Discussion: Enterprise Risk Management in Organizations Paper

Discussion: Enterprise Risk Management in Organizations Paper ORDER NOW FOR CUSTOMIZED AND ORIGINAL ESSAY PAPERS ON Discussion: Enterprise Risk Management in Organizations Paper Risk management is one of the most important components in empowering an organization to achieve its ultimate vision. With proper risk management culture and knowledge, team members will be “speaking” the same language, and they will leverage common analytical abilities to identify and mitigate potential risks as well as exploit opportunities in a timely fashion. In order to consolidate efforts, the existence of an integrated framework is crucial. Discussion: Enterprise Risk Management in Organizations Paper This is why an ERM is necessary to the fulfillment of any organization’s goals and objectives. In your final research project for the course, your task is to write a 7-10 page paper discussing the following concepts: Introduction – What is an ERM? Why Should an Organization Implement an ERM Application? What are some Key Challenges and Solutions to Implementing an ERM? What is Important for an Effective ERM? Discuss at least one real organization that has been effective with implementing an ERM framework/application. Conclusion – Final thoughts/future research/recommendation The paper needs to be approximately 7-10 pages long, including both a title page and a references page (for a total of 9-12 pages). Be sure to use proper APA formatting and citations to avoid plagiarism. Your paper should meet the following requirements: Be approximately seven to ten pages in length, not including the required cover page and reference page. Follow APA7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion. Support your answers with the readings from the course, the course textbook, and at least FIVE scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find supplemental resources. Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing. Discussion: Enterprise Risk Management in Organizations Paper development_of_an_enterprise_risk_inventory_for_healthcare.pdf Etges et al. BMC Health Services Research (2018) 18:578 https://doi.org/10.1186/s12913-018-3400-7 RESEARCH ARTICLE Open Access Development of an enterprise risk inventory for healthcare Ana Paula Beck da Silva Etges1,2,3*, Veronique Grenon4,6, Ming Lu4, Ricardo Bertoglio Cardoso3, Joana Siqueira de Souza3, Francisco José Kliemann Neto3 and Elaine Aparecida Felix5 Abstract Background: The first phase of an enterprise risk management (ERM) program is the identification of risks. Accurate identification is essential to a proactive and effective ERM function. The authors identified a lack of such risk identification in the literature and in practical cases when interviewing the chief risk officers from healthcare organizations. A risk inventory specific to healthcare organizations that includes detailed risk scenarios and risk impacts currently does not exist. Thus, the objective of this research is to develop an enterprise risk inventory for healthcare organizations to create a common understanding of how each type of risk impacts a healthcare organization. Method: ERM guidelines and data from 15 interviews with chief risk officers were analyzed to create the risk inventory. The identified risks were confirmed through a survey of risk managers from a range of global healthcare organizations during the ASHRM conference in 2017. Descriptive statistics were developed and cluster analysis was performed using the survey results. Results: The risk inventory includes 28 risks and their specific risk scenarios. Cyberattack was ranked as the principal risk by the participants, followed by sentinel events and risks associated with human capital management (organizational culture, use of electronic medical records and physician wellness). The data analysis showed that the specific characteristics of the survey participants, such as the length of time working in risk management, the size of the organization, and the presence of a school of medicine, do not impact an individual’s opinion of the importance of the risks identified. A personal background in risk management (clinical or enterprise) was a characteristic that showed a small difference in the perceived importance of the risks from the proposed risk inventory. Conclusions: In addition to defining specific risk scenarios, the enterprise risk inventory presented in this research can contribute to guiding the risk identification phase of an ERM program and thereby support the development of a risk culture. Patient data security in hospitals that operate with high levels of technology is fundamental to delivering high quality and safe care to patients. At the top of the risk ranking, the identification of cyberattacks reflects the importance that healthcare risk managers place on this risk by allocating time and other resources. Exploring opportunities to improve cyber risk management and evaluating the benefits of using the risk inventory at the beginning of the risk identification phase in an ERM program are suggestions for future studies. Keywords: Enterprise risk management, Healthcare management, Risk inventory, Healthcare, Risk identification, Risk analysis * Correspondence: [email protected] 1 School of Technology, PUCRS, Avenida Ipiranga, 6681, Porto Alegre 90619-900, Brazil 2 National Health Technology Assessment Institute, CNPq, Porto Alegre, RS, Brazil Full list of author information is available at the end of the article © The Author(s). 