ERM stands for Enterprise Risk Management, which is a framework for managing organizational risk. It is a top-down strategy that aims to identify, assess, and prepare for potential losses, dangers, hazards, and other potentials for harm that may interfere with an organizations operations and objectives and/or lead to losses. ERM can be described as a risk-based approach to managing an enterprise, integrating concepts of internal control, data protection, and strategic planning. The objective of ERM is to develop a holistic, portfolio view of the most significant risks to the achievement of the entitys most important objectives. ERM is evolving to address the needs of various stakeholders, who want to understand the broad spectrum of risks facing complex organizations to ensure they are appropriately managed. An effective ERM process should be an important strategic tool for leaders of the business, and insights about risks emerging from the ERM process should be an important input to the organization’s strategic plan. ERM is important because it helps prevent losses or unexpected negative outcomes, and it helps a company set the plans in place to strategically approach risk and garner employee buy-in.