INARM

In May 2008, Standard & Poor’s Ratings Services announced its intention to include enterprise risk management (ERM) assessments in ratings of nonfinancial companies (see “Standard & Poor’s To Apply Enterprise Risk Analysis To Corporate Ratings ,” published May 7, 2008, on RatingsDirect). Since the third quarter of last year, our analysts have begun to incorporate specific ERM discussions into their regular meetings with the companies we rate, focusing on risk management culture and strategic risk management as two universally applicable aspects of ERM.

Among other things, we’ve been reviewing risk management structures, the roles of staff responsible for risk management, internal and external communication, and risk management policies and metrics. Our analysts have explored managements’ views of the most consequential risks that their firms face, their likelihood of occurring, how these top risks are identified, monitored, and updated, and the influence of risk sensitivity on liability management and financing decisions.

The complete Progress Report is available erm-update-22-jul-09.