Enterprise Risk Management
A top-down approach to identifying, assessing, and managing all the risks an organization faces, from financial and operational to cyber and reputational. Frameworks like COSO ERM help boards set risk appetite and integrate risk thinking into strategy. Cyber risk increasingly gets managed inside ERM rather than as a separate IT concern.