2018 Open Access This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. The Creative Commons Public Domain Dedication waiver (http://creativecommons.org/publicdomain/zero/1.0/) applies to the data made available in this article, unless otherwise stated. Etges et al. BMC Health Services Research (2018) 18:578 Background Enterprise risk management (ERM) programs have been implemented in organizations across various industries with the aim of minimizing the negative effects of uncertainty in achieving corporate objectives while at the same time promoting its potential positive effects [1, 2]. Discussion: Enterprise Risk Management in Organizations Paper As stated in the most recent guidelines, ERM programs facilitate strategy selection. Choosing a strategy calls for a structured decision-making process that analyzes risks and aligns an organization’s resources with its mission and vision [3]. In the healthcare industry, the ERM process has been explored by risk managers to improve the organizational value creation process and develop a safer environment [4, 5]. ERM guidelines, including ISO 31000 [6, 7] and COSO [3, 8], outline an ERM process that includes several common phases: identification, analysis, assessment, monitoring and control. Adequately performing the first phase, risk identification, is a requirement to build a proactive and effective ERM process [9, 10]. In the same way that Cox’s (2008) [11] research explores how risk matrices can be used in the ERM process during the risk analysis phase, this research takes a deep dive in the risk identification phase. The ability to identify and define risks correctly is indispensable to subsequently enable the effective use of risk analysis tools [10, 12]. The risk identification process needs to be proactive, to involve multiple employees, and to create value for and protect the organization [13, 14]. In previous research that explored how ERM is conducted in healthcare organizations, it was established that the guidelines that currently exist are not practical because they only include a list of risk domains [12]. The development of an enterprise risk inventory that includes specific risk events, details of the risk scenarios and descriptions of how each risk impacts the organization was identified as a gap for healthcare organizations. The guidelines by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) were the first to define risk factors by industry, but they do not explore risk events in detail. In 2014, the American Society of Healthcare Risk Management (ASHRM) proposed risk domains for healthcare organizations, but again, risk events and scenarios are not described in detail [15]. Other institutions, such as Healthcare Insurance Reciprocal of Canada (HIROC) [16] and the National Health Service in England (NHS) [17] have developed risk taxonomies that include clinical risks and enterprise risks. In 2014, AON Corporation published the Healthcare Industry Report [18] based on collaborative research with various healthcare organizations that proposed ten common healthcare risks: regulatory/legislative changes; failure to attract or retain top talent; economic slowdown/slow recovery; increasing competition; Page 2 of 16 damage to reputation/brand; failure to innovate/meet customer needs; lack of technology infrastructure to support business needs; political risk/uncertainties; workforce shortages; and cash flow/liquidity. Unfortunately, and similar to other existing guidelines, this report does not define each risk in sufficient detail for multiple individuals in an organization to have a common understanding of the risks the organization faces. This means that every healthcare organization must develop its own enterprise risk identification process. The authors previously interviewed 15 hospital risk officers from Brazil and the USA and presented a novel model for healthcare risk management, the Economic Enterprise Risk Management innovation program for healthcare: E2RMhealthcare [19]. This previous research identified qualitative differences in individual risk perception capabilities among risk managers from large and small hospitals based on personal background and whether the hospitals were associated with a school of medicine. To complement