Enterprise risk management, internal controls, organizational model, efficiency, key performance indicators


This article represents a theoretical background to a practical model of risk management and internal control systems integration within corporate governance structure. The provided model reduces the risk of duplicate management functions, minimizes bureaucracy and costs intensity of processes, motivates management to obtain results and covers all levels of company management. The ability to evaluate the management processes efficiency in relation to the main objectives of the company as well as the opportunity to control the management process at each level are distinctive features of the model.



            The model is based on the integration of the functions of the two most common models in practice: 3 LoD and functional model of risk management. Evaluating the effectiveness of management functions is achieved by the introduction of the key management performance indicators, and the accuracy of the base for the calculation of KPIs - by Behnisch M-score.



The introduction of risk management and internal control procedures are in themselves a sign of the maturity of the management company and an indicator of the potential investment appeal.

Compliance with all of the recommendations in relation to internal control and risk management is not appropriate and is destroying the value of small and medium-sized businesses.

Most of the processes of risk management and internal control systems are duplicative, but targeted at different results depending on the management objective.

Application of KPIs is expedient at evaluating the effectiveness of the organizational model of risk management and internal control, and choice of KPIs and their distribution depends on the risk owners in the model.

Application of Behnisch M-score increases business transparency and stakeholder confidence in the results.

Case study, presented in the article, fully reflects the purpose of research and demonstrates that management results are quite different among similar in size, type and market conditions companies: the poor organization of internal control and attempts to manipulate reporting, provokes negative trend - the company's value starts falling, despite the fact that the purpose of manipulation was to increase the investment attractiveness.



            None of the presented in prior research studies was not aimed on integration of management and control functions within a single model, and, moreover, was not aimed to use the accounting approach for evaluating the effectiveness of management functions. Nevertheless, the possibility of manipulating the statements are quite broad and do not always include illegal methods. In this regard it is necessary to consider the relevance of the data in the evaluation of the effectiveness of the company's management model.

Full Text : PDF

  1. Miller D., Friesen P.H. (1984). A longitudinal study of the corporate life cycle// - Management Science. - 30 (10), pp. 1161–1183.
  2. Andersen T.J. Effective risk management outcomes: Exploring effects of innovation and capital structure//Journal of Strategy and Management, -2009, -2(4), pp. 352-379.
  3. Damodaran A.(2007). Return on Capital (ROC), Return on Invested Capital (ROIC) and Return on Equity (ROE)//Measurement and Implications. pp. 5-7.
  4. Slywotzky, Adrian J., Drzik J.(2005). Countering the Biggest Risk of All//Harvard Business Review/ Harvard Business School Publishing. Apr. P. 78–88.
  5. COSO ERM – Integrated Framework (2011), URL (Date of retrieve: 12.08.2014)
  6. Beasley M., Pagach D., Warr R., Information conveyed in hiring announcements of senior executives overseeing enterprise-wide risk management processes// Journal of Accounting Auditing and Finance,- 2008, - 23, pp. 311.
  7. Skobeleva I.P., Sanzhiyeva T.V. (2014) Adaptatsiya risk-menedzhmenta k sovremennym kontseptsiyam strategicheskogo upravleniya kompaniyey // Sovremennyye aspekty ekonomiki. № 4 (188). SPb.: «Info-da», 2013.- s.50-55.[Russian]
  8. Badalova A.G.(2006) Upravleniye riskami proizvodstvennykh sistem: teoriya, metodolo-giya, mekhanizmy realizatsii. Monografiya. – M.: «Stankin», «YANUS-K»[Russian]
  9. Mamedova A. (2012) Risk menedzhment v internet kompanii. URL: 
  10. <> (Date of retrieve: 12.08.2014)
  11.  [Russian]
  12. Minsky S.(2012)How to Measure your Enterprise Risk Management Effectiveness, URL: 
  13.>(Date of retrieve:05.03.2014).[Russian]
  14. Basova M., Michelsky A.(2011) Risk Management KPIs: Efficiency Tool or Formality? 2011, URL 
  15. <>. (Date of retrieve: 10.07.2014)
  16. Carol T., Webb M. (2001). The Risk Factor: How to Make Risk Management Work for you in Strategic Planning and Enterprise/- Harrogate, UK: Take this Books. 
  17. Shimko D. and others. (2013) Approaches to Enterprise Risk Management /QFINANCE Key Concepts. pp. 260.
  18. Korniyenko O.YU., Makarova V.A. (2015) Aktual'nyye voprosy otsenki effektivnosti korporativnogo risk menedzhmenta: Monografiya /Izd-vo Politekh. Uniyersiteta, Sankt-Peterburg, 264 pp. [Russian]
  19. Kamar, E., Karaca-Mandic P., Talley E. (2008). Going Private Decisions and the Sarbanes-Oxley Act of 2002: A Cross-Country Analysis, WR-300-2-EMKF.
  20. Makarova V.A. (2014).The analysis and estimation of economic efficiency of risk management. Effective crisis management. 2015;(3):72-83. 
  21. Hoyt R., Liebenberg A. (2006). The value of enterprise risk management: Evidence from the U.S. insurance industry//University of Georgia. Working paper.
  22. Smithson C., Simkins B. (2005) Does Risk Management Add Value? A Survey of the Evidence//Journal of Applied Corporate Finance.— №17 — pp. 8-17.
  23. Beasley M., Pagach D., Warr R.,(2008). Information conveyed in hiring announcements of senior executives overseeing enterprise-wide risk management processes// Journal of Accounting Auditing and Finance, - 23, pp. 311.
  24. Aabo T., Fraser J., Simkins B. (2005) The Rise and Evolution of the Chief Risk Officer: Enterprise Risk Management at Hydro One.Journal of Applied Corporate Finance— №17 — pp. 62-75. 
  25. Makarova V. A. (2015) Effektivnost' risk-menedzhmenta: otsenka i yeye vliyaniye na inve-stitsionnuyu privlekatel'nost' biznesa // Upravleniye finansovymi riskami. № 04(44). s. 270-287. [Russian]
  26. Bychkova, S.M; Itygilova, Ye.YU.(2010) Riski iskazheniya uchetnoy informatsii: vyyavle-niye v protsesse audita// Auditorskiye vedomosti, 2010, №12. URL: (Date of retrieve: 20.02.2014) [Russian]
  27. Cherkasova, Ye.V; Istomin, V.S. Manipulirovaniye finansovoy otchotnost'yu. URL: 
  28. (Date of retrieve: 22.02.2014) [Russian]
  29. Vakhrushina, M.A. K voprosu o transparentnosti finansovoy otchotnosti. URL: 
  30. of retrieve 20.02.2014) [Russian]
  31. Rogov M. (2012) «Zolotoy standart» risk-menedzhmenta//Depozitarium. № 9. URL:
  32. (Date of retrieve: 20.02.2014) [Russian]
  33. Klochkov A.K. (2010). KPI i motivatsiya personala. Polnyy sbornik prakticheskikh instrumentov/ Eksmo; Moskva; 103 s.[Russian]
  34. Gates, Susan M. Kristin J. Leuschner (2007) Do Benefits of Sarbanes-Oxley Justify the Costs? Empirical Evidence in the Case of Small Firms. Santa Monica, CA: RAND Corporation, 
  35. Olesiński B., Opala P., Rozkrut M., Torój A. (2014) Short-termism in business:  causes, mechanisms and consequences, E&Y, URL 
  36. (Date of retrieve: 31.01.2017)