Quantitative risk analysis software | Vose Software

What is Enterprise Risk Management?

The extra value of Pelican

Talk to a sales person

Managing risks is a normal part of running a business. Your company no doubt invests significant effort to manage the risks it faces. Your company may be using what is called ‘enterprise risk management’, perhaps it follows traditional risk management - more likely, it is somewhere between the two. So, what is ‘enterprise risk management’, or ‘ERM’ and how is it an improvement over traditional risk management? Traditional risk management takes a silo approach allowing each department or business unit to manage its own risks. This creates a number of problems that can be summarized as lacking four C’s:

  • Consistency
  • Completeness
  • Collaboration
  • Communication

These deficiencies have long been recognized by key risk management experts, and several guidelines have been written to address them, most notably ISO 31000 1 and COSO 2 . The first versions of these guidelines focused too much on adhering to processes rather than creating and preserving value, but this is now at least partially addressed by the latest versions of the guidelines. The ‘enterprise’ in Enterprise Risk Management can be thought of as referring to four objectives discussed below.

ModelRisk Monte Carlo simulation software Excel

Complete understanding of risks

Each manager, from the CEO right down through the management structure of the enterprise, fully understands the risks (and opportunities) that can impact the part of the business for which they are responsible.

Tamara logo

Consistent evaluation of risks

The evaluation of these risks is based on a methodology that is consistent throughout the enterprise and allows the portfolio of risks to be aggregated up through the entity structure of the enterprise.

ModelRisk Monte Carlo simulation software Excel

Coordinated management of risks

The control and mitigation strategies for these risks are coordinated across the enterprise and seek to protect and enhance the value of the enterprise, not just one element of the business.

Tamara logo

Shared responsibility for risk

The responsibility for executing the risk management plan is shared appropriately amongst the employees of the enterprise. In essence, employees work as a team. Risk (and opportunity) identification, assessment, management and communication is a shared responsibility and an integral part of the enterprise’s culture.

Customers are surprised how cost-effective Pelican really is.

Let us surprise you too.

Contact us

Why implement enterprise risk management?

The Second Law of Thermodynamics describes how everything in the universe moves from order to chaos unless effort is put in to create or maintain order. Drop a glass and it will turn into unusable pieces but drop the pieces and you won’t get the glass back. Disorder (called entropy in physics) is closely related to probability. A system has a small probability of coming together in an orderly fashion because there are so few orderly (helpful) arrangements and so many equally likely disorderly (unhelpful) ones. This law neatly describes the nature of risk.

It explains why plans rarely work out the way we hope. Left to chance, random events will almost always reduce rather than increase our accomplishments. Risk management is the means we have to tame the chaotic nature of the universe! Pelican helps us work out the best risk management strategy, and then operationalize and maintain that strategy.

ModelRisk Monte Carlo simulation software Excel


Responding to, and demonstrating adherence to, externally imposed corporate governance guidelines regarding risk identification, disclosure, management, and monitoring.

Tamara logo


Anticipating and devising methods to control exposure to risks that can threaten the company’s strategic objectives

ModelRisk Monte Carlo simulation software Excel

Harmonization and coordination

Bringing together and optimizing the management of risk by different internal silos, sharing knowledge about risk issues, eliminating risk-taking that is inconsistent with the entity’s risk appetite, improving communication and assigning responsibility for risk management activities

Tamara logo

Exploiting opportunities and creating value

Taking calculated risks for higher rewards, reducing risk management costs by cutting out redundant controls, flattening risk-reward profiles across investments and exploiting the shared benefits of risk management actions.