【正文】 改進(jìn)。將來的研究可以建立在一個(gè)既定的基礎(chǔ)之上。企業(yè)風(fēng)險(xiǎn)管理使管理當(dāng)局能夠識(shí)別、評(píng)估和管理面對(duì)不確定性的風(fēng)險(xiǎn)，它對(duì)于價(jià)值創(chuàng)造和保持而言是必不可少的。A key objective of this framework is to help managements of businesses and other entities better deal with risk in achieving an entity’s objectives. But enterprise risk management means different things to different people, with a wide variety of labels and meanings preventing a mon understanding. An important goal, then, is to integrate various risk management concepts into a framework in which a mon definition is established, ponents are identified, and key concepts are described. This framework acmodates most viewpoints and provides a starting point for individual entities’ assessment and enhancement of enterprise risk management, for future initiatives of rulemaking bodies, and for education.本框架的一個(gè)關(guān)鍵目標(biāo)是幫助企業(yè)和其他主體的管理當(dāng)局在實(shí)現(xiàn)主體目標(biāo)的過程中更好地處理風(fēng)險(xiǎn)。Uncertainty and Value 不確定性與價(jià)值A(chǔ)n underlying premise of enterprise risk management is that every entity, whether forprofit, notforprofit, or a governmental body, exists to provide value for its stakeholders. All entities face uncertainty, and the challenge for management is to determine how much uncertainty the entity is prepared to accept as it strives to grow stakeholder value. Uncertainty presents both risk and opportunity, with the potential to erode or enhance value. Enterprise risk management enables management to effectively deal with uncertainty and associated risk and opportunity and thereby enhance the entity’s capacity to build value.企業(yè)風(fēng)險(xiǎn)管理的一個(gè)基本前提是每一個(gè)主體，不管是營(yíng)利性的、非營(yíng)利性的，還是政府機(jī)構(gòu)，存在的目的都是為它的利益相關(guān)者提供價(jià)值。Enterprises operate in environments where factors such as globalization, technology, restructurings, changing markets, petition, and regulation create uncertainty.Uncertainty emanates from an inability to precisely determine the likelihood that events will occur and the associated impacts. Uncertainty also is presented and created by the entity’s strategic choices. For example, an entity has a growth strategy based on expanding operations to another country. This chosen strategy presents risks and opportunities associated with the stability of the country’s political environment, resources, markets, channels, workforce capabilities, and costs.在企業(yè)經(jīng)營(yíng)所處的環(huán)境中，諸如全球化、技術(shù)、重組、變化中的市場(chǎng)、競(jìng)爭(zhēng)和管制等因素都會(huì)導(dǎo)致不確定性。所選擇的這個(gè)戰(zhàn)略帶來了與該國(guó)政治環(huán)境的穩(wěn)定性、資源、市場(chǎng)、渠道、勞動(dòng)力技能和成本相關(guān)的風(fēng)險(xiǎn)和機(jī)會(huì)。當(dāng)由于糟糕的戰(zhàn)略或執(zhí)行導(dǎo)致這些目標(biāo)不能達(dá)成時(shí)，價(jià)值就會(huì)被破壞。例如，一家制藥公司與其品牌價(jià)值相關(guān)的風(fēng)險(xiǎn)容量較低?？赡艿倪x擇包括通過有效的司機(jī)招聘和培訓(xùn)來降低風(fēng)險(xiǎn)，通過外包運(yùn)送業(yè)務(wù)來回避風(fēng)險(xiǎn)，通過保險(xiǎn)來分擔(dān)風(fēng)險(xiǎn)，或者簡(jiǎn)單地承擔(dān)風(fēng)險(xiǎn)。該公司采用多重標(biāo)準(zhǔn)來評(píng)估故障的影響，包括維修時(shí)間、不能滿足客戶需要、員工案例以及預(yù)定維修與非預(yù)定維修的成本，并據(jù)此制訂維護(hù)方案來加以應(yīng)對(duì)。這個(gè)信息系統(tǒng)可以向下追溯到部門、客戶或同行、交易商和交易層次，并針對(duì)既定類別的風(fēng)險(xiǎn)容量對(duì)風(fēng)險(xiǎn)進(jìn)行量化。管理當(dāng)局以公司戰(zhàn)略、目標(biāo)和備選的應(yīng)對(duì)為背景識(shí)別和評(píng)估風(fēng)險(xiǎn)，開發(fā)了一套廣泛拓展的存貨控制系統(tǒng)。例如，一家食品公司考慮可能影響其收入持續(xù)增長(zhǎng)的潛在事項(xiàng)。例如，一家金融機(jī)構(gòu)面臨新的監(jiān)管，除非管理當(dāng)局更加精確地計(jì)算信用和經(jīng)營(yíng)風(fēng)險(xiǎn)水平以及相關(guān)的資本需求，否則就要提高資本要求量。企業(yè)風(fēng)險(xiǎn)管理有助于確保有效的報(bào)告。事項(xiàng)可能有負(fù)面影響，也可能有下面影響，或者兩者兼而有之。例子包括機(jī)器設(shè)備故障、火災(zāi)和信用損失等。Opportunities support value creation or preservation. Management channels opportunities back to its strategy or objectivesetting processes, so that actions can be formulated to seize the opportunities.