Advertisement

Setting up Enterprise Risk Governance

  • Stefan HunzikerEmail author
Chapter

Abstract

So far, we have discussed the relevance of ERM, the challenges with cognitive and motivational biases and how the ERM process can add value to the company. This chapter covers relevant topics for setting up a adequate risk governance within the company. An sound enterprise risk governance serves as an important basis for implementing an effective ERM process. It addresses external factors influencing the set-up of ERM as corporate governance codes, ERM frameworks, norms and legal requirements. Additionally, internal aspects may play a major role on the effectiveness of ERM such as the corporate risk culture and the definition of roles and responsibilities.

References

  1. ABB (2015). Risikopolitik. Januar 2015. http://new.abb.com/ch/ueber-uns/nachhaltigkeit/unternehmenspolitik/risikopolitik. Accessed 1 September 2015.
  2. Adamson, C. (2013). The importance of culture in driving behaviours of firms and how the FCA will assess this. Financial Conduct Authority Speech at the CFA Society, April 2013. https://www.fca.org.uk/news/speeches/importance-culture-driving-behaviours-firms-and-how-fca-will-assess. Accessed 25 Januar 2019.
  3. AktG—Aktiengesetz vom 6. September 1965 (BGBl. I S. 1089), das zuletzt durch Artikel 9 des Gesetzes vom 17. Juli 2017 (BGBl. I S. 2446) geändert worden ist.Google Scholar
  4. Andersen, T. J., & Winther Schrøder, P. (2010). Strategic risk management practice. How to deal effectively with major corporate exposures. Cambridge: Cambridge University Press.Google Scholar
  5. Blanco, C., Hinrichs, J., & Mark, R. (2014). Creating a risk culture framework. Energy Risk, Jul/Aug, 29–32.Google Scholar
  6. CO—Bundesgesetz betreffend die Ergänzung des Schweizerischen Zivilgesetzbuches (Fünfter Teil: Obligationenrecht) vom 30. März 1911 (Stand am 1. April 2017).Google Scholar
  7. Committee of Sponsoring Organizations of the Treadway Commission (COSO) (2019). Welcome to COSO. https://www.coso.org/Pages/default.aspx. Accessed 18 December 2018.
  8. Committee of Sponsoring Organizations of the Treadway Commission (COSO) (2017). Enterprise Risk Management—Integrating with Strategy and Performance. Jersey City, NJ: AICPA.Google Scholar
  9. Crossan, M. M., Mazutis, D., Seijts, G. H., & Gandz, J. (2013). Developing leadership character in business programs. Academy of Management Learning & Education, 12 (2), 265–284.Google Scholar
  10. Davidson, O., Mackenzie, P., Wilkinson, M., & Asselin-Miller, R. (2012). The Need to Build a Strong Risk Culture is Growing Culture. Effective Diagnostics Support a Positive. https://www.towerswatson.com/en-GB/Insights/Newsletters/Global/emphasis/2012/The-Need-to-Build-a-Strong-Risk-Culture-Is-Growing. Accessed 18 December 2018.
  11. DCGK (2017). German Corporate Governance Code. https://www.dcgk.de//files/dcgk/usercontent/en/download/code/170214_Code.pdf. Accessed 28 November 2018.
  12. DeLoach, J. (2015). The Importance of Risk Culture. http://www.corporatecomplianceinsights.com/the-importance-of-risk-culture/. Accessed 18 December 2018.
  13. Deloitte (2012). Cultivating a Risk Intelligent Culture. Understand, measure, strengthen, and report. Luxembourg. https://www2.deloitte.com/content/dam/Deloitte/lu/Documents/risk/lu_en_wp_riskintelligentculture_01082012.pdf. Accessed 18 December 2018.
  14. Diederichs, M. (2013). Risikomanagement und Risikocontrolling (3rd Ed.). München: Vahlen.Google Scholar
  15. Ernst & Young (2015). Risk culture. How can you create a sound risk culture? http://www.ey.com/Publication/vwLUAssets/Risk_culture_-_How_can_you_create_a_sound_risk_culture/$FILE/EY-risk-culture-model-brochure.pdf. 5 February 2018.
  16. Exner-Merkelt, K., Denk, R., & Ruthner, R. (2012). Corporate Risk Management: Unternehmensweites Risikomanagement als Führungsaufgabe. Linde Verlag GmbH.Google Scholar
  17. Fox, C. (2018). Understanding the New ISO and COSO Updates. http://www.rmmagazine.com/2018/06/01/understanding-the-new-iso-and-coso-updates/. Accessed 28 November 2018.
