[雙語翻譯]企業(yè)風險管理外文翻譯—企業(yè)風險管理提高了企業(yè)經(jīng)營績效嗎？（原文）

1、Does Enterprise risk management enhance operating performance?☆Carolyn Callahan a, Jared Soileau b,?a University of Louisville, School of Accountancy, College of Business Room 240, Louisville, KY 40292, United States b L

2、ouisiana State University, Department of Accounting, 2817 Business Education Complex, Baton Rouge, LA 70803, United Statesa b s t r a c t a r t i c l e i n f oArticle history:Received 3 August 2016Received in revised for

3、m 26 January 2017Accepted 27 January 2017Available online 7 March 2017JEL classifications:M40M41G32G34The Committee of Sponsoring Organizations (COSO) Enterprise Risk Management (ERM) framework (COSO-ERM) indicates that

4、the development of an enterprise-wide risk assessment and management process is de-signed to “provide reasonable assurance regarding the achievement of entity objectives.” We examine thisissue and hypothesize that firms

5、with mature ERM processes should achieve greater operational performancethan those with less mature risk management processes. This study relies on internal audit function managementsurvey responses matched with archival

6、 firm level data to gain a better understanding of the expected operatingperformance impact of the multi-stage ERM implementation process. After controlling for board governance andother known effects, we find that firms

7、 with higher levels of ERM process maturity are characterized by higheroperating performance than their industry peers utilizing performance metrics closely related to the earningsprocess. Our study provides support for

8、the linkage of enhanced operating performance associated with the ma-turity of ERM processes and suggests other potential areas of ERM research.© 2017 Elsevier Ltd. All rights reserved. Keywords:Enterprise risk mana

9、gementOperating performanceCorporate governance1. IntroductionFinancial and insurance industries have long understood the value ofquantitative analysis of operational information in estimating loan andclaim risk in busin

10、ess practices (e.g. granting loans, setting interestrates and premiums). Firms within the financial and insurance indus-tries have historically invested in processes and technologies to identifyand estimate risk exposure

11、. These processes use data analysis to assistwith monitoring risk exposures and maximize risk-based business deci-sions. Despite these investments, the banking industry, expected to be aleader in risk assessment and mana

12、gement practices, has had severalfirms experience major failures managing organizational risk. More spe-cifically, the reputation for bank risk-taking strategies has been criti-cized as a leading contributor to the recen

13、t Great Recession(December 2007 – June 20091). There also have been other notable ex-amples of operational practices having significant impacts on banks inrecent years. For example, Barings Bank (1995) and J.P. Morgan Ch

14、ase(2012) each allowed a single employee excessive authority to make ex-tremely risky equity trades. Although J.P. Morgan Chase was able to ab-sorb a $5.8 Billion loss2 (original estimates of losses were as high as $9Bil

15、lion3), Barings Bank was not able to survive the risky trades madeby Nick Leeson and was sold for £1. While not having a global economicimpact, several other major firms have experienced significant losses asa resul

16、t of gaps and failures within their risk management strategy andthe security of customer information.4In order to address the lack of a systematic enterprise-wide riskmanagement plan, in 2004, the Committee of Sponsoring

17、 Organizations(COSO) of the Treadway Commission created an Enterprise Risk Man-agement framework (COSO-ERM). COSO-ERM defines Enterprise RiskAdvances in Accounting 37 (2017) 122–139☆ This research is supported by The Ins

18、titute of Internal Auditors Research FoundationMichael J. Barrett Doctoral Dissertation Research Grant and the KPMG Foundation.Wethank the anonymous reviewers at the 2013 Management Accounting Section Meeting,Thomas Vanc

19、e, and Annette Mikes for their feedback and comments provided in priorversions of this research study.? Corresponding author.E-mail addresses: carolyn.callahan@louisville.edu (C. Callahan), jareds@lsu.edu(J. Soileau). 1

20、http://www.nber.org/cycles/sept2010.html2 http://www.bloomberg.com/news/2012-09-06/jpmorgan-said-to-face-escalating-senate-probe-into-cio-s-losses.html3 http://www.bloomberg.com/news/2012-06-28/jpmorgan-slips-on-report-o

21、f-trading-loss-widening-to-9-billion.html4 T.J. Maxx, Sony PlayStation and many other firms have realized the significance of lossthat may be associated with technological risk that hackers pose to customer data. Thegrou

