An ERM Maturity Model
ERM Symposium 2013 Monograph
Posted: 10 Jan 2013 Last revised: 27 Sep 2014
Date Written: January 10, 2013
In the recent years, Enterprise Risk Management (ERM) has emerged as a new risk management technique aimed to manage the portfolio of risks that faces an organization in a integrated, enterprise-wide manner. Unlike traditional risk management, where individual risk categories are managed from a silo-based perspective, ERM involves an holistic view of risks allowing to take into account correlations across all risk classes.
The academic literature on ERM is focused on two main aspects: the analysis of the factors that influence ERM adoption and its effects on firms performances. No studies have been conducted yet to propose robust and rigorous models to evaluate the quality, or maturity, of ERM programs implemented by firms. The aim of the research described in this paper is to fill this gap in the literature. In order to build a rigorous ERM maturity model, we have run an e-mail Delphi procedure involving a panel of worldwide experts on ERM and reached their consensus on the selection of a set of ERM best practice parameters, which are used to develop a structured questionnaire to be administered to firms. Experts consensus in obtained also on the scales and the scores for each questionnaire answer option. The output of the Delphi method is a scoring model that can be used to assess the maturity of an ERM program by administering a questionnaire composed of 22 closed-end questions to firms: answers are collected and scored, and all scores are combined in a single final score, the ERM Index (ERMi). The robustness of the model has finally been tested on a small sample of firms.
We foresee two different uses of the ERMi maturity model, one by scholars for further quantitative research on ERM topics, and one by practitioners, as ERMi is suitable to be used by firms for a self-assessment of their ERM programs (internal use), and by consultancy firms, auditors and rating agencies (external use). The difference with other existing maturity models is its solid scientific base, the rigour with which it has been designed and the fact that it is derived from a Delphi procedure involving leading ERM experts who reached consensus on the model detailed design.
Keywords: Enterprise Risk Management, maturity model, Delphi method
JEL Classification: G32
Suggested Citation: Suggested Citation