RIMS launches online ERM assessment model

The Risk and Insurance Management Society, Inc. (RIMS) has launched a new Risk Maturity Model for Enterprise Risk Management (ERM), an online resource that provides guidelines and best practices for developing and maintaining a comprehensive risk management program.
The Risk Maturity Model uses standardized criteria by which organizations can evaluate and improve their approach to enterprise risk management.
In addition to publishing the reference guide, the Risk Maturity Model features a real-time benchmarking exercise that allows executives to score key characteristics of their risk management programs and generate a personalized maturity assessment.
“The RIMS Risk Maturity Model for Enterprise Risk Management is a ground-breaking, sophisticated educational and reference tool that delivers a much needed barometer for the risk management community, as well as CEOs, COOs, CIOs, compliance, internal audit and other functions with risk management responsibilities,” says John Phelps, a member of RIMS’ board of directors and the director of risk management for Blue Cross and Blue Shield of Florida Inc.
“The tool empowers organizations with the ability to evaluate risk culture competency, identify gaps and determine areas for improvement. In addition, it provides measures to help advance their programs and align them with ERM best practices. Eventually business leaders will be able to benchmark program maturity according to function, industry and company size.”
The Risk Maturity Model is based on the Capability Maturity Model, a methodology developed in the 1980s by Carnegie Mellon University’s Software Engineering Institute (SEI).
Originally, the model was used to advance software engineering methodologies and processes. Since then, the theory behind the Maturity Model has been applied to other corporate operations, such as supply chain and people management, and embraced by numerous organizations within the technology, finance and defense industries.
The RIMS Risk Maturity Model presents a five-level progression for program maturity, from “non-existent” to “leadership.” Aiding in this assessment, the model uses variables such as ERM process management, risk appetite management, uncovering risks, as well as business resiliency and sustainability.
According to Steven Minsky, CEO of LogicManager, Inc. and co-developer of the RIMS Risk Maturity Model, a unique feature of the RIMS Risk Maturity Model is its applicability regardless of the specialized frameworks and standards an organization is using. The model is compatible with the Australian/New Zealand Risk Standard, COSO ERM, COBIT 4.0, Standard & Poor’s ERM, Sarbanes-Oxley and any other framework that an organization may use as the basis for its ERM program.