Operationalising Enterprise Risk Management (ERM) Effectiveness
Studies on ERM effectiveness appear to suffer from the same catastrophic dilemma as that of organizational effectiveness. To the best of the author’s knowledge, very little research has been done on the effectiveness of ERM in managing risks. Based on the guidance from the COSO (2004) framework and the existing literature coupled with the insights gathered from semi-structured interviews, the current article aims to demarcate a workable model, and, thereafter, an instrument to be operationalized in ERM effectiveness studies. The findings suggest that the COSO framework is still relevant for ERM and that to improve the robustness of the effectiveness instrument, a multidimensional approach is key. This paper suggests a multiple model approach comprising a process model, system resource model and outcome model for measuring ERM effectiveness. Additionally, the perspectives from various ERM stakeholders of the risk, including the risk function itself, such as from the internal audit and finance or other members of the management team, may enhance the assessment of the effectiveness of ERM in managing risks. It is hoped that the model and instrument developed in this paper will encourage more studies to be conducted on the effectiveness of ERM in particular. From the practical standpoint, with some modifications to the fit, the instrument can also be applied to evaluate the effectiveness of ERM implementation in the respective organisations.