Assignment

Enterprise Risk Management

Part A

1. ERM is an interlinked process within the enterprise. ERM could effect on entire organization.

ERM aims to set the strategy and views the risk at every level of the enterprise as a whole.

ERM identifies potential risks which could harm the organization to manage and avoid the

risks. Furthermore, it could guarantee the top management to attain the entity’s objectives

which negatively influenced by potential risks.[CITATION ERM \l 1033 ]

Based on the operations and management of an entity, the eight integrated elements of ERM

are developed. ERM requires not only to understand the structure of an organization

internally but also to identify the risk. Thus, these risks can be mitigated.

The COSO ERM framework provides a simple purpose to guide for implementing of REM.

ERM aims to achieve the objectives of an entity with the support of eight integrated

elements.

The eight integrated elements could be viewed as followings;

1. Internal Environment, establishes the risk culture of the entity for the consideration of

potential aspects of entity’s actions which could lead to its risks.

2. Objective Setting, applies the top management for setting its mission by establishing its

risk appetite and tolerance.

3. Event Identification, analyses the list of potential events that affect to attain the objectives

of the organization.

4. Risk Assessment, determines the threat to the organization.

5. Risk Response, are the possible responses to identified risks.

6. Control Activities, are designed to measure the identified risk.

 7. Information and Communication, ensures the right Information to be provided to right

people at the time needed.

8. Monitoring- ensures the control activities as designed, and takes corrective action if

needed.

Therefore, the four categories of objectives is formed the framework of ERM by those

elements. The objectives also linked with the strategic, operations, reporting, and compliance

objectives. [CITATION ERM \l 1033 ] Based on the framework, the management of organizations

examine their portfolio of risks, consider the interrelation of individual risks, and develops an

appropriate risk mitigation approach in line with their long term strategy.

Establishing ERM could determine a risk philosophy, survey risk culture, consider

organizational integrity and ethical values and decide roles and responsibilities.

2. Introduction

In this assignment, a summary of ERM’s concept and the role of Board of Directors and

findings will be also discussed.

Summary of ERM’s Concept

Among the thousands of risk management method, ERM approaches to business risks. ERM

consists of different types of risks such as hazard, financial, operation etc. Hazard risks are

mentioned as fire, liability, business etc. Financial risks refers to potential losses of ups and

downs in financial markets such as liquidity risks and credit risks etc.

Operational risks refers to failure of production, trademark protection etc. Customer

preference, and project completion are included in Strategic risks. ERM considers for these

kind of risks, thus, the COSO (2004) ERM framework was established to examine the Level

of ERM Adoption.
Board of Directors’ Quality

Board size could be seen as two ways which are the directors’ influence on board functioning

and performance of organization. Then, researchers conducted the study on board of directors

who are mostly decision makers by providing group literature and workgroup for

effectiveness of work. There could be effects of board size on board performance. Larger

boards mostly tend to have more problems dealing with low levels of directors’ enthusiastic

participation.

Board is responsible to support of good governance and ERM. Therefore, Boards should

have a positive and productive meeting in which information is key. The quality of the

discussions is also crucial to be an effective board meeting. The characteristic of BOD must

be strong, however discussion should be in a positive climate. The quality of board of

directors’ characteristics towards ERM is measured in this assignment by examining three

quality elements[ CITATION Lev04 \l 1033 ] (1) boards’ structure, (2) boards’ composition and

(3) boards meetings.

Findings

The binary logistic regression model signifies the quality of board of directors influences on

ERM adoption. Then, stepwise logistic regression resulted the board of director is interrelated

with the ERM implementation. Thus, the constructive relationship between quality of board

of directors and level of ERM adoption could be seen. It shows that companies are likely to

implement the effective ERM by having quality board of directors.

Consequently, the implementation of ERM demonstrates the commitment and awareness and

supportive of director that prevents the failure of company’s operation.

Conclusion

In conclusion, the role of quality board of directors and their influence on ERM adoption

could be seen in this assignment. The companies and organizations which would like to adopt

the ERM could be analyze and monitor the potential risks of complex business and consider

how to avoid the analyzed risks and uncertainties with the strong support and effective

management of board of directors.

