Executives are under relentless pressure to identify the various risks facing their organisations. They need to understand how these risks influence commercial decisions and the formulation of business strategy.
KPMG's Enterprise Risk Management (ERM) methodology takes a structured, holistic approach to managing the uncertainties that businesses face. It relies on the creation of robust internal mechanisms for gathering, analysing, monitoring and understanding the relevant information.
How KPMG member firms can help
Our professionals can help organizations implement sustainable ERM systems, as they pursue more profitable and competitive operations, drawing on their extensive experience working with boards of directors and management teams.
Our industry-specific ERM capabilities apply to all financial and non-financial sectors and include: enterprise risk assessments; an evaluation of the current state of risk management practices; the development of a practical road map to achieve the desired risk management end-state; knowledge transfer; and training.
Technical Approach and Methodology
Ours is a holistic approach to managing risk – our ERM methodology is designed to help organisations enhance value through an entity-wide approach to the identification, optimisation and management of the enterprise’s risk.
The seven domains of our framework help management to use ERM to empower strategy, performance and governance through:
- Creating a sustainable program, tailored to our clients’ existing culture, to proactively manage risk in a manner that protects against surprises, stabilises performance, and helps enable management to operate within the organisation’s risk appetite.
- Identifying opportunities to improve performance, allowing our clients to take maximum advantage of risk opportunities by using an approach that focuses on managing risk and improving performance.
- Improving decision making based on the enterprise’s risk profile, considering cost and benefit, as well as improving resource allocation.
Our ERM program:
The seven domains of our framework are each flexible to accommodate varying degrees of a client's ERm program which include:
- Risk Strategy and Risk Appetite (linkage to corporate strategy, risk strategy and risk appetite and tolerance)
- Risk Governance (can include policies, manuals and charters, board oversight and committee, company risk operating structure and guidance)
- Risk Assessment & Measurement (fundamental program development, industry aligned as needed, quantification and aggregation includes: measurement, analysis and consolidation of risks; can also include comparisons to better practices and rating agency perspectives)
- Risk Management and Monitoring (includes risk mitigation response and action plans, testing, validation, monitoring)
- Risk Reporting and Insights (includes risk reporting, business or operational requirements, board and senior management requirements)
- Risk Culture (gaining knowledge and understanding of risk culture, stakeholder buy-in, belief and commitment)
- Data and Technology (focus on data quality and governance, used for risk analysis and technology enablement)
Global experience in ERM
KKPMG’s Global network has assisted in designing, implementing and advancing ERM programs at hundreds of clients, including government, multinational agencies, financial services, and industrial market organisations. We have invested heavily in the development of our ERM methodology and framework, and this investment has paid off for our clients in terms of efficient and effective delivery, standardised tools, and an on-going base of experience which helps our continual improvement efforts in this space. KPMG brings its large breadth of knowledge and practical ERM experience to help in any aspect of its ERM program including, training, design and implementation. We believe the strength of our global ERM methodology and consistency of application, combined with a collaborative delivery team can help facilitate in meeting our clients ERM program objectives.
Fundamental to KPMG’s approach is a focus on industries which allows efficient delivery of services to our clients. At KPMG, we understand each industry has its own issues, opportunities and special challenges. Our industry-focused structure means we are continually refining our understanding of emerging issues, leading practices, and developing trends, and can provide well-informed and practical advice to our clients. We have been dedicated to leading these efforts, as well as ongoing product development and training.
KPMG is one of the strongest professional services providers to entities in the government sector – our significant experience as external auditors, internal auditors, tax advisors, as well as providers of specific ERM services, accounting advisory and regulatory compliance assist services in this sector has provided us with strong credentials in the region, and around the world.
Our professionals have access to, and utilises, a larger sphere of subject matter professionals within KPMG in such speciality areas as, enterprise risk management, regulatory compliance, forensic auditing, financial reporting processes and controls, treasury, procurement, and third-party attestation.
We have, and continue to make significant investments in our people, the profession and its associations, as well as methodology and tools. Enterprise Risk Management is a major component of our firm’s advisory strategy and business model.
KPMG has made significant and continuing investments in a number of leading associations, trade groups, and academic institutions to further the interests of its professional staff in our Caricom region, including in Jamaica, Trinidad and Tobago, Barbados and the Eastern Caribbean and around the globe. Our professionals are members or supporters of the following organisations:
- The Institute of Internal Auditors; and
- The Information Systems Audit and Control Association.
Our professionals deliver seamlessly coordinated services to some of the most respected corporations. They provide Enterprise Risk Management services, fully-integrated internal audit outsource or co-source services, and assurance reviews. We have assisted organisations identify critical business and operational risks, implement effective controls and compliance processes, identify leading practices, identify opportunities to reduce the cost of operations, and realise profit improvement opportunities.