the published model, the authors reviewed the data again and conducted a new survey in order to develop an enterprise risk inventory for use at the beginning of the risk identification phase. Discussion: Enterprise Risk Management in Organizations Paper Thus, the main objective of this paper is to develop an enterprise risk inventory for healthcare organizations in order to create a common understanding of how each type of risk impacts a healthcare organization. Additionally, it aims to determine whether the length of time working with ERM, the number of employees at the hospital and the presence of a school of medicine impact the perceived importance of the enterprise risks identified. Methods This study can be classified as exploratory, as it analyzes the literature and data collected from interviews to increase the knowledge about ERM [20]. Thus, a survey was constructed and administered, data from the survey responses were collected, and a quantitative analysis was performed. Figure 1 illustrates the three phases: survey development, survey application and data analysis. Survey development To construct the survey, two steps were taken. First, data from 15 interviews with risk professionals from various healthcare organizations in Brazil (7) and the United States (8) were analyzed. Hospitals in Brazil were identified using a list from the magazine America Economia (2014) as “the best hospitals in Latin America”. JCI-accredited hospitals and hospitals with risk management teams in their management structure were selected and contacted. US hospitals with national quality accreditations as well as established risk management teams were also contacted. Data from a ninth US hospital, Etges et al. BMC Health Services Research (2018) 18:578 Page 3 of 16 Fig. 1 Research methods however, were not included due to incompleteness, which prevented comparisons. The resulting sample was heterogeneous, as it included data from different types of organizations: private and public hospitals, academic and non-academic hospitals, and a range of sizes. The main characteristics of the healthcare organizations interviewed are presented in Additional file 1. Second, the content of the guidelines developed by COSO (2007) [8], ASHRM (2014) [15], HIROC (2014) [16], NHS (2008) [17] and AON (2014) [18] were assessed, as they were mentioned by the interviewees as being important to the creation of their ERM programs. The software NVIVO was used to analyze the combined content of the interviews and guidelines. The researchers used the software to identify the risks listed by the interviewees to develop a first enterprise risk inventory list based on repetition of the risks by the interviewees and the literature. In sequence, two external risk management consultants, one Brazilian and the other from USA, both of whom had more than 10 years of experience in healthcare risk management, discussed the risk inventory with the two first authors of this study. The inventory was agreed upon by the authors, including the name of the risk, the concept that it described, and a detailed risk scenario. The risk scenarios considered real examples that occurred in recent years in hospitals throughout the world that were shared on global media. Subsequently, the survey was built using the Qualtrics platform. The survey was made available online, and the participants were asked to choose if they strongly agree, somewhat agree, neither disagree nor agree, somewhat disagree or strongly disagree when asked about the importance of each risk identified. The complete questionnaire can be found in Additional file 2 through an online link. Survey application A stratified approach was used to calculate the minimum number of surveys that needed to be completed. Two variables for stratification were defined: length of time working in risk management and type of risk management (clinical or enterprise). Discussion: Enterprise Risk Management in Organizations Paper These variables were selected based on the results presented by Etges et al. in previous research [19]. The 15 interviews were analyzed to develop an ERM model oriented toward healthcare Etges et al. BMC Health Services Research (2018) 18:578 Page 4 of 16 organizations. The model also presented the differences between clinical and enterprise managers and those related to length of working time in risk management. For each stratum variable, two classes were identified: (stratum 1) number of years working in risk management – less than 7 years and more than 7 years; and (stratum 2) type – clinical risk management and enterprise risk management. The total number of strata is therefore four. To calculate the minimum number of questionnaires per group, a normal distribution was used. The formula to calculate the number of questionnaires per group is defined in eq. 1: n ¼ Z 2? 