ERM

Enterprise Risk Management

Enterprise Risk Management

Introduction

Concern for risk management is increasing in recent years. A series of high-profile business scandals and failures in United States and other countries around the globe prompted a need for a robust framework to effectively identify, access and manage risks. In 2001, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) initiated a project, and engaged PriceWaterhouseCoopers (PWC) to develop a framework which can be used by the management of companies to evaluate their risk management function.

Company Background

Monsanto is an American Company that has operations in different countries all over the world. Monsanto core business is the production of Herbicides and Seeds. As a multinational company Monsanto has the challenge of complying not only with the Corporative requirements but also with each of the country where it has operations legal ones. The risk management program developed by Monsanto in Latin America took the best and more restrictive practices from the Brazilian, Argentinean and the American Legislation and Monsanto's Corporative requirements in order to develop a risk management system for the agrochemical and seeds manufacturing operations with the Goal of creating and sustaining an injury free workplace and the freedom to operate.

Risk Analysis: development of a consistent methodology aimed to identify, assess and register the process risks and its severity, as well as the environmental aspects, impacts and risks associated to operational tasks. The system also persuades the people to look for alternative ways of conducting operations to reduce the risk level.

Risk Models

Many models have been developed in recent years to address the need of a more effective risk management; most of them typically used an iterative approach to risk management problems. The major phases in the risk management processes are:

Context analysis, which involves understanding, the domain of interest and the environments, identifying various stakeholders, establishing the basis upon which risks will be analyzed, and planning the remainder of risk management processes;

Risk identification: identifying and listing the threats, hazards, problems, and other negative issues that may affect the system;

Qualitative risk analysis: documenting the characteristics of the risks, analyzing their effects on the system, and understanding their relationships;

Quantitative risk assessment: estimating the probability of occurrence of the risks, and numerically assessing their impact on the system;

Risk response: planning and developing options and actions to prevent or reduce the negative impact of risks on the system, and enhance their positive impacts. These factors are analyzed in a qualitative manner and put together to comprise risk taxonomy (Morris & Gregory, 2008). (Chapman, Ward, et al., 2003).

Although there are several ways to classify risk, the most common classifications divided between the commercial risks and insurable risks. Business risks create opportunities for profits or losses. For example, the decision as to develop and manufacture a new product not yet a recognized market creates an opportunity to profit or loss. Insurable risks, also called pure risks, generate only losses. For example, if a member of the project team is injured while working, this is considered an insurable ...