Enterprise risk management (ERM) refers to an integrated or holistic approach to managing risk across an organisation, using clearly articulated frameworks and processes led from board level. Risk management should be embedded in the general management of an organisation and fully integrated with other business functions such as finance, strategy, internal control, procurement, continuity planning, HR and compliance. The degree of integration will differ between organisations depending on their culture, implementation process, ways of operating and external environment.
via Risk management.