Enterprise risk management (ERM) is a new, board-supervised process that aims to identify, evaluate, and manage all major corporate risks in an integrated framework. Advocated by the Committee on Sponsoring Organizations of the Treadway Commission (COSO) in 2004, ERM adoption has been encouraged by global regulatory agencies, various stock exchanges, legal court cases, and rating agencies. Applied in a strategic setting, ERM takes a company-wide perspective and incorporates strategic and operational risks as well as the more traditional insurance, financial and legal risks. In spite of the growing importance of ERM, there has been very little research on the subject. Existing research has included field studies of companies adopting ERM, has investigated the determinants of ERM adoption, and has explained the appointment of a chief risk officer. We extend this early work by examining how ERM leads to enhanced management and improved performance. Based on a survey of 150 risk management executives who are implementing ERM and tested with the partial least squares (PLS) analytical technique, our model shows that an ERM-based framework can help a company improve performance. Our model also confirms both the linear aspect of building an ERM process and the interactive aspects, where later ERM components help companies improve on earlier processes. Interestingly, our model also shows the key reason why ERM improves performance: it first enhances management. In other words, the value side of ERM is that it makes management better (as seen in greater management consensus, better informed decision making, and increased accountability).
