On the Need for Rethinking Current Practice that Highlights Goal Achievement Risk in an Enterprise Context.

This article addresses the issue of how performance and risk management can complement each other in order to enhance the management of an enterprise. Often, we see that risk management focuses on goal achievements and not the enterprise risk related to its activities in the value chain. The statement "no goal, no risk" is a common misconception. The main aim of the article is to present a normative model for describing the links between performance and risk, and to use this model to give recommendations on how to best structure and plan the management of an enterprise in situations involving risk and uncertainties. The model, which has several novel features, is based on the interaction between different types of risk management (enterprise risk management, task risk management, and personal risk management) and a structure where the enterprise risk management overrules both the task and personal risk management. To illustrate the model we use the metaphor of a ship, where the ship is loaded with cash-generating activities and has a direction over time determined by the overall strategic objectives. Compared to the current enterprise risk management practice, the model and related analysis are founded on a new perspective on risk, highlighting knowledge and uncertainties beyond probabilities.