: Understanding the components Expert Peter Sullivan outlines the components of an information security risk management plan and why it's important for enterprises. What are the benefits of a risk-based framework for security? A risk-based framework can help enterprises effectively manage their cybersecurity program and provides many advantages. Writing for Business The security of clients' personal information is of _______ importance. A. upmost B. utmost Answer   Stay In Touch For feedback about any of our definitions or to suggest a new definition, please contact me at: mrouse@techtarget.com   Visit the Word of the Day Archives and catch up on what you've missed!   FOLLOW US About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.