This latest thought leadership report from the Institute of Risk Management examines how we manage risk in today’s complex organisations, their value chains and networks of relationships – what we call the ’extended enterprise’.

Recent examples of why we should be concerned about this include the scandal in the UK when horsemeat appeared in some beef supply chains; the management by some banks of their outsourced IT providers and the tangle of responsibilities that became evident following the Macondo well disaster in the Gulf of Mexico.

Extended enterprise is about far more than ’supply chain risk management’ (although that is a component): we are looking beyond supply into the complex network of relationships that underpin public and private economic activity in modern economies. We are looking at a world of ’VUCA’ (volatility, uncertainty, complexity and ambiguity) and how risk can be managed in that context. Outsourced services, IT security, supplier assessments, joint ventures and partnerships, alliances and informal arrangements, together with the speed of change can all present challenges. And management of risk in the value chain can only ever be as effective as the management of the weakest link in it. Our study looks at how these issues interact and explores some tools and techniques that can help us understand and address the extended enterprise challenge.

Our executive summary document offers a set of questions that IRM thinks all boards, assisted by their risk professionals, should be asking about risk in their own extended enterprises.

Download the executive summary (free access)

Reflecting IRM’s partnership with ICSA, ICSA members also have access to a comprehensive 'Resources for Practitioners' document, prepared for IRM members. This provides more detailed insights into many of the topics covered in the executive summary

Access the 'IRM Resources for Practitioners' below

Log in to access resource