機(jī)會(huì)支持價(jià)值創(chuàng)造或保持。This definition reflects certain fundamental concepts. Enterprise risk management is:? A process, ongoing and flowing through an entity ? Effected by people at every level of an organization ? Applied in strategy setting ? Applied across the enterprise, at every level and unit, and includes taking an Entity level portfolio view of risk? Designed to identify potential events affecting the entity and manage risk within its risk appetite ? Able to provide reasonable assurance to an entity’s management and board ? Geared to the achievement of objectives in one or more separate but overlapping categories – it is a means to an end, not an end in itself這個(gè)定義反映了幾個(gè)基本概念。它直接關(guān)注特定主體既定目標(biāo)的實(shí)現(xiàn)，并為界定將在本章后文中討論的企業(yè)管理的有效性提供了依據(jù)。Enterprise risk management is different from the perspective of some observers who view it as something added on to an entity’s activities. That is not to say effective enterprise risk management does not require incremental effort, as it may. In considering credit and currency risks, for example, incremental effort may be required to develop needed models and make necessary analyses and calculations. However, these enterprise risk management mechanisms are intertwined with an entity’s operating activities and exist for fundamental business reasons. Enterprise risk management is most effective when these mechanisms are built into the entity’s infrastructure and are part of the essence of the enterprise. By building in enterprise risk management, an entity can directly affect its ability to implement its strategy and achieve its mission.企業(yè)風(fēng)險(xiǎn)管理并不像一些觀察家所認(rèn)為的那樣是加在主體活動(dòng)之上的東西。當(dāng)這些機(jī)制被構(gòu)建到主體的結(jié)構(gòu)之中，并成為企業(yè)核心要件的一部分時(shí)，企業(yè)風(fēng)險(xiǎn)管理就會(huì)更加有效。通過關(guān)注現(xiàn)有的經(jīng)營(yíng)業(yè)務(wù)以及它們對(duì)有效的企業(yè)風(fēng)險(xiǎn)管理的貢獻(xiàn)，并將風(fēng)險(xiǎn)管理整合到基本的經(jīng)營(yíng)活動(dòng)之中，企業(yè)就能夠避免不必要的程序和成本。人制訂主體的使命、戰(zhàn)略和目標(biāo)，并使企業(yè)風(fēng)險(xiǎn)管理機(jī)制得以落實(shí)。These realities affect, and are affected by, enterprise risk management. Each person has a unique point of reference, which influences how he or she identifies, assesses, and responds to risk. Enterprise risk management provides the mechanisms needed to help people understand risk in the context of the entity’s objectives. People must know their responsibilities and limits of authority. Accordingly, a clear and close linkage needs to exist between people’s duties and the way in which they are carried out, as well as with the entity’s strategy and objectives.這些現(xiàn)實(shí)影響企業(yè)風(fēng)險(xiǎn)管理，同時(shí)也受到企業(yè)管理的影響。因此，在人們的職責(zé)和他們履行職責(zé)的方式以及主體的戰(zhàn)略和目標(biāo)之間，需要有一個(gè)而又密切的聯(lián)系。Applied in Setting Strategy 應(yīng)用于戰(zhàn)略制訂An entity sets out its mission or vision and establishes strategic objectives, which are the highlevel goals that align with and support its mission or vision. An entity establishes a strategy for achieving its strategic objectives. It also sets related objectives it wants to achieve, flowing from the strategy, cascading to entity business units, divisions, and processes.一個(gè)主體設(shè)定其使命或愿景，并制訂戰(zhàn)略目標(biāo)，它們是協(xié)調(diào)和支撐其使命或愿景的高層次的目的。舉例來說，一個(gè)選擇可能是收購(gòu)其他公司以擴(kuò)大市場(chǎng)份額。對(duì)于第二個(gè)而言，風(fēng)險(xiǎn)包括必須利用新的技術(shù)或供應(yīng)商，或者建立新的聯(lián)盟。企業(yè)風(fēng)險(xiǎn)管理還應(yīng)用于特殊項(xiàng)目和目前在主體的層級(jí)和組織結(jié)構(gòu)圖中還沒有一個(gè)明確位置的新的活動(dòng)。高層管理當(dāng)局采用復(fù)合的觀念看待組織中的所有層級(jí)，以便確定該主體的整體風(fēng)險(xiǎn)組合是否與它的風(fēng)險(xiǎn)容量相稱。相互關(guān)聯(lián)的風(fēng)險(xiǎn)需要識(shí)別和發(fā)揮作用，以便使整體風(fēng)險(xiǎn)符合主體的風(fēng)險(xiǎn)容量