Skip to main content

Development of an Enterprise Risk Management (ERM) Evaluation Toolbox

Establishing the current status and future direction of an organization’s enterprise risk management (ERM) practice requires an ability to benchmark the existing level of performance, prioritize where risk management actions are warranted, and implement cost-effective risk mitigation strategies that are practical and achievable. This involves the following process steps: 1) risk identification, 2) scenario development, 3) estimation of scenario likelihood and consequence, 4) selection of risk priorities, and 5) development and evaluation of candidate mitigation strategies.

In response to this need, Vanderbilt researchers developed an ERM methodology that addresses the aforementioned process steps, which was subsequently demonstrated in a pilot application involving a major freight transportation carrier. This led to a follow-on research activity designed to automate the methodology such that the ERM decision-support tool could be accessed by a broader set of transportation stakeholders who could benefit from its availability.

The product of this effort is a web-based application, called RiskCatcher, structured in a user-friendly, menu-driven format, with modules that mirror the previously-described process steps. It operates much in the same way as TurboTax®, in that users select relevant risk categories, following which they are presented with selections within each category that are chosen to describe scenarios and corresponding scenario likelihoods and consequences. RiskCatcher can be used to perform both quantitative and qualitative risk analyses. Results are portrayed in graphic and tabular form, and may be exported to other software applications. The program also includes a library where relevant information can be sourced for use as default values to support various scenario evaluations.

RiskCatcher can be accessed through the following url:

This decision-support tool offers the potential for organizations in the freight transportation industry and other sectors to implement enterprise risk management as a core business practice. RiskCatcher can improve the organization’s ability to identify priority risks and select appropriate management control strategies for mitigating those risks. Ultimately, this can enable an organization to operate with less vulnerability and greater resilience in dealing with the risks that threaten its well-being.