Risk is a double edge sword as it can stagnate growth and potentially lead to the demise of a company, it can equally also initiate growth and create value for a company.
Enterprise-Wide Risk Management is the overall management of risk that an organisation undertakes accepts and manages in order to achieve its strategic goals. It is the sum of the various risks the organisation takes in the various categories and focuses on optimizing the balance and interaction of the different types of risks.
Risk Management is therefore the responsibility of everyone within the organisation from the board of directors to the lowest level employee. With collective effort risk management objectives can be achieved.
The ISO 31000: Risk Management Framework and the Committee of Sponsoring Organisations (COSO) Enterprise Risk Management frameworks aid in establishing a credible risk management strategy and methodology in order to ensure reasonable risk, identification, assessment, and mitigation.
SBP offers services relating to the assessment or compiling of the enterprise risk management framework, performing an enterprise business level or emerging risk assessment, reviewing the coordination between risk and compliance functions, designing and reviewing risk treatment plans and supporting risk management components.