ABSTRACT

In the hierarchy of risk management types, the enterprise risk management (ERM) must always overrule both Task Risk Management and project Risk Management in order to ensure fulfilment of the principal objectives. Increasing the market share becomes a goal in itself and the risk management is about increasing the probability to achieve the goal. The risk management process is, nevertheless, in line with ISO 31000. Based on the ambition level, risk appetite and strategic considerations the enterprise decides on its strategic objectives. The risk appetite expresses the amount of risk the enterprise intends to take in pursuing value creating opportunities. Running a business involves taking risks, thus the risk appetite is about risk/reward considerations. ERM is about managing all of the organization’s risks related to its activities in the value chain, and in order to ensure completeness, the risks could be sorted in risk themes covering all activities in the whole value chain.