International ERM Glossary

The International ERM Glossary is intended to provide users with a set of definitions that are in common usage around the world by actuaries, regulators and members of the insurance industry. The purpose in developing the glossary is to help provide a common understanding of the terms currently in use, as definitions and meanings have varied over time, and among practitioners. It can also be used as a training and educational tool for regulators.

The glossary can be consulted per letter, organization or grouping.

DISCLAIMER: The content of the International ERM Glossary has been compiled by the Joint ORSA Subcommittee of the Insurance Regulation Committee and the Enterprise and Financial Risk Committee of the IAA. This information has been collated and presented for educational and informational purposes to the members of the IAA and interested parties. The IAA assumes no responsibility for the accuracy, completeness, currency, reliability of the information in the International ERM Glossary or access to any information contained on any of the sources cited in the Glossary. The IAA, its employees and officers shall not be liable for any loss or damage, direct or indirect, which may arise or occur as a result of the use of or reliance upon any of the material in the International ERM Glossary.


TermGroupingOrganization or Jurisdiction Defining TermSource of DefinitionDefinition
Enterprise Risk ManagementGeneralCOSOCOSOThe culture, capabilities, and practices, integrated with strategy-setting and its execution, that organizations rely on to manage risk in creating, preserving, and realizing value.E
Framework (ERM Framework)GeneralCOSOCOSOThe five components consisting of (1) Risk Governance and Culture; (2) Risk, Strategy, and Objective-Setting; (3) Risk in Execution; (4) Risk Information, Communication, and Reporting; and (5) Monitoring Enterprise Risk Management Performance.F
Reverse Stress TestingMethodsCOSOCOSOThe possibility that events will occur and affect the achievement of strategy and business objectivesR
RiskRisk CategoriesCOSOCOSOThe possibility that events will occur and affect the achievement of strategy and business objectivesR
Risk AppetiteGeneralCOSOCOSOThe types and amount of risk, on a broad level, an organization is willing to accept in pursuit of value.R
Risk LimitGeneralCOSOCOSOThe maximum amount of risk that an entity is able to absorb in the pursuit of strategy and business objectives.R
Risk ProfileGeneralCOSOCOSOA composite view of the risk assumed at a particular level of the entity, or aspect of the business model that positions management to consider the types, severity, and interdependencies of risks, and how they may affect performance relative to its strategy and business objectives.R