First Security

Enterprise Risk Management


Enterprise Risk Management (ERM) aims to guide managers to evaluate and improve enterprise risk management taken as a whole through an integrated model that intends to include all business risks.
Enterprise Risk Management, as part of the Internal Control System (ICS), therefore falls in the set of rules, controls and any other force that helps keep the company’s Organization consistently geared to achieving the following objectives:

  • Compliance of transactions with laws and regulations;
  • Reliability and integrity of information;
  • Protection of company assets;
  • Effectiveness and efficiency of operations.

The concept of risk management therefore includes the set of activities designed to identify, assess, manage and control all kinds of events (risks and opportunities) and has an interdisciplinary nature and different types of applications.
With this in mind, we must address the issues of strategic risk, operational and legal from a managerial and operational point of view and deepen the concepts of risk, quantitative analysis and financial and corporate governance, by examining:

  • the various sources of risk of an undertaking;
  • risk categories and related strategies (legal, compliance, environment, market, supply chain, country, credit, commodities);
  • measurement and its impact on performance;
  • the integration of risk in decision making.