Enterprise Risk Management Your trusted guide to a successful Enterprise Risk Management journey Organisations are demanding value beyond “enterprise risk listing” activities and the inertia that can impact an Enterprise Risk Management (ERM) programme that loses momentum. They want and need ERM programmes that help them anticipate, adapt, and respond to changes, focusing efforts and resources on risks and opportunities that can impact their strategy and performance.We provide forward-thinking Enterprise Risk Management Services that integrate strategy, business planning, and key decision-making processes to drive better business performance. Survey February 13, 2025 2 min read 2025 Report on Top Risks Read Protiviti's Top Risks Report 2025 covering executives' views on emerging risks related to AI, cyber threats, talent management, and economic shifts. Learn more Our Enterprise Risk Management services We enhance and add value throughout the different stages of your ERM programme. Pro Legal Briefcase ERM Maturity Assessment Understand your current state and develop a road map to enhance or automate your ERM programme. Pro Building office ERM Foundation Establish governance and setup your ERM organisation and framework, taking into consideration your organisation culture, maturity and risk appetite. Pro Document Files ERM Enabling Technology Select and deploy Governance, Risk and Compliance solutions to help you automate your ERM programme. Pro Document Stack ERM strategy and Business Planning Define and set priorities for your ERM programme including investments, strategic decisions, and risk back analysis. Pro Briefcase ERM Execution Implement your risk management programmes, including market, operational, cyber, vendor, innovation, business continuity, crisis management, and digital transformation. Pro Document Consent Risk Index for Risk Measurement, Monitoring and Reporting The Protiviti Risk Index™ helps business functions to become an enabler of growth through efficient tools for risk identification, aligned reporting, and actionable analytics. Our approach Our Risk-Informed approach changes the ERM conversationOur proprietary methodology provides management and the board with relevant risk and opportunity information to support decision-making during strategy setting and performance management. This allows companies to accelerate the alignment process with the new COSO ERM principles and related best practices. Our approach supports the development and evolution of an ERM programme that is:STRATEGIC: Considers the impact of risk on strategy and performanceBALANCED: Measures both risks and opportunitiesINTEGRATED: Is integrated with strategy setting, planning, and business executionCUSTOMISED: Reflects organisational business needs, expectations, and cultural attributesEach ERM programme and its goals are unique and influenced by organisational culture, strategy, and business goals. Therefore, we describe ERM as a journey because it is evolving and not a straight road to success.We can tailor our programme to fit your maturity, risk culture, and risk management needs and expectations. Relevancy in today’s digital world Our technology consulting professionals become your trusted advisors, providing insight and strategic vision through a unique blend of technical proficiency, project experience, and business knowledge. We leverage emerging technologies and methodologies to deliver results that drive performance and growth while managing risks. Featured insights NEWSLETTER Reimagining a New COO-Board Dynamic 2 min read Explore the new COO board dynamic: insights on evolving COO roles, shifting board expectations, and strategic transformation in today’s fast-changing landscape. SURVEY Disruptors see the world differently 8 min read Disruptive change is happening, and more is coming. Is your organisation ready to seize the moment? Our results, based on a global survey of more than 1,800 board members and C-suite executives, reveal that organisations that consider themselves to... PODCAST Risky Women Podcast | 2025 Top Compliance Priorities Mid-Year Check-In 3 min read Kimberley Cole welcomes the dynamic duo of Carol Beaumier and Bernadine Reese from Protiviti for an engaging mid-year check-in on compliance predictions for 2025. With the ever-evolving landscape of risk regulation, they dive into pressing topics... WHITEPAPER The Survival Guide for Chief Compliance Officers in Uncertain Times 17 min read Chief Compliance Officers (“CCOs”) are facing uncertain