How Enterprise Risk Management Solutions Contribute to SME Recovery

Posted by Maria Katrina dela Cruz
Dec 03, 2021
Facebook LInkedin Twitter

The concept was a mere lip service for companies, but now that we underwent a global turmoil, Enterprise Risk Management (ERM) solutions raise a strong case for strengthening your overall internal strategy. 

What are the enterprise risk management solutions?
One of the hard lessons the past two years have imbued is that there’s no silver bullet in recovering from a deep disruption- unless your business is engineered to withstand such massive and abrupt interference. And this is what ERM is all about. But this is a different approach from building resilience. How so?

What is enterprise risk management? 

ERM is the macro-level oversight and handling of any emerging risk that threatens to impede a company’s growth in its entirety. It encompasses all sub-units of an organization instead of focusing on a segment to raise a company’s tolerance threshold for black swan scenarios. 

Related: Black Swan Scenarios: Your CFO and Business Risk Management

Building ERM into the core of your enterprise helps you allay any kind of vulnerability in a more holistic and structured approach. If you introduce consistent efforts in practising processes and controls, you run lower chances of loss of any kind. Ultimately, it maintains your track towards your original goal. 

ERM is all about the bigger picture.

Firm-wide perspectives take precedence in this scenario. ERM may not always be sensible for singular business sections, hence sometimes leading to siloed management decisions that do not take into account its repercussions to departmental autonomy. 

To paint a picture, here is the 2017 update of the COSO (Committee of Sponsoring Organizations) ERM framework with its components.

2017 COSO ERM Integrating with Strategy and Performance Executive Summary

Source: 2017 COSO ERM Integrating with Strategy and Performance Executive Summary

The above framework reflects these five interconnected components that ERM embeds in the entire organization and all its levels:

  1. Mission, Vision and Core Values
      • Governance and Culture

  2. Strategy Development
      • Strategy and Objective-Setting

  3. Business Objective Formulation
      • Performance

  4. Implementation and Performance
      • Review and Revision

  5. Enhanced Value
      • Information, Communication, and Reporting

As the landscape turns more complex than ever, the ERM framework serves as a guide for CEOs and key decision-makers to align the overall strategy with the risks and performance. It backs important decisions with data and analytics to ensure organizational success and stability in the long run.

How is ERM different from Traditional Risk Management (TRM)? 

Imagine this. When you play basketball, you are given an understanding of how your team played the offence and defence. But if you realize your team’s strengths, you have an upper hand to make your group’s dynamics at play for the next games. This is how TRM and ERM works. The TRM is the previous rounds that you went through to formulate a plan that would work for your team, and the ERM is the future strategy harnessing the team’s strong points to make sure you win.

The underlying difference between traditional risk management and enterprise risk management is their respective intensities. 

TRM lies on the more intensive side of the coin as it bases its master plan on a prior situation that you experienced, like going through a budget deficit or exodus of employees to another company. As a CEO, we know you don’t underscore the importance of learning from your past experiences, which is why TRM pays attention to these hazards and finds a way to prevent them from occurring again. 

On the other hand, ERM is an extensive roadmap. It takes forthcoming risks with its resources backing up the strategy. This paradigm is designed to prepare for the uncertainties ahead- making it the straightforward option. Corporations and businesses today combine TRM with ERM to further unveil interdependencies, causal links, and other contributing factors that help them understand what causes these risks. When they gauge the firm’s risk appetite, they align it with their strategy to meet the goal they have set. 

Like TRM, it [ERM] is, of course, skewed towards avoiding risks albeit the ERM scheme suggests spontaneity and more risk-taking which makes it a fluid and adaptable choice. As far as the business arena goes, if there is no risk present, there will be no returns as well. 

Case in point: COVID-19 Recovery 

Now that we’re once again on the verge of pandemic recovery, CEOs are bullish on growth and development for 2022. While it’s true that the pandemic has been a perfect storm to accelerate the integration of innovation in our operations, executives have also unleashed the power of ERM during the transition towards the new normal hybrid working although not fully.

At its facade, businesses deployed ERM with a certain lack of attention, planning, and communication. According to Gartner, if implemented effectively, an ERM prepared team would have set the threshold to low so they could have prepared for a broader consequence should no action be taken.

Simply put that if a clear process is already made and communicated, a firm can expect an agile response to the situation at the first sign of distress. 


Attempting to counter vast and intricate uncertainties can be made easier through comprehensive enterprise risk management solutions. At the same time, it gives the guarantee that the risks, when balanced with the company’s appetite, processes, and strategy, can steer you towards your main objectives.


Blend your ERM plans with a well-defined management of your accounting processes. D&V Philippines is here to make sure your F&A concerns are addressed and taken care of with utmost expertise through our in-house accountants. 


Our Outsourcing: How to Make it Work guide explores how you can utilize accounting and finance outsourcing to drive growth to your business and add value to your processes.