  18. Fraser, J. R. S., & Simkins, B. J. (2016). The challenges of and solutions for implementing enterprise risk management. Business Horizons, 59 (6), 689–698.  https://doi.org/10.1016/j.bushor.2016.06.007CrossRefGoogle Scholar
  19. Frick, N., Küttner, T. F., & Schuber, P. (2013). Assessment Methodology for a Maturity Model for Interorganisational Systems—The Search for an Assessment Procedure. 46th Hawaii International Conference on System Sciences.Google Scholar
  20. Gleißner, W. (2008). Grundlagen des Risikomanagements im Unternehmen. München: Vahlen.Google Scholar
  21. GmbHG—Gesetz betreffend die Gesellschaften mit beschränkter Haftung in der im Bundesgesetzblatt Teil III, Gliederungsnummer 4123–1, veröffentlichten bereinigten Fassung, das zuletzt durch Artikel 10 des Gesetzes vom 17. Juli 2017 (BGBl. I S. 2446) geändert worden ist.Google Scholar
  22. Guiso, L., Sapienza, P., & Zingales, L. (2015). The value of corporate culture. Journal of Financial Economics, 117 (1), 60–76.  https://doi.org/10.1016/j.jfineco.2014.05.010CrossRefGoogle Scholar
  23. Hartmann, W., & Romeike, F. (2015) Business Judgement Rule—Maßstab für die Prüfung von Pflichtverletzungen. Zeitschrift für das gesamte Kreditwesen, 68 (5), 227–230.Google Scholar
  24. Heidbrink, M., Jenewein, W., & Tannert, W. (2014). Unternehmenskultur als Differenzierungsfaktor. Wie Unternehmen ihre Mitarbeiter zu Fans machen. Zeitschrift Führung + Organisation, 83 (1), 10–15.Google Scholar
  25. Hopkin, P. (2017). Fundamentals of risk management. Understanding, evaluating and implementing effective risk management (4th Ed.). London: Kogan Page.Google Scholar
  26. Hunziker, S., & Meissner, J. O. (2017). Risikomanagement in 10 Schritten. Wiesbaden: Springer Gabler.Google Scholar
  27. Hunziker, S., Balmer, P., & Schellenberg C. (2016). Enterprise Risk Management Studie zum Risikomanagement in Schweizer Unternehmen. Zug: SwissERM und IFZ—Hochschule Luzern.Google Scholar
  28. Hunziker, S., Fallegger, M., & Balmer, P. (2017). Risikokultur in KMU fördern. MQ Management und Qualität, 46 (5), 22–23.Google Scholar
  29. Huwyler, H. (2016). Comparing the ISO 31000 and the proposed COSO ERM. https://www.linkedin.com/pulse/comparing-iso-31000-proposed-coso-erm-hernan-huwyler-mba-cpa. Accessed 24 January 2019.
  30. IRGC (2018). What is Risk Governance? https://irgc.org/risk-governance/what-is-risk-governance/. Accessed 17 December 2018.
  31. Institute of Risk Management (IRM) (2018). Risk management standards. https://www.theirm.org/knowledge-and-resources/risk-management-standards/. Accessed 11 December 2018.
  32. Institute of Risk Management (IRM) (2012). Risk Culture. Resources for Practitioners. https://www.iia.org.uk/media/329076/irm_risk_culture_-_resources_for_practitioners.pdf. Accessed 12 December 2018.
  33. ISO (2018a). ISO 31000:2018—Risk management Guidelines. ISO, Geneva, Switzerland.Google Scholar
  34. ISO (2018b). Risk management Guidelines. Online Browsing Platform (OBP). https://www.iso.org/obp/ui#iso:std:iso:31000:ed-2:v1:en. Accessed 24 January 2019.
  35. KonTraG—Gesetz zur Kontrolle und Transparenz im Unternehmensbereich v. 5.2.1998 (Bundestagsdrucksache 13/10038), Bundesgesetzblatt Nr. 24/1998.Google Scholar
  36. Lam, J. (2017). Implementing Enterprise Risk Management. From Methods to Applications. New Jersey: John Wiley & Sons.Google Scholar
  37. Levy, C., Lamarre, E., & Twining, J. (2010). Taking control of organisational risk culture. McKinsey Working Papers on Risk.Google Scholar
  38. Merna, T., Al-Thani, F. F. (2005). Corporate Risk Management: An Organisational Perspective. John Wiley & Sons.Google Scholar
  39. Montagne, E., Thomik, M., Derungs, M., & Lang, M. (2015). Intelligente Gruppenentscheidungen im Risikomanagement. Risiko Manager, 20, 25–30.Google Scholar
  40. Müller, M. (2018). Risk Culture at Roche » Development of a Risk Culture Measurement Framework. Master Thesis, Lucerne University of Applied Sciences and Arts.Google Scholar
