Integration of enterprise risk management and management control system: Based on a case study

Ilhang Shin, Sorah Park

Research output: Contribution to journalArticlepeer-review

8 Scopus citations


This paper aims to discuss the concepts and methodological issues of enterprise risk management (ERM). The case study of company A shows that ERM has been implemented and integrated with management control as a means of monitoring its subsidiaries. First, ERM system was implemented through comprehensive review of corporate risk policies, risk management processes, roles and responsibilities, and risk culture. Second, company A integrated ERM with the existing management control system in order to evaluate the risk underlying the current management activities. Finally, ERM implementation was expanded to all subsidiaries so that each business unit would be delegated for its own risk management. This paper provides insight on the process how group-level internal auditors can use ERM as a tool to manage risk of subsidiaries, thereby filling the gap between academic research and practice. This successful ERM adoption case can be used as a guideline for other organizations, which plan to adopt ERM with reduced costs and improved processes.

Original languageEnglish
Pages (from-to)19-26
Number of pages8
JournalInvestment Management and Financial Innovations
Issue number1
StatePublished - Mar 2017

Bibliographical note

Publisher Copyright:
© Ilhang Shin, Sorah Park, 2017.


  • Enterprise risk management (ERM)
  • Internal audit
  • Management control system
  • Risk management


Dive into the research topics of 'Integration of enterprise risk management and management control system: Based on a case study'. Together they form a unique fingerprint.

Cite this