Skip NavigationHome > Services > Internal Audit and Risk Management > Enterprise Risk Management

Enterprise Risk Management

Enterprise Risk Management (ERM) is a systematic and methodical approach for identifying and managing an organisation’s business risks. Enterprise Risk Management provides a practical and time tested method to: a) align risk appetite with strategic goals, b) deploy resources more efficiently & effectively, c)reduce operational losses and d)improve risk response.

In the wake of dynamic market conditions and regulatory initiatives, protecting shareholders’ interests is becoming a top priority for managements across various industries. Today’s businesses across the globe increasingly seek better decision-making capabilities, greater shareholder value and stronger internal controls in order to attain greater shareholder value. External perceptions of a company are affected by the risks it faces and the manner in which these risks are managed. While no business is immune to risks, managing them to create a sustainable shareholder value is the critical challenge. Businesses need to have an approach to meet this challenge.

Regulatory requirement

Clause 49 of the Securities and Exchange Board of India (SEBI) Listing agreement, which came into effect on January 1, 2006, says:

“The Company shall lay down procedures to inform board members about the risk assessment and minimization procedures. These procedures shall be periodically reviewed to ensure that executive management controls risk through means of a properly defined framework.”

The clause also makes the CEO/CFO certification on Internal Controls mandatory.

The Solution

The solution lies in having an enterprise wide initiative involving all levels of management and steered by the Board of Directors. A well-defined Internal Control Framework (ICF) and structured approach to risk management i.e. ERM not only limits the damage to the company but also enables it to capture opportunities well in advance.


Potential benefits of adopting an integrated approach to Internal Control and Enterprise Risk Management (ERM) frameworks include:

  • Develop a comprehensive understanding of risks across all levels within the organisation
  • Improve ability to prevent, quickly detect, correct and escalate critical risk issues.
  • Align risk appetite and corporate strategy
  • Improve risk responses and reduce operational surprises and losses
  • Enhance comfort level of board and other stakeholders that critical risks have been identified and are being managed in a systematic manner.

What We Do

Suresh Surana & Associates can help your company address risk in several key areas, including:

  • Risk Management
    • Policy and Framework designing
    • Risk Identification
    • Risk Assessment
  • Internal control assessment
  • Process improvement and operational effectiveness
  • Security and Technology solutions (IT business risk management, data management and information security)
  • Audit and Compliance
  • Fraud and Anti-fraud Programs (Detection as well as Prevention)
© 2011 Suresh Surana & Associates. All Rights Reserved.
The site was last updated on: 24 January 2011