Building an EERM Toolkit.

AuthorKinsella, Dan
PositionFOREFRONT - Extended enterprise risk management

More enterprises are waking up to the importance of extended enterprise risk management (EERM)--the process of identifying and managing risks that come to the organization through third parties, vendors and other external sources. As the use of cloud services and other third parties continues to grow, EERM program maturity is becoming increasingly important to mitigate risks, safeguard compliance and drive business value and efficiency in the process. A Deloitte poll revealed that the majority of respondents (70%) indicated a moderate to high level of dependency on external entities that might include third, fourth or fifth parties, with nearly half (47%) of respondents saying that their organizations had experienced some sort of risk incident involving the use of external entities in the last three years.

While it is no surprise that the C-suite and board are seeing more clearly the importance of developing a mature EERM program, the path to program maturity can still be challenging. In 2018, a Deloitte Touche Tohmatsu Limited global survey on EERM revealed that only one in five responding executives say their organization has an integrated or optimized EERM program. While integrated and optimized EERM mechanisms can improve the overall maturity of these programs, the apparent maturity lag suggests that, even if enterprise leaders are sold on the why, they may feel stuck on the how.

One way to address this problem is through the use of EERM tools--technology-driven systems, applications, controls, programs and methodologies that can help enterprises achieve program maturity. By using these tools, organizations are shifting the focus from claw-back recovery efforts to ongoing, pre-invoice validation to prevent problems from occurring in the first place. Organizations that effectively utilize EERM tools stand to gain the biggest ROI from greater efficiency, better compliance and fewer risks from reputation damage, regulatory missteps, consumer backlash and cyberattacks.


As third-party ecosystems grow, more effectively managing the associated risks can help organizations gain competitive advantage. A recent Deloitte white paper estimates those organizations that have a good handle on their third-party business partners can outperform their peers by an additional 4% to 5% in terms of growth to their bottom line.

An EERM tool is essentially a practical lens that focuses on a specific workflow or particular piece of...

To continue reading

Request your trial

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT