Enterprise risk management: Agility through risk management

With risks constantly changing and new risks emerging, management needs to know when the level of risk exceeds the organization’s appetite and requires action.

What does ‘good’ look like?

To help an organization make risk-informed strategic decisions, a good enterprise risk management program generates intelligence on risks that could impede achievement of organizational goals. Businesses then prioritize investments in programs that will have the greatest impact on reducing or optimizing risk.

  • The business anticipates, prepares for and responds effectively to material events and disruptions.
  • Risk management decisions are made confidently, based on solid data and effective analysis.
  • Risks are communicated clearly throughout the organization as well as to external stakeholders.
  • The ERM program continually optimizes and proves value over time by comparing outcomes against predictions.


Enterprise risk management

For your organization to meet its objectives, you need clear visibility and understanding of all risks that may affect your operations or cause financial or reputational damage. To manage risk, your organization has several choices: reducing the likelihood of the risk occurring; decreasing the risk’s potential impact; and, transferring, avoiding or accepting the risk. STREAM provides up-to-date and reliable risk data, allowing management to reliably prioritize and escalate risks according to their significance.

Processes and features

Enterprise risk management is an ongoing process, not a one-time activity. Here are some of the steps involved in enterprise risk management using STREAM.


Gain visibility

See, understand and prioritize all risks that may have a material impact on organizational objectives or targets.


Measure the risks

Determine how significant each risk is, using configurable qualitative, quantitative or mixed-mode risk assessments regarding strategic, financial, reputational or other impacts.


Monitor ongoing risks

Stay aware of risks, including new risks, and take action when the risk level exceeds organizational tolerances.


Aggregate risk types

Capture risk types across the enterprise, with granular views based on business groupings, such as business units, programs, suppliers or assets.


Optimize investments based on ROI

Improve performance with ROI-based analysis of risk management investment options.


Establish accountability

Detail accountability to address enterprise non-compliance and unacceptable risks from identification to completion.