Enterprise Risk Management: Empirical foundations, governance integration, and future directions for ERM research

Titolo Rivista FINANCIAL REPORTING
Autori/Curatori Mark Beasley, Don Pagach
Anno di pubblicazione 2026 Fascicolo 2026/1
Lingua Inglese Numero pagine 18 P. 5-22 Dimensione file 235 KB
DOI 10.3280/fr202622593
Il DOI è il codice a barre della proprietà intellettuale: per saperne di più clicca qui

Anteprima articolo

FrancoAngeli è membro della Publishers International Linking Association, Inc (PILA), associazione indipendente e non profit per facilitare (attraverso i servizi tecnologici implementati da CrossRef.org) l’accesso degli studiosi ai contenuti digitali nelle pubblicazioni professionali e scientifiche.

Academic research has played an important role in examining the Enterprise Risk Management (ERM) process and thinking about its organizational implications and value. Collectively, this literature reframes ERM as an organizational capability whose effectiveness depends on engagement from board and C-suite leadership, integration of governance activities overseeing both strategic direction and management’s risk-taking, and alignment of risks with strategic incentives. The need for ERM has grown to become a defining element of modern corporate governance, reflecting organizations’ need to manage increasingly complex strategic, operational, financial, and compliance risks that are increasingly present and rapidly evolving in today’s global business environment. Whereas traditional risk management focuses primarily on insurable and financial risks within siloed, functional areas, ERM represents an enterprise-wide approach linking risk identification, assessment, and response to strategic objectives and performance outcomes (COSO 2017). We believe that advances in financial regulations, especially in Europe, provide an opportunity to create a forward-looking research agenda centered on better understanding the dynamics and practices of establishing an appropriate risk culture, risk appetite and risk management disclosure credibility - three mechanisms that increasingly define ERM effectiveness yet remain underexplored in accounting research.

Parole chiave:Enterprise Risk Management, risk governance, risk appetite, risk culture

