Enterprise Risk Management Comprehensive Framework
Introduction

ERM is a comprehensive and structured approach to the management of the range of risks and opportunities facing the organization. Its focus is on all types of risks threatening the organization 's objectives and their interactions among risk categories. ERM encompasses risks affecting various aspects of the organization, including strategy, operations, finance, legal, environment, human resources, information technology, and reputation.

Organizations’ staffs take actions and make decisions daily that could have a beneficial or detrimental effect on the profits and business’s longevity and future, and the organizations must have a protocol in place for identifying and mitigating all major business risks long before it is needed.

According to the surveys by AICPA and CIMA, the majority of the respondents perceive their risk oversight processes to be immature, and noted that board of directors and the audit committee are asking for increased senior executive involvement in risk oversight.
http://www.aicpa.org/InterestAreas/BusinessIndustryAndGovernment/Resources/ERM/DownloadableDocuments/Enterprise%20Risk%20v3.pdf

ERM Comprehensive Framework offers a thoughtful, disciplined approach toward risk management and helps organizations acknowledge the current ERM position, analyze and manage manage the multitude of risks facing the operational and financial standing of organization, and build value by taking risks wisely.