At the center of ERM is the implementation of the model control life cycle. There are four components:
- Analyze and determine the key risks to which an entity is exposed,
- Design and implement models to estimate the impact of the risks,
- Simulate and aggregate and allocate results to quantify the capital impact of the risks, and
- Evaluate, report, and determine the strengths and weaknesses of the models. Once these steps are complete, you return to step 1 to determine how to improve the models or how to add another risk to the existing set of models.
So, as you continue to pursue your career in enterprise risk management, you will ﬁnd that multiple skills are required to implement and maintain the ERM model life cycle. The ﬁrst is to have the ability to examine an entity such as a company, line of business or a country and determine various risks to which that entity is exposed. This risk assessment skill is central to step one above. Also, using risk assessments, you will determine which risks will be in or out of scope for that specific model cycle.
After determining which risks are in scope, the second skill you develop is the ability to design and implement the models to estimate the impact of these risks, which meets step two of the life cycle. The ﬁnal skill emphasized in this blog is the ability to use the models to simulate and aggregate the results, which corresponds to step three.