ABSTRACT
This chapter explains the concept of integrated risk management, also known as strategic risk management or enterprise risk management (ERM). Underlying all of these approaches is a desire to manage risks consistently across the organisation, in line with the organisation’s overall strategy. However, in the review of empirical evidence that follows, it becomes clear that actually implementing such an integrated approach to risk management is very difficult in practice. The bulk of the chapter consists of a critique of one specific approach to integrated risk management, as documented in ISO 31000. The chapter concludes with a brief discussion of the concepts of risk displacement and risk compensation.
