What is Enterprise Risk Management?

Enterprise Risk Management (ERM):

The discipline by which an organization in any industry assesses, controls, exploits, finances and monitors risks from all sources for the purpose of increasing the organization’s short and long-term value to its stakeholders. Successful ERM programs manage risk across two dimensions: Time & Space.


Properly developed ERM programs shift your Risk Management focus from short-term (once-a-year when traditional insurances policies renew) to a long-term program designed with the organization’s overall goals in mind.


ERM programs increase the Depth of Coverage of an organization, allowing for formal insurance across the three distinct areas of risk: Core, Operational and Strategic.



The potential for future losses or shortfalls due to the deviation of actual results from expected results.

Even the U.S. Government encourages small and mid-size businesses to prepare for a wide range of threats. Below is a chart which outlines potential risks and impacts of those risks.

(Chart from Ready.gov landing page for businesses as of March 2015).

Core Risk

  • General Liability
  • Auto Liability
  • Directors & Officers
  • Property Liability
  • Professional Liability
  • E & O
  • Worker’s Compensation

Operational Risk

  • Administrative Actions
  • Cyber Risk
  • Employment Practices
  • Litigation Defense Expense
  • Business Risk Indemnity
  • Legal Expenses
  • Commercial Crime
  • Excess General Liability
  • Excess Prof. Liability
  • Existing Deductibles

Strategic Risk

  • Business Interruption
  • Contract Termination
  • Subcontractor Default
  • Reputational Damages
  • Terrorism
  • Supply Chain Interruption
  • Regulatory & Legislative Changes