The latest enterprise risk management news from around the world

COSO releases new guidance on taking an agile approach to enterprise risk management

Agile enterprise risk management (ERM) approaches can be a key factor in helping organizations successfully manage risks in a fast-paced business environment says new guidance from COSO.

‘Enabling Organizational Agility in an Age of Speed and Disruption’ says that organizations that are practicing agile methods may be reassessing the strategy set because their environment and context is changing so rapidly. A variety of approaches can be used to ensure that business units and agile teams consider risks says the paper, which identifies numerous ways in which the COSO ERM principles link to agile approaches.

Commissioned by COSO and authored by Dr. Paul L. Walker, Schiro/Zurich Chair in ERM and Executive Director, Center for Excellence in Enterprise Risk Management at St. John’s University, the guidance discusses the following key points:

  • The speed of change, risks, and disruption is driving organizations to rethink their vision and strategy.
  • Being agile is an extension of strategy and could also be the best strategic choice in certain environments; not being agile could be a strategic mistake.
  • Organizational leaders should regularly assess the environment in which they operate and the ability of the strategic approach to succeed in that environment.
  • Greatness includes taking risks but never blindly.
  • New normals and new business models must factor in the speed of change, risks, and disruption.
  • Agile helps manage some risks but can also lead to other risks.
  • New tools and methods are available for assessing noise, the environment, the strategy, and the business model, and linking noise to the business model.
  • Superior ERM approaches can be a huge factor in helping the organization be more successful by focusing on the right strategies and risks.
  • Gathering and understanding the noise in the market and how it impacts the business and operating model, as well as building an early warning system, is becoming critical.
  • Organizations should regularly assess ERM and revisit the purpose, mission, and alignment of ERM with the current environment, strategic approach, and business units.

Read the guidance (PDF).



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.