ERM is a new term doing the rounds of organizations these days. ERM stands for enterprise risk management. At a very broad level, ERM Enterprise wide risk management is defined as:

"a continous and structured process implemented throughout the organization for identifying, assessing and reporting on related opportunities and threats that affect the achievement of enterprise objectives."

So what does ERM involve. The road map to enterprise wide risk management is a complex and lengthy process. Below, I have tried to explain the entire ERM process in a step by step manner. ERM involves the following activites.

1. Documenting the organizational objectives
2. Determining what is the risk appetite of the organization
3. Establishing an internal control and risk management framework
4. Identifying threats that prevent achievement of objectives
5. Assessing the impact and likelihood of threats i.e risk assessment
6. Generating risk responses
7. Putting control activities in place
8. Informing and communicating risks to all in the organization
9. Monitoring the risk and process outcomes
10. And finally, assessing how effectively are the risks managed.