Chapter 10




               2.2  Enterprise risk management (ERM)

                             'A process, effected by an entity’s board of directors, management and
                             other personnel, applied in strategy setting and across the enterprise,
                             designed to identify potential events that may affect the entity, and
                             manage risk to be within its risk appetite, to provide reasonable
                             assurance regarding the achievement of entity objectives'. (COSO
                             2003)


               2.3  Principles of (ERM)


                    risk management in the context of business strategy

                    risk management is everyone’s responsibility, with the tone set from the top

                    the creation of a risk aware culture

                    a comprehensive and holistic approach to risk management


                    consideration of a broad range of risks (strategic, financial, operational and
                     compliance)

                    a focused risk management strategy, led by the board (embedding risk within an
                     organisation's culture).










































               122