2 CV 2 ER2 ð1Þ Z 2? = significance level to be applied in the estimation; 2 CV2 = coefficient of variation; ER2 = the permissible relative error, that is, the percentage error in the estimate that we were willing to accept. Assuming a significance level of 5%, Z 2? ¼ 1:96, with a 2 moderate CV and a low ER, we calculated 16 completed surveys per group and a total of 64 completed surveys for the four groups combined. In October 2017, the American Society of Healthcare Risk Management’s annual conference took place in Seattle. The survey was distributed at the conference during ERM workshops and at the exhibit hall, where only people participating in the conference had access. In parallel, emails were sent to various healthcare risk professionals in Brazil and United States who worked at tertiary hospitals and occupied a risk management position. The survey was open from October 10, 2017 to January 5, 2018. Data analysis The survey data were extracted from Qualtrics and analyzed using SPSS and Microsoft Excel software. The descriptive statistical analysis was used to create a risk ranking and analyze differences between the strata. The risk ranking was first analyzed based on the Likert scale. The second, third and fourth analyses utilized a binary reference. The answers “strongly agree” and “somewhat agree” were classified as agreeing that the risk is an important enterprise risk in the healthcare industry. The answers “strongly disagree”, “somewhat disagree” and “neither agree nor disagree” were classified as not agreeing that the risk is an important enterprise risk in the healthcare industry. The second analysis combined different sample strata (time working in risk management and type of risk management background, clinical or enterprise). The third analysis compared the survey results between participants who worked in organizations with more than 1000 employees to those who worked in organizations with fewer than 1000 employees. Discussion: Enterprise Risk Management in Organizations Paper The fourth analysis compared the participants’ opinions from organizations with and without a school of medicine. Cluster analysis was performed to allocate the risk professionals to groups based on their answers regarding the perceived importance of each risk. The cluster classification was performed in the software SPSS in two steps following Favero et al. (2009) [21]. First, the hierarchical algorithm nearest neighbor was applied to the data, which enabled the number of clusters to be defined through an analysis of the resulting dendrogram. Second, based on the number of clusters previously defined, the non-hierarchical algorithm K-means was used to establish the members of each cluster. The nearest neighbor algorithm used the Euclidian distance as the distance measure, while the K-means algorithm used the square of the Euclidean distance. Additionally, the K-means algorithm was configured to (i) use random seeds when defining the initial centroids, and (ii) repeat the analysis 100 times and return the most frequent result. Results The results are presented below. First, the development of the survey and the risk inventory are explained. Second, the survey application is described, and finally, the data from the survey responses are analyzed and discussed. Survey development: risks and origin Twenty-eight risks were selected for inclusion in the risk inventory. Table 1 below shows the risks that were identified for each guideline. Five additional risks were added: disputes with insurance companies regarding reimbursements; security – active shooter; financial batch claim emanating from reimbursement reforms; use of social communication networks; and union strikes. A document that includes risk descriptions, risk scenarios, and risk impacts was developed to constitute the healthcare enterprise risk inventory. One of the objectives of the inventory was for the interviewees to have a common understanding of each risk so that meaningful results and comparisons could be obtained. Another objective of the risk inventory was to educate risk managers and other interested professionals. Discussion: Enterprise Risk Management in Organizations Paper The complete risk inventory is presented in Additional file 3 through an online link. One concern that was raised in the interviews with the risk managers related to the lack of a common definition of a defined risk. The ERM guidelines currently in place do not offer sufficiently detailed definitions to allow for proper comparisons. For example, regarding the risk of fraud, stealing money from Medicare is fraud, but taking Etges et al. BMC Health Services Research (2018) 18:578 Page 5 of 16 Table 1 Risk inventory origin # Risks Guideline and participants COSO ASHRM HIROC NHS 1 Board governance – poor communication or lack of direction x x x x 2 Business Interruption Due to Natural Catastrophe x x x 3 Clinical batch claim x x 4 Conflicts due to organizational hierarchy