What is enterprise risk management? How to put cybersecurity threats into a business context
Enterprise risk management (ERM) is the process of assessing risks to identify both threats to a company’s financial well-being and opportunities in the market. The goal of an ERM program is to understand an organization’s tolerance for risk, categorize it, and quantify it.When companies look at enterprise risk, the traditional approach is to look at financial risks, regulatory risks and operational risks. What happens if the exchange rate drops and the interest rate rises, if new drugs don’t get FDA approval, or if your main warehouse burns down?