JIU/REP/2020/5 Enterprise risk management: approaches and uses in United Nations system organizations
Enterprise risk management (ERM) has its roots in the private sector and has value in all sectors, including United Nations system entities. United Nations system organizations are exposed to a myriad of risks while delivering on their mandates –– from fraud and corruption, reputational risks and cybercrime to risks of a political nature, natural and human-made disasters. In its resolution 61/245, the General Assembly endorsed the adoption of ERM in the United Nations system to enhance governance and oversight.
ERM is an organization-wide process of structured, integrated and systematic identification, analysis, evaluation, treatment and monitoring of risks towards the achievement of organizational objectives. It is fundamentally about managing uncertainty and can include both threats and opportunities.
The main objective of the present review is to inform legislative/governing bodies and the executive heads of United Nation system organizations about the progress made since the last review (JIU/REP/2010/4), the status of implementation, utilization and integration of ERM practices across all 28 JIU participating organizations, as well as to identify good practices and lessons learned to guide ongoing and future initiatives.
The review proposes 10 updated benchmarks and assesses the progress of ERM implementation against them. It makes four formal recommendations and 21 informal recommendations aimed at enhancing effective and integrated ERM for more proactive and better-informed decision-making and good governance.