Enterprise 风险 Management (ERM) Terminology

热点图
A visual representation of each risk’s likelihood and severity scores.

影响
影响 is the numeric rating of the financial, operational or reputational severity that results from a risk event occurring with existing controls.

可能性
The likelihood is a numeric rating of how likely the risk is to occur with existing controls.

准备
The effectiveness of controls (i.e., training, testing, business continuity) currently in place to address an identified risk.

风险
The potential for an event or circumstance to have an impact on the achievement of an organization’s objectives.

风险偏好
The level of risk an organization is willing to accept in pursuit of its objectives.

风险评估
The process of evaluating the likelihood and potential impact of identified risks.

风险冠军
A risk champion is the executive-level leader who provides oversight and guidance within a specific risk area. The role of the risk champion is to support risk owners in the execution of proposed risk mitigation strategies. The risk champion should be an individual with the authority to intervene when risk management efforts are being hampered.

风险 Mitigation and Response
The actions taken to address identified risks, including accepting, 转移, mitigating or avoiding them.

风险监控
The ongoing process of tracking and evaluating identified risks, as well as the effectiveness of risk management strategies.

风险的主人
A risk owner is the individual who is ultimately accountable for the management and mitigation of an enterprise risk. With the assistance of the 道德 and 合规 Office, risk owners develop and implement strategies to address concerns raised within a specific risk area. 风险 owners serve as the point of contact for the 道德 and 合规 Office in measuring and monitoring the effectiveness of a risk mitigation strategy.

Subject Matter Expert (SME)
A subject matter expert is an individual with specialized skills and/or knowledge in relation to the risk area. The job duties of the SME need not be specific to the risk area; however, the responsibilities and expertise of this individual should provide vital input regarding the assessment, existing controls and potential mitigation strategies.

Sub-risk
A specific risk identified within an enterprise risk area.

速度
The speed at which a risk can materialize and impact an organization.