Traditional risk management is no longer sufficient to sustain organizational success in an environment of transforming health care delivery and payment. Enterprise Risk Management (ERM) provides a comprehensive, holistic approach that can help hospitals, health systems and their boards better anticipate, recognize and address the many risks associated with the transformational changes occurring in the field.

ERM is a strategic business discipline that supports the identification, assessment and management of risks. Through an enterprise-wide approach, ERM can advance internal control of all relevant risk and improve an organization's ability to generate greater value from strategic and operational activities. However, to achieve these advantages, organizations must embed ERM elements into their culture and structure, and examine

the nature of the risks they face.

Traditional risk management chart

An ERM program can provide health care organizations with the support they need to manage uncertainty and focus on the issues critical for successful value creation. An ongoing and iterative process, ERM relies on an organization's ability to learn, collaborate, communicate and report. When successfully implemented, ERM can provide the health care organization with the information it needs to appropriately oversee and reduce risk for the organization and its stakeholders. Understanding the ERM framework and associated concepts will enable organizations to to benefit from applying ERM to risk oversight.

Below are key concepts in the ERM decision-making model that will help communicate important aspects of managing risk across the enterprise. 

ERM basics chart

This article was adapted from a resource developed by American Society for Healthcare Risk Management (ASHRM). The original resource is available in the Enterprise Risk Management (ERM) Resource Library on

The American Society for Healthcare Risk Management (ASHRM) is a professional membership group of the American Hospital Association, representing enterprise risk management, clinical, insurance, legal, patient safety and other related interests.