Kyu Kyu
Accueil | Nos Insights

Enterprise Risk Mapping (ERM)

Consulting Risk management
Business Cases
Enterprise Risk Mapping (ERM)

In the context of reorganization, systemic change or major strategic developments, a company’s risk profile undergoes significant change. In such cases, risk mapping is necessary to identify risks and assess detection and prevention systems. Risk mapping also makes it possible to involve all stakeholders in a joint improvement process to be implemented.

Our customer, a critical infrastructure manager, wanted to carry out this exercise in order to measure current changes in its environment and resources, and prioritize actions to be implemented to improve the company’s resilience.

 

Main achievements

 

Risk mapping and integration into company management

 

Initial work was carried out with General Management to reach agreement on a risk repository to establishing the applicable risk families, and on criticality and control assessment scales reflecting the company’s risk appetite.

The mapping process began with an analysis of structuring documents and operational supports documents, and continued with interviews with key stakeholders in charge of operations.

A number of working groups produced a shared assessment of the risks and a qualification of the associated control systems, as well as Key Risk Indicators.

Each risk carrier then worked with our support to propose actions to improve prevention and reduce risks.

At the same time, our teams worked with the Risk and Management System Department to develop the governance and management cycle required to update and manage the risk map (risk committee, management rules, etc.).

 

Key figures :

20 interviews with departments

+ over 100 risks assessed

50 structuring actions