These days, Enterprise Risk Management (ERM) is an integral part of the corporate business plan. ERM involves a framework of procedures, which allows for the management and analysis of the enterprise risks. The enterprises, who do not have an ERM policy, risk falling prey to some of the hazardous risks, which are inherent in the industry.
When corporate entities get into trouble, they depend on the advice of their financial analyst to determine the potentials and threats of the financial loss. This is why, corporations in the U.S. are required to file an annual report with the U.S. Securities and Exchange Commission (SEC) on ERM procedures. This report includes disclosure on the methodology employed by the financial analyst in assessing the risks, as well as a detailed account of the policies, processes, and systems in place to monitor and control the risks. The report contains a summary of all the risks being monitored and reports the data that has been provided by the company, from the financial analyst.
According to the SEC, a standard template for reporting and the information to be included in the report depends on whether the financial analyst is to use a cash-flow analysis or an operations analysis. If cash flow is used, then the report must include the schedule of expenses and cash payments. In the case of an operations analysis, then the report must mention the details of the operations and any hazards associated with the operations.
The report must also be able to support the standard template. A corporate official may require the template to be changed every year to include new information. This helps the company to maintain the consistency of the reports.
A report that is prepared by the financial analyst should contain the most basic and fundamental information of the risk management. The analysts have to be thorough when they study the issues of the corporation and determine the risk factors, which should be avoided or managed. The report should also include the risks that are not yet known to the organization.
It is important that the report should be clear and contain simple data and presentation that readers can understand. Although the company and its people are the main focus of the report, it is a good idea to highlight other risks such as competitors, consumer groups, environmental, economic and social problems, and other issues which might come up in the future. This information is more useful to the reader and helps them to have an idea of what to expect in the future.
It is important that the report only covers the risk factors in the enterprise, and not the entire content of the document. Some documents only deal with a single hazard, while others deal with risks of corporate assets. In addition, it is important that the report does not contain inaccurate or invalid information. It is not permissible to include false or inaccurate information in the report.
Since the contents of the report are very vital, it is important that the document is accurate and comprehensive. Any gaps in information should be noted. It is important that the content of the report is very detailed so that the information is not distorted or the reader does not become confused. It is also important that the report only covers risks in the enterprise, and does not deal with risks in the public sector, as the document is meant to protect the public from a specific hazard, not the entire spectrum of risks.