Enterprise and Supply Risk Management

  • Michael Henke
Part of the International Series in Operations Research & Management Science book series (ISOR, volume 124)

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) introduced the “Enterprise Risk Management (ERM) Framework” in 2004. COSO is an independent private sector initiative that is dedicated to improving the quality of financial reporting through business ethics, effective internal controls, and corporate governance. Since the publishing of the COSO report in 1992, its recommendations have become a guideline for the evaluation of internal control systems. During the past decade several companies such as Worldcom, Enron, and Parmalat have experienced significant financial breakdowns. In response, COSO codified the close relationship between monitoring and risk management and further developed the COSO report with the ERM framework. The reliability of reporting was therefore expanded from merely financial reporting to all internal and external company reports in order to improve monitoring. “Business reporting” thus replaces “financial reporting” to better supply shareholders and stakeholders with the information they need. This strategic orientation has been added to the framework as a target category (first dimension of the ERM model, please see Fig. 11.1). Furthermore, the framework now includes the necessary components for risk management (second dimension of the ERM model). As a result, the ERM model brings together the topics of both monitoring and risk management systems.

The purpose of this chapter is to introduce and describe the development of an ERM-compliant Supply Risk Management approach and how the respective processes can help companies better manage supply (chain) risks. This is also intended to help answer the question if ERM is a good point to start the further development of an integrated and process-oriented Supply Risk Management approach.


Risk Management Corporate Governance Internal Audit Supply Management External Auditor 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Büschemann, K.-H., 2005. Eine Dieselpumpe bringt Autohersteller in Verlegenheit.Google Scholar
  2. Zulieferer Bosch auf Fehlersuche/Kosten bei BMW etwa 20 Millionen Euro/ “Individuelle Werkstatt-Termine” bei Mercedes. Süddeutsche Zeitung from February 4, 2005, 19.Google Scholar
  3. Ebers, M., Gotsch, W., 2002. 7. Instiutionenökonomische Theorien der Organisation. In: Kieser, A. (Ed.), Organisationstheorien. 5th Edition. Stuttgart, 199-251.Google Scholar
  4. Eichler, H., Bungartz, O., 2004. Enterprise Risk Management—aktuelle Entwicklungen im Bereich unternehmensinterner Risiko- und Überwachungssysteme. Zeitschrift Interne Revision 39 (3), 108-114.Google Scholar
  5. Henke, M., Jahns, Chr., 2005. The Importance of Supplier Performance Measurement and Key Performance Indicators (KPIs) for the Systematic Management of Supply Risks. In: Proceedings. 16th Annual North American Research Symposium on Purchasing and Supply Management. Tempe, Arizona. March 17-19, 2005, 219-239.Google Scholar
  6. Hermanson, H. M., 2003. COSO: More relevant than ever. Internal Auditing 18 (4), 3-6.Google Scholar
  7. Institut der Wirtschaftsprüfer in Deutschland e.V. (IDW), 2004. Comment Letter on the Enterprise Risk Management Framework. IDW-Fachnachrichten, 49-60.Google Scholar
  8. Jahns, C., 2005. Supply Controlling. Diskussionen über den Zustand einer Disziplin. Controlling 17 (6), 349-358.Google Scholar
  9. Labbé, M., Langen, D., 2004. General Management: Eine prozessorientierte Perspektive. Der Betrieb, 720-723.Google Scholar
  10. Lück, W., 1998. Controlling. Ergebnisse einer empirischen Untersuchung zum Controlling in der Brauwirtschaft. Krefeld.Google Scholar
  11. Lück, W., Henke, M., 2003. Risiko-Controlling in Wachstumsunternehmen. In: Achleitner, A.-K., Bassen, A. (Ed.), Controlling von jungen Unternehmen. Stuttgart, 281-298.Google Scholar
  12. Matzenbacher, J., 2003. Risikominimierung bei der Beschaffung von Maschinen und Neuanlagen. In: Biedermann, H. (Ed.), Risikominimierung im Anlagenmanagement— Risiken beim Planen, Errichten und Betreiben von Anlagen. 17. Instandhaltungs-Forum. Reihe Praxiswissen für Ingenieure—Instandhaltung. Köln, 105-122.Google Scholar
  13. The Committee of Sponsoring Organizations of the Treadway Commission, 2004. Enterprise Risk Management—Integrated Framework. Jersey City.Google Scholar
  14. The Institute of Internal Auditors, 2004. Standards for the Professional Practice of Internal Auditing. Performance Standard 2110—Risk Management. Altamonte Springs. Effective January 1, 2004.Google Scholar
  15. Wildemann, H., 2006. Risikomanagement und Rating. München.Google Scholar
  16. Zsidisin, G. A., Ragatz, G. L., Melnyk, S. A., 2005. The DARK SIDE of Supply Chain Management. Supply Chain Management Review 9 (2), 46-52.Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2009

Authors and Affiliations

  • Michael Henke
    • 1
    • 2
  1. 1.European Business School (EBS)International University Schloss ReichartshausenOestrich-Winkel
  2. 2.Supply Management Institute SMI™WiesbadenGermany

Personalised recommendations