Risk management model
Under traditional risk management models, the process is fragmented, risk is viewed as a negative, something to be avoided, reactive and ad hoc behavior is accepted, and the risk management activity is transaction oriented (or cost based), narrowly focused and functionally-driven.
Under ERM, as defined by COSO, the process is integrated, risk is also viewed as a positive recognizing that successful companies must take on risks when seizing opportunities, proactive behavior is expected, and the risk management activity is strategic (or value-based), broadly focused and process-driven.
The traditional model is focused on managing uncertainties around physical and financial assets. ERM is focused on the enterprise’s entire asset portfolio, including its intangible assets such as its customer assets, its employee and supplier assets, and such organizational assets as its differentiating strategies, distinctive brands, innovative processes and proprietary systems.
Very few companies have implemented a truly enterprisewide approach in all aspects of the business. Companies at the early stages of developing their ERM infrastructure often lay a foundation with a common language, a risk management oversight structure and an enterprisewide risk assessment process.
A few companies have evolved toward more advanced stages, such as institutions in the financial services industry managing market and credit risks.
Some companies apply ERM in specific units, such as in a trading unit’s management of commodity price risk on an enterprise wide basis.
Traditional risk management model compare differently with ERM