x 5 Cyber security x 6 Deficiency in development of technology and innovation x 7 Dependence on insurance companies 8 Dispute with insurance companies on reimbursements 9 Electronic Health Record (EHR) 10 Environment Protection Agency or similar 11 External media communication 12 Financial batch claim emanating from reimbursement reform 13 Fraud committed by a provider AON Participants x x x x x x x x x x x x x x x x x x x x x x x x 14 Government instability 15 Loss of accreditation 16 Non-compliance with laws and regulations 17 Loss of Occupational Safety and Healthcare Administration (OSHA in USA) 18 Organizational culture 19 Physician wellness 20 Relation between the School of Medicine or Residency program and hospital 21 Active Shooter 22 Sentinel events x x 23 Supply chain x x 24 Talent retention 25 Terrorism x x x x x x x x x x x x x x x x x x x x x x x x x 26 Unethical conduct 27 Union strike x 28 Use of social communication networks x a photograph of a medical record is also fraud. With no explicit definition, individuals may think of the risk of fraud in different ways. Discussion: Enterprise Risk Management in Organizations Paper A large organization must create a taxonomy to develop a common understanding of identified risks. The risk inventory created should help guide risk managers and other users from different levels, backgrounds, positions, and locations. In addition, if different organizations use the same inventory, it will be possible to develop risk benchmarks around the business aspects of healthcare. Another new element that the risk inventory provides is the association of each risk with the dimension that the risk impacts. The dimensions used are the patient, for risks that impact the patient’s care or the patient’s family; financial, for risks that impact the organization’s finances; legal or regulatory, for risks that are associated with lawsuits or regulations; reputation, for risks that x x x x can impact the hospital’s image; and social, for risks that can affect the region around the hospital or a large number of people. Finally, the risks are categorized by group using the ASHRM domains and COSO factors as guidelines. The groups are … Get a 10 % discount on an order above $ 100 Use the following coupon code : NURSING10

Struggling to find relevant content? Order a custom essay on
Discussion: Enterprise Risk Management in Organizations Paper
Let our experts save you the hassle
Order Now
Calculate the price
Make an order in advance and get the best price
Pages (550 words)
$0.00
*Price with a welcome 15% discount applied.
Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.
We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.
Sign up, place your order, and leave the rest to our professional paper writers in less than 2 minutes.
step 1
Upload assignment instructions
Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.
s
Get personalized services with GPA Fix
One writer for all your papers
You can select one writer for all your papers. This option enhances the consistency in the quality of your assignments. Select your preferred writer from the list of writers who have handledf your previous assignments
Same paper from different writers
Are you ordering the same assignment for a friend? You can get the same paper from different writers. The goal is to produce 100% unique and original papers
Copy of sources used
Our homework writers will provide you with copies of sources used on your request. Just add the option when plaing your order
What our partners say about us
We appreciate every review and are always looking for ways to grow. See what other students think about our do my paper service.
Nursing
Thank you to the writer and also thank you to the support team I got an A for the paper
Customer 452635, June 17th, 2022
Medicine
Great job! Thank you.
Customer 452707, May 29th, 2022
Other
GOOD
Customer 452813, July 5th, 2022
Computer science
extremely happy with the service, again! You guys are the best.
Customer 452715, July 27th, 2022
Criminal Justice
Excellent Work!!!
Customer 452587, March 10th, 2022
Nursing
Did not receive paper on time.
Customer 452693, November 9th, 2022
Medicine
This has everything that was in the rubric. Thank you!
Customer 452707, May 29th, 2022
Nursing
Thank you for the great job and timely delivery.
Customer 452457, December 18th, 2020
Nursing
Thank you for the outstanding work .
Customer 452635, June 5th, 2022
Business and administrative studies
GOOD
Customer 452813, June 30th, 2022
IT, Web
Did an excellent job with the body of the paper and staying on the topic.
Customer 452885, October 27th, 2022
Criminal law
Thank You!
Customer 452465, January 29th, 2021
OUR GIFT TO YOU
15% OFF your first order
Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.
Claim my 15% OFF Order in Chat
error: Content is protected !!

Save More. Score Better. Use coupon code SPECIAL for a 15%discount