
Here is my RIMS 2015 presentation about the role of risk policy in Enterprise Risk Management (ERM). Effective enterprise risk management (ERM) requires a policy that clearly establishes your organization’s risk tolerance. Organizational risk tolerance drives all aspects of ERM including risk governance, treatment strategies, prioritization, reserve budgets and risk management processes. This presentation explores specific tools and techniques that can be used to objectively quantify risk tolerance which, in turn, drives further elaboration of organizational risk policy.