Discrete risk management processes within an enterprise (CRMA)

The CRMA Study Guide does not recognise the possibility of discrete risk management processes within a single enterprise.

As an enthusiastic CRMA candidate, you will have already read the Everyone articles and Risk Specialist articles on discrete risk management processes within an enterprise.


The CRMA Study Guide does not recognise the possibility of discrete risk management processes within a single enterprise.

The Guide tends to follow the COSO ERM assumption that there is a unitary view of enterprise risk, without specifically recommending that. The CRMA idea of ‘coordination of risk management activities’ is fairly obsessive about a single integrated view (Figure IV.10). There is an acknowledgement that diverse practices may have evolved, and that is regarded as a problem to be fixed (page 191, fourth paragraph).

Some of the other authorities recognised in the Study Guide make slightly different assumptions. None of them throw a clear light on the option to have discrete risk management processes within an enterprise.

For passing the CRMA exam, you should adopt the views of the Study Guide. As an assessor of organisation risk management effectiveness, the CRMA holder will need to have a fair and mature view of organisations with discrete and differing risk management processes, with or without integration. Clear Lines on Audit and Risk promotes a view different to the assumptions in the Study Guide, precisely because it is also concerned with making risk management effective, emphasising fitness for purpose over standardisation. Reflect upon ISO 31000 Key Principle G: Risk management is tailored.

Further Reading

Main articles on the topic: 1. Discrete risk management processes within an enterprise (Everyone) 2. Shapes for discrete risk management processes (Everyone) 3. Examples of discrete risk management processes (Everyone) 4. Risk ‘to’ an area of activity and risk ‘from’ the activity (Everyone)

Some other main topics

What is Risk Management?

Coming soon: Scoping a risk management activity; ERM and RM; RM across an organisation, without a central register; Context setting, Objectives, expected and acceptable outcomes, priorities and tradeoffs.

All pages on ‘Discrete risk management processes within an enterprise’

Articles for everyone Discrete risk management processes within an enterprise (Everyone) Shapes for discrete risk management processes (Everyone) Examples of discrete risk management processes (Everyone) Risk ‘to’ an area of activity and risk ‘from’ the activity (Everyone)
Supplements for reader streams
For Risk Specialists: Risk management processes within an enterprise (Risk Specialists)
For CRMA Candidates: Risk management processes within an enterprise (CRMA)
For CRISC Candidates: Risk management processes within an enterprise (CRISC)
Extras for risk specialists: Vocabulary (Risk Specialists) COSO and ISO 31000 on discrete risk management processes (Risk Specialists) ERM and discrete risk management processes (Risk Specialists)

Risk consequences as the final effect on objectives (LinkedIn – registration required)

For Executives: Risk management processes within an enterprise (Executives)
For Australian Government readers: Risk management processes within an enterprise (Australian Government)

Leave a Reply

Your email address will not be published. Required fields are marked *