top of page

Our services

Enterprise Risk Management

Enterprise Risk Management (ERM) is a structured management discipline that at its heart links risk to an organisation’s strategy. It does this by providing a framework to consistently identify, measure and manage risks, regardless of type, that could have a material effect on the achievement of objectives to within target risk exposure levels.


Designed and implemented well, ERM can deliver significant organisational benefits by providing transparency and intelligence to leadership and management on the risks the organisation is exposed to and taking, helping to ensure unacceptable exposures are visible and avoided or mitigated, and that opportunities and returns are not being missed due to risk aversion.


The theory and successful application of ERM is not, however, always straightforward and many organisations continue to struggle to extract full value from their investment in the discipline. This can stem from a range of factors, with common reasons including:

  • Assumption that traditional risk management activities are ERM. While it is key to implementation success that any ERM system is bespoke to the culture and needs of the organisation, without linkage to strategy, a common language for risk, and integration of risk appetite, it is likely the ‘ERM’ system is technically misnomered.

  • People are not sufficiently engaged and senior sponsorship is lacking. If ERM is seen as a valueless ‘tick box’ exercise, due to a lack of understanding and support by stakeholders as a result of flawed engagement and outputs that do not support agile and informed decision making, it probably is and will continue to be.

  • Weakness in fundamentals. Poor risk characterisation with vague risk descriptions and subjective measurement techniques compromises risk visibility and the ability to accurately assess, prioritise and manage those of most significance.

  • Failure to leverage data assets. Risk is dynamic and systems of ERM need to reflect this volatility. Leverage of the data landscape, both internal and external to the organisation, can power real-time risk insights and predictive capabilities.

  • Practical articulation of risk appetite. A continuing challenge for many organisations is how to express their desired risk and reward trade-offs in ways that are meaningful at operational levels and can be measured, particularly in areas where data may be lacking and quantitative modelling is not a feasible option.

How do we help?

There is a wide spectrum of approaches, philosophies and maturity in ERM practice across different sectors and peer organisations; reflecting this, the support we provide is equally varied in its scope and approach and can include simple advice on specific issues to major, multi-year ERM programme design and implementation. Summarised below are common requests for help we receive from clients. Regardless of the ask, our focus is on pragmatic, high quality solutions that are bespoke to each client’s specific needs and aspirations, exploiting the knowledge and lessons learned from the team’s successful delivery of in excess of 100 ERM engagements.

  • ERM effectiveness reviews and maturity benchmarking

  • ERM framework design, component development, and implementation support

  • Risk appetite articulation at Board and operational levels

  • Key Risk Indicator (KRI) suite development

  • ERM software selection and configuration

  • Risk analytics including facilitation of organisation-wide ERM exercises, emerging risk horizon scanning and scenario analysis, correlation analysis etc.

  • Enhanced risk reporting design and population

  • Organisational leadership, management and practioner ERM training content development and delivery

  • Head of ERM / ERM team development coaching, training and advice

  • Development of integrated risk frameworks with other second line functions / domain areas e.g. Compliance, Business Continuity Management (BCM), Insurance, Operational Resilience etc.

  • Assurance over ERM performance and compliance

In addition to our technical advisory support we also provide a range of transactional services to provide interim solutions, capacity and good practice cost-effective execution of ERM activities. These include:

  • Outsourced and co-sourced ERM function activities 

  • Interim Head of ERM secondment

  • Risk and audit committee membership

bottom of page