22、nding of a significant portion of the Southwest Airlines fleet demonstrates the riskof compliance risk. The business impacts of environmental risk have been noted with Hur-ricane Katrina, Deepwater Horizon, and Hurricane

23、 Sandy to name just a few. Competitiverisk and technological changes have also lead to recent struggles for household namedfirms (e.g. Kodak, Kmart, and Blockbuster). Regulatory and political risks also create bur-dens f

24、or businesses.http://dx.doi.org/10.1016/j.adiac.2017.01.0010882-6110/© 2017 Elsevier Ltd. All rights reserved.Contents lists available at ScienceDirectAdvances in Accountingjournal homepage: www.elsevier.com/locate/

25、adiacfinancial and market valuation data from the Standard and Poor's (S strategic, oper-ational, reporting, and compliance risk.7 Detailed information relating torisks identified through the ERM process is used to a

26、ssess the level ofrisk within the firm. Once identified and assessed, the firm evaluatesthe assessed level of risk against its risk tolerance levels to determinethe appropriate risk response (avoid, accept, share, or mit

27、igate via con-trol procedures). Independent of the risk response selected, the firmshould continuously monitor and update the likelihood and impact ofthe risk as well as additional risks identified. Finally, for the ERM

28、processto be effective, sufficient communication of risks at the appropriate leveland throughout the entire firm is necessary.8 Antikarov (2012, p. 5)notes that “risk and opportunity are inseparable,” therefore eliminati

29、onof risk exposure is not a feasible strategy to value creation. As a result, “acompany must take on the right risks, retain and manage them” in orderto create value for shareholders.2.1. Benefits of implementing ERMImpl

30、ementing ERM requires a significant investment by firms; how-ever the operational benefits of decreased costs and increased revenuesare not always readily identifiable. Relying on the disclosure of appoint-ments of Chief

31、 Risk Officers (CRO) as a proxy for ERM adoption, Lam(2001) finds that firms are able to “reduce losses and earnings volatility”and improve return on capital and shareholder value by implementingERM. Also using CRO appoi

32、ntments as a proxy for the implementationof an ERM process, Pagach and Warr (2010) find that firms adoptingERM experience a reduction in the volatility of earnings but do notfind general support for ERM creating value ac

33、ross several additionalmeasures. Beasley et al. (2008) find that the market response to ERMadoption, as proxied by CRO appointment, is firm specific. Using theDelphi Survey methodology, Monda and Giorgino (2013) indicate

34、 thatERM is more than just appointing a CRO, and identify several other im-portant aspects of effective ERM processes including reporting indepen-dence of the risk management function, extent of risk managementresources,

35、 identification of ownership of risk, and definition and com-munication of roles.Tonello (2007) contends that an effective ERM implementation con-siders the consequences of downside risk (negative consequences ofevents)

36、and methods for mitigating or avoiding such risk, as well asidentification and analysis of upside risk frequently referred to as oppor-tunities. Tonello (2007) suggests that ERM attempts to balance (opti-mize) the threat

37、s and opportunities that may lead to cost reductionsthrough the increased integration of risk assessment and management.This would lead to more profitable investment decisions and a more ob-jective basis for resource all

38、ocation. These cost reductions and improvedinvestment decisions increase firm cash flows and can provide addition-al operational benefits.Consistent with this line of reasoning, Pagach and Warr (2010) andTonello (2007) s

39、uggest that benefits of balancing the entire set of firm7 The focus of the objectives relate to the following: Strategic is focused on support oflong-term goals and organizational mission; Operations consider efficiency

40、and effective-ness of business processes and use of resources; Reporting relates to the quality and avail-ability of both internal and external reporting; and Compliance is focused on observancewith laws, regulations, an

41、d firm policy. 8 Prior to COSO-ERM (2004), Simons (1999) identified three categories of internal pres-sures to consider in measuring organizational risk; growth, culture, and information man-agement. Two separate categor

42、ies within the Simons (1999) Risk Calculator, growth andculture are heavily related to the Internal Environment component of the COSO-ERM(2004) framework. Furthermore, Simons (1999) identifies the importance of interacti

43、vemonitoring and communication throughout the organizational structure as well as the im-portance of internal controls within the organization as key instruments in managing or-ganizational risk. Although Simons (1999) d

44、oes not specifically identify financial reportingand regulatory compliance as risk objectives, each is an important consideration in meet-ing operational and strategic objectives.124 C. Callahan, J. Soileau Advances in A