Part B

1. Introduction

Carrying 239 people, MH370 took off from Kuala Lumpur to Beijing on 8 March and along

its way, apparently disappeared changing from the flight plan and crossing the Indian Ocean.

That tragic event highlights the importance for enterprise risk management plans. Based on

that, the business continuity risks, the problem statement and findings will be thoroughly

discussed.

AS/NZS 4360:2004 Risk Management Process

Risk management AS/NZS 4360:2004 has been introduced as a revision of AS/NZS which is

intended to support organizations to manage the risk. It provides a framework to identify,

analyze, evaluate and monitor the risk. [CITATION ASN \l 1033 ] It emphasizes on the

improvement of organizational performance through the integrated risk management system.

This research used qualitative method to achieve the objectives.

To ensure all significant risks, it is necessary to know the objectives of the organization

within which risks are to be managed. Then, the objectives must be harmonized with the

stakeholders’ interests. The analysis of stakeholder’ concerns is also a vital role to manage

the inevitable conflicts called risks.

Problem Statement

Organization performance or reputation of a company is very important and mostly related to

risk management because if the risk management does not apply to a company, it is can be

the big issues with the company to manage the business performance and reputation when the

company in problem. AS/NZS 4360:2004 is defined to analyze the perspective on how it has

been done, how to manage it and how the flow for improvement of business performance

through the integrated risk management system.

The airline industry is important for travel to another destination or place and it must make

sure the safety of flight after the flight landed. In all industries have a problem, in airline

industry any accident will effects on their business performance, financial, and reputation of

the company. The missing of MH370 effected the company’s financial (loss of profit), the

reputation, business performance, satisfaction and confident level of customer when travel

with Malaysian Airline Systems.

If Malaysian Airlines had applied risk management, they must have a backup way for their

Flight. However, Malaysia Airline’s ‘plan B’ in risk management are still in questions.

Risk Management

Risk Management is important in the Airlines Industry to make sure all the accident like to

happen on MH370 will not happen again. Risk management must have in all organizations

for safety in the workplace and all the decision has a backup plan.

Risk management process aims to achieve an optimal between the probability of zero and

one, gain and minimizing and loss. To implement the successful risk management, the impact

of threats exploiting vulnerabilities needs to be ensured.

Enterprise Risk Management

The value of ERM in managing with the dynamic business environment within the various

internal and external uncertainties translated by the significant improvement in the firm

performance. ERM is able to avoid the risk by increasing value of all stakeholders. Thus,

implementing ERM is a strategic decision to maintain the sustainability of the organizations.

Findings

The consequences risks of missing MH370 continues its effect on organizations.

Consequently, the tourists from China mostly cancelled their travel because of the MH370

event. As a result, the reputation of airline has been damaged, and then the world is watching

even the small incident events.

 The major organization learned the lessons from flight MH370 which highlights the

requirement to implement crisis management plans in place. The well prepared organizations

could hope to survive from such kind of events to avoid the damage of their reputations.

Therefore, the risk management is very crucial for organization to present well performance

in an environment full of uncertainty.

The breakdown of Malaysian Airlines Systems has shown the failure of risk management. To

achieve an organization’s objectives, there has to implement the risk management by

analyzing all potential risks.

The advantages of the implementing the standard risk management creates the value of an

organization. By integrating all processes, it supports the top management. It is

systematically tailored by utilizing best available information. By being transparent and

dynamic, it encourages the continuous improvement of the organization. Thus, ERM

implementation could benefits in competitive advantage for organization.

Conclusion

Every business decision is mixed with the opportunity and danger. An organization has to

make sure to meet its objective and the plan that intentionally to understand and reduce

effects, in case have an accident. Actually risk management in the organization can make

sure level of safety to be good.

References

Berghe, L. a. (2004).

Enterprise Risk Management. (n.d.). Retrieved from www.ucop.edu:

https://www.ucop.edu/enterprise-risk-management/procedures/what-is-erm.html

ERM integrated framework. (n.d.)

Risk management. (n.d.). Retrieved from www.preventionweb.net:

https://www.preventionweb.net/publications/view/4143