Jel codes:G32, G34, M10, M14

  1. Aabo, T., Fraser, J. R. S., & Simkins, B. J. (2005). The rise and evolution of the chief risk officer: Enterprise Risk Management at Hydro One. Journal of Applied Corporate Finance, 17, 62-75.
  2. Acomo Group (2025). Acomo: 2025 Annual Report. Retrieved from -- https://www.acomo.com/.
  3. Arena, M., Arnaboldi, M., & Azzone, G. (2010). The organizational dynamics of Enterprise Risk Management. Accounting, Organizations and Society, 35(7), 659-675.
  4. Arena, M., Arnaboldi, M., & Palermo, T. (2017). The dynamics of (dis)integrated risk management: A comparative field study. Accounting, Organizations and Society, 62, 65-81.
  5. AS/NZS (2004). Risk Management Standard AS/NZS 4360: 2004: Standards Australia/Standards New Zealand.
  6. Baker, M., & Wurgler, J. (2011). Behavioral corporate finance: An updated survey. In: Handbook of the Economics of Finance (Vol. 2, pp. 357-424), Elsevier.
  7. Baxter, R., Bedard, J. C., Hoitash, R., & Yezegel, A. (2013). Enterprise risk management program quality: determinants, value relevance, and the financial crisis. Contemporary Accounting Research, 30(4), 1264-1295.
  8. Beasley, M. S., Branson, B., & Pagach, D. (2015). An analysis of the maturity and strategic impact of investments in enterprise risk management. Journal of Accounting and Public Policy, 33(4), 334-349.
  9. Beasley, M. S., Branson, B., & Pagach, D. (2023). Improving disclosures about management of ever-evolving risks. Controlling. DOI: 10.15358/0935-0381-2023-S-20
  10. Beasley, M. S., Branson, B., & Pagach, D. (2023). An evolving risk landscape: Insights from a decade of surveys of executives and risk professionals. Journal of Risk and Financial Management, 16(1), 29.
  11. Beasley, M. S., Branson, B., Braumann, E., & Pagach, D. (2023). Understanding the ecosystem of enterprise risk management governance. The Accounting Review, 97(4), 1-32. DOI: 10.2308/TAR-2020-0488
  12. Beasley, M. S., Branson, B., Pagach, D., & Panfilo, S. (2020). Are required SEC proxy disclosures about the board’s role in risk oversight substantive?. Journal of Accounting and Public Policy, 40, 106816.
  13. Beasley, M. S., Clune, R., & Hermanson, D. R. (2005). Enterprise risk management: An empirical analysis of factors associated with the extent of implementation. Accounting Horizons, 19(3), 157-177.
  14. Beasley, M. S., Pagach, D., & Warr, R. (2008). Information conveyed in hiring announcements of senior executives overseeing enterprise-wide risk management processes. Journal of Accounting, Auditing & Finance, 23(3), 311-332. DOI: 10.1177/0148558X0802300303
  15. Braumann, E. C. (2018). Analyzing the Role of Risk Awareness in Enterprise Risk Management. Journal of Management Accounting Research, 30(2), 241-268.
  16. Braumann, E. C., Grabner, I., & Posch, A. (2020). Tone from the top in risk management: A complementarity perspective on how control systems influence risk awareness. Accounting, Organizations and Society, 84, 101128.
  17. Crovini, C., Giunta, F., Nielsen, C., & Simoni, L. (2024). Market valuation of risk reporting: The role of business model disclosure. Abacus,
  18. CAS (2003). Overview of Enterprise Risk Management. Retrieved from -- http://www.casact.org/area/erm/overview.pdf.
  19. COSO (2004). Enterprise Risk Management – Integrated Framework. Committee of Sponsoring Organizations of the Treadway Commission.
  20. COSO (2017). Enterprise Risk Management - Integrating with Strategy and Performance, COSO. Available at -- https://www.coso.org/Pages/erm.aspx.
  21. Desender, K., On the Determinants of Enterprise Risk Management Implementation (2011). Enterprise IT Governance, Business Value and Performance Measurement, Nan Si Shi and Gilbert Silvius, eds., IGI Global, 2011. Available at SSRN: -- https://ssrn.com/abstract=1025982.
  22. European Commission (2023). Commission Delegated Regulation (EU) 2023/2772 of 31 July 2023 supplementing Directive 2013/34/EU of the European Parliament and of the Council as regards sustainability reporting standards (European Sustainability Reporting Standards – ESRS 1 General Requirements). Official Journal of the European Union. -- https://eur-lex.europa.eu/eli/reg_del/2023/2772/oj.
  23. Ferrari (2022). Ferrari N.V.: 2022 Annual Report. Retrieved from -- https://www.ferrari.com/.
  24. Financial Reporting Council (FRC). UK Corporate Governance Code (September 2012).
  25. Florio, C., & Leoni, G. (2017). Enterprise risk management and firm performance: The Italian case. British Accounting Review, 49(1), 56-74.
  26. Gates, S., & Hexter, E. (2005). From risk management to risk strategy. New York: The Conference Board, Inc.
  27. Gordon, L. A., Loeb, M. P., & Tseng, C. Y. (2009). Enterprise risk management and firm performance: A contingency perspective. Journal of Accounting and Public Policy, 28(4): 301-327.
  28. Heinle, M., & Smith, K. (2017). A theory of risk disclosure. Review of Accounting Studies, 22(4), 1459-1491.
  29. Hope, O.-K., Hu, D., & Lu, H. (2016). The benefits of specific risk-factor disclosures. The Accounting Review, 91(4), 1005-1034.
  30. ISO. 2009. 31000-Risk Management. Geneva, Switzerland: International Organization for Standardization.
  31. Liebenberg, A. P., & Hoyt, R. E. (2003). The determinants of enterprise risk management: evidence from the appointment of chief risk officers. Risk Management and Insurance Review, 6, 37-52.
  32. Lin, Y., Wen, M., & Yu, J. (2012). Enterprise Risk Management. North American Actuarial Journal, 16(1), 1-28. DOI: 10.1080/10920277.2012.10590630
  33. Lundqvist, S. A. (2015). Why firms implement risk governance – Stepping beyond traditional risk management to enterprise risk management. Journal of Accounting and Public Policy, 34, 441-466.
  34. McShane, M. K., Nair, A., & Rustambekov, E. (2011). Does Enterprise Risk Management Increase Firm Value?. Journal of Accounting, Auditing and Finance, 26, 641-658. DOI: 10.1177/0148558X11409160
  35. Miccolis, J., & Shah, S. (2000). Enterprise Risk Management: An Analytic Approach. Tillinghast: Tower Perrin.
  36. Monitoring Committee Corporate Governance Code (2025). The revised Dutch Corporate Governance Code. Retrieved from -- https://www.mccg.nl/english.
  37. Nocco, B. W., & Stulz, R. M. (2006). Enterprise Risk Management: Theory and Practice. Journal of Applied Corporate Finance, 18, 8-20.
  38. Paape, L., & Speklé, R. F. (2012). The adoption and design of Enterprise Risk Management Practices: An empirical study. European Accounting Review, 21, 533-564. DOI: 10.1080/09638180.2012.661937
  39. Pagach, D. (2026). The Disclosure of Risk Appetite. Working paper, NC State University.
  40. Pagach, D., & Warr, R. (2011). The characteristics of firms that hire chief risk officers. Journal of Risk and Insurance, 78(1), 185-211.
  41. Pagach, D., & Warr, R. (2015). The effects of enterprise risk management on firm performance. In The Routledge Companion on Strategic Risk Management. Routledge.
  42. Power, M. (2007). Organized Uncertainty: Designing a World of Risk Management. Oxford: Oxford University Press.
  43. Power, M. (2009). The risk management of nothing. Accounting, Organizations and Society, 34(6-7), 849-855.
  44. Securities and Exchange Commission (2009). Proxy Disclosure Enhancements (Release Nos. 33-9089; 34-61175; IC-29092; File No. S7-13-09). -- http://www.sec.gov/rules/final/2009/33-9089.pdf.
  45. Securities and Exchange Commission (2023). Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (Release Nos. 33-11216; 34-97989; File No. S7-09-22). -- https://www.sec.gov/rules-regulations/2023/07/s7-09-22.
  46. Securities and Exchange Commission (2024). The Enhancement and Standardization of Climate-Related Disclosures for Investors (Release Nos. 33-11275; 34-99678; File No. S7-10-22). -- https://www.sec.gov/rules-regulations/2024/03/s7-10-22.
  47. Stulz, R. (2016). Risk management, governance, culture, and risk taking in banks. Economic Policy Review, Aug, 43-60.

Mark Beasley, Don Pagach, Enterprise Risk Management: Empirical foundations, governance integration, and future directions for ERM research in "FINANCIAL REPORTING" 1/2026, pp 5-22, DOI: 10.3280/fr202622593