  41. OECD (2014). Risk Management and Corporate Governance. Corporate Governance, OECD Publishing. http://dx.doi.org/10.1787/9789264208636-en
  42. Pan, Y., Siegel, S., & Wang, T. Y. (2017). Corporate Risk Culture. Journal of Financial and Quantitative Analysis, 52 (6), 2327–2367.  https://doi.org/10.1017/s0022109017000771CrossRefGoogle Scholar
  43. Ring, P. J., Bryce, C., McKinney, R., & Webb, R. (2015). Taking notice of risk culture—the regulator’s approach. Journal of Risk Research, 19 (3), 364–387.  https://doi.org/10.1080/13669877.2014.983944CrossRefGoogle Scholar
  44. Risk Spotlight (2015). Similarities and differences between COSO ERM & ISO 31000. http://riskspotlight.com/coso-iso31000. Accessed 28 November 2018.
  45. Romeike, F. (2018). Risikomanagement. Wiesbaden: Springer Gabler.Google Scholar
  46. Romeike, F., & Hager, F. (2013). Erfolgsfaktor Risikomanagement 3.0: Lessons learned, Methoden, Checklisten und Implementierung (3rd Ed.). Wiesbaden: Springer.Google Scholar
  47. Rüegg-Stürm, J., & Grand, S. (2017). Das St. Galler Management-Modell. Wissenschaftliche Grundlagen und Praxisbeispiele. Bern: Haupt Verlag.Google Scholar
  48. SCBPCG (2016). Swiss code of best practice for corporate governance. Economiesuisse, Verband der Schweizer Unternehmen. https://www.economiesuisse.ch/sites/default/files/publications/economiesuisse_swisscode_e_web.pdf. Accessed 28 November 2018.
  49. Schein, E. H. (2010). Organizational Culture and Leadership. San Francisco: Jossey-Bass.Google Scholar
  50. Segal, S. (2011). Corporate Value of Enterprise Risk Management: The Next Step in Business Management. New Jersey: John Wiley & Sons, Inc.Google Scholar
  51. Sheedy, E. A., & Griffin, B. (2018). Risk Governance, Structures, Culture, and Behavior: A View from the Inside. Corporate Governance: An International Review, 26 (1), 4–22.Google Scholar
  52. Smith, M., & Kagan, D. (2012). The Risk Culture Survey (RCS) from PricewaterhouseCoopers (PWC). https://www.pwc.com/us/en/risk-culture/assets/pwc-rcs-2012-brochure.pdf. Accessed 5 February 2018.
  53. Swiss Federal Finance Administration (2004). Risiko- und Versicherungspolitik. https://www.efv.admin.ch/efv/de/home/themen/finanzpolitik_grundlagen/risiko_versicherungspolitik.html. Accessed 24 January 2019.
  54. Taylor, C. (2007). Is Managing Risk Culture a Part of ERM? The RMA Journal, 89 (5), 12–13.Google Scholar
  55. Tomhave, B. (2015). The Strengths & Limitations of Risk Management Standards. https://www.slideshare.net/tomhave/tog-baltimorejuly2015. Accessed 22 January 2019.
  56. Tranchard, S. (2018). The new ISO 31000 keeps risk management simple. https://www.iso.org/news/ref2263.html. Accessed 28 November 2018.
  57. Vazquez, R. (2014). Five steps to a risk-savvy culture. Risk Management, 61 (9), 10–11.Google Scholar
  58. von Werder, A. (2015). Führungsorganisation—Grundlagen der Corporate Governance, Spitzen- und Leitungsorganisation (3rd Ed.) Wiesbaden: Springer Gabler.Google Scholar
  59. Wehrhahn, D.-D. (2013). Risk Management. Hamburg: Bachelor & Master Publishing.Google Scholar
  60. Wendler, R. (2012). The maturity of maturity model research: A systematic mapping study. Journal Information and Software Technology, 54 (12), 1317–1339.CrossRefGoogle Scholar
  61. Wien, A., & Franzke, N. (2014). Unternehmenskultur. Zielorientierte Unternehmensethik als entscheidender Erfolgsfaktor. Wiesbaden: Springer Gabler.Google Scholar
  62. Wimmer, R., Meissner, J. O., & Wolf, P. (2014). Praktische Organisationswissenschaft: Lehrbuch für Studium und Beruf. Heidelberg: Carl-Auer Systeme.Google Scholar
  63. Winter, P. (2008). Risikomanagementstandards. Positionierung der ONR 4900x:2008 im weltweiten Vergleich. Netzwerk Risikomanagement Jahrestagung.Google Scholar

Copyright information

© Springer Fachmedien Wiesbaden GmbH, part of Springer Nature 2019

Authors and Affiliations

  1. 1.RotkreuzSwitzerland

Personalised recommendations