Enterprise Risk Management Is Looking At The Big Picture
If you want to understand the difference between traditional and enterprise risk management, a recent post by Carol Williams (https://www.erminsightsbycarol.com/beyond-one-on-one-risk-management) explains it very simply. Traditional risk management looks at each risk individually. Enterprise risk management looks at how all the functions of an organization create risk. It requires analysis to determine connections, trends and/or concentrations of risk.
Traditional risk management does not show the relationship between risks and their cumulative effects. Enterprise risk management looks for common elements in two or more risks. It looks at root causes for possible overlap, so organizations can better invest their resources where they can do the most good. The cumulative effects of risks can be determined through modeling and data; outside expertise may be needed.
Whether your organization uses formal or informal risk management, enterprise risk management gives you the big picture.