times due to a combination of factors that challenge the stability and predictability of their operating environments. These factors include geopolitical tensions; rapidly shifting political and... NEWSLETTER The Upside of Uncertainty: Seizing Opportunities Amid a Global Structural Shift 2 min read Explore how resiliency and the upside of uncertainty can transform challenges into opportunities for boards. Insights from Protiviti's conversation with Heidi Crebo-Rediker. Previous Article Pagination Next Article Board Perspectives Board Perspectives, from global consulting firm Protiviti, explores numerous challenges and areas of interest for boards of directors around the world. From environmental, social and governance (ESG) matters to fulfilling the board’s vital risk oversight mandate, Board Perspectives provides practical insights and guidance for new and experienced board members alike. Episodes feature informative discussions with leaders and experts from Protiviti and other highly regarded organisations. Listen now Notre équipe Arnaud Floquet Arnaud est Managing Director de la practice Risk and Compliance du bureau de Paris. Il possède plus de 20 ans d'expérience professionnelle en matière de gestion globale des risques (ERM), de contrôle interne (SOX / LSF) et de conformité règlementaire (LCB-FT, Sanctions ... En savoir plus Questions fréquemment posées Qu’est-ce que l’Enterprise Risk Management (ERM) ? + L’Enterprise Risk Management (ERM), ou gestion globale des risques, est une approche stratégique qui permet aux organisations d’identifier, évaluer, gérer et suivre les risques susceptibles d’affecter l’atteinte de leurs objectifs. L’ERM intègre la gestion des risques au cœur de la gouvernance et de la prise de décision, aidant ainsi les entreprises à anticiper les menaces et à mettre en œuvre des stratégies d’atténuation adaptées. En France, cette démarche s’aligne sur les normes ISO 31000:2018, le Code de commerce et les directives de l’Autorité des marchés financiers (AMF). En quoi l’ERM diffère-t-il de la gestion traditionnelle des risques ? + La gestion traditionnelle des risques se concentre souvent sur des risques spécifiques, traités de manière isolée. À l’inverse, l’ERM adopte une approche intégrée et transversale, couvrant les risques stratégiques, opérationnels, financiers et réglementaires. Il définit un appétit pour le risque, renforce la culture du risque au sein de l’organisation et intègre cette gestion dans toutes les décisions clés de l’entreprise. Pourquoi l’ERM est-il important pour les organisations aujourd’hui ? + L’ERM constitue un levier stratégique pour anticiper les risques et saisir les opportunités. Il contribue à une planification plus agile, renforce la résilience organisationnelle et accroît la confiance des parties prenantes. En France, il permet également de répondre à des exigences réglementaires strictes telles que le RGPD ou la loi Sapin II sur la transparence et la lutte contre la corruption. Quels sont les éléments clés d’un cadre ERM efficace ? + Un cadre ERM performant repose sur plusieurs composantes fondamentales : Identification des risques : repérer les menaces et opportunités potentielles. Évaluation des risques : analyser leur probabilité et leur impact. Réponse aux risques : définir et mettre en œuvre des stratégies d’atténuation, de transfert ou d’évitement. Suivi et reporting : mesurer l’efficacité des actions et ajuster les plans en continu. Protiviti France s’appuie sur les principes du COSO ERM et adapte ses solutions aux spécificités locales et sectorielles de chaque organisation. Comment Protiviti favorise l’amélioration continue des processus ERM? + Protiviti France améliore les dispositifs ERM grâce à : des évaluations régulières des cadres de gestion des risques, l’exploitation de l’analytique de données, et des programmes de formation destinés à renforcer la culture du risque. En s’alignant sur les normes de l’AMF, du RGPD et de la loi Sapin II, Protiviti garantit que l’ERM évolue en cohérence avec les objectifs stratégiques et les exigences réglementaires de ses clients. Quels secteurs en France bénéficient le plus de l’ERM? + Les secteurs les plus concernés sont ceux soumis à des contraintes réglementaires élevées ou à des risques multiples, tels que : les services financiers, la santé, l’énergie, l’industrie, et le secteur public. Ces organisations utilisent l’ERM pour renforcer leur conformité, améliorer leur résilience et optimiser leurs performances dans un environnement en constante évolution.
