Skip Navigation Links.
Collapse IRMI OnlineIRMI Online
Expand How To Use IRMI OnlineHow To Use IRMI Online
My Paid Publications
Expand What's NewWhat's New
Expand DashboardsDashboards
Expand Commercial Liability InformationCommercial Liability Information
Expand Commercial Property InformationCommercial Property Information
Expand Commercial Auto InformationCommercial Auto Information
Expand D&O, PL, E&O, EPLI InformationD&O, PL, E&O, EPLI Information
Expand Workers Compensation InformationWorkers Compensation Information
Classifications and Cross-References
Collapse Risk Mgt. and Multiline InformationRisk Mgt. and Multiline Information
Expand Risk Management -- Why and HowRisk Management -- Why and How
Collapse Free Risk Management and Multiline CommentaryFree Risk Management and Multiline Commentary
Expand Brand Equity and Product RecallBrand Equity and Product Recall
Expand Catastrophe Risk ManagementCatastrophe Risk Management
Expand Corporate AviationCorporate Aviation
Expand Corporate Fraud PreventionCorporate Fraud Prevention
Expand Cyber and Privacy Risk and InsuranceCyber and Privacy Risk and Insurance
Expand Drafting and Interpreting Insurance PoliciesDrafting and Interpreting Insurance Policies
Collapse Enterprise Risk ManagementEnterprise Risk Management
Add Spreadsheets to Your Risk Inventory (July 2009)
The Role of the CIO in the Risk Intelligent Enterprise (February 2009)
Where Was Enterprise Risk Management? (November 2008)
Critical Role for the Chief Audit Executive: Aligning Risk Assessment (October 2008)
Chief Audit Executives and Risk Management Silos (March 2008)
Risk Management's Chief Audit Executive (December 2007)
Prescribing Risk Intelligence for the Life Sciences Sector (December 2007)
Enterprise Risk Management in Uncertain Times (October 2007)
Taking Risks To Create Value—It's What Capitalism's All About! (September 2007)
Risk Management Practices Cannot Be "Bolted On" (July 2007)
When Risks Marry and Multiply (June 2007)
Balancing Risk Probability and Vulnerability (May 2007)
Addressing the Full Spectrum of Risks (May 2007)
Bridging the "Silos" (April 2007)
Traditional Risk Management Inadequate To Deal with Today's Threats (March 2007)
The Alchemy of Enterprise Risk Management: Examples from the Investment World (December 2003)
Practical ERM Applications: Risk Integration (September 2003)
Implementing Enterprise Risk Management: Getting the Fundamentals Right (June 2003)
ERM Lessons Across Industries (March 2003)
Practical ERM Applications: Capital Allocation (November 2002)
Practical ERM Applications: Assessing Capital Adequacy (September 2002)
The Language of Enterprise Risk Management: A Practical Glossary and Discussion of Relevant Terms, Concepts, Models, and Measures (May 2002)
Implementing Enterprise Risk Management: The Emerging Role of the Chief Risk Officer (January 2002)
ERM and September 11 (November 2001)
Modeling the Reality of Risk: The Cornerstone of Enterprise Risk Management (July 2001)
Enterprise Risk Management in the Financial Services Industry: From Concept to Management Process (November 2000)
Enterprise Risk Management in the Financial Services Industry: Still a Long Way To Go (August 2000)
Enterprise Risk Management: What's Beyond the Talk? (May 2000)
Expand Internal ControlsInternal Controls
Expand NanotechnologyNanotechnology
Expand Political RiskPolitical Risk
Expand Risk Management: A Systemic ApproachRisk Management: A Systemic Approach
Expand Risk Management TechnologyRisk Management Technology
Expand SecuritySecurity
Expand Terrorism Risk Management & InsuranceTerrorism Risk Management & Insurance
Expand IRMI InsightsIRMI Insights
Expand IRMI Update Newsletter ArchivesIRMI Update Newsletter Archives
Expand Risk Finance InformationRisk Finance Information
Expand Construction InformationConstruction Information
Expand Personal Lines InformationPersonal Lines Information
Expand Claims, Caselaw, LegalClaims, Caselaw, Legal
Expand Insurance IndustryInsurance Industry
Expand Glossary of Insurance & Risk Management TermsGlossary of Insurance & Risk Management Terms
Expand SearchSearch
Terms of Use
Privacy Statement
System Requirements

Practical ERM Applications: Risk Integration

September 2003

This enterprise risk management column explains how to model the integration of risks from various sources, describing the process using the insurance industry as an example. The most critical step in integrating risks of disparate types, and from various sources, is to express each risk in terms of its potential impact on the key performance indicators (KPIs) used to manage the organization. Once built, the structural financial model can be used to create a probability distribution of KPI outcomes by means of simulation.

by Jerry Miccolis
Brinton Eaton Associates, Inc.

Earlier articles in this series have treated certain "Practical ERM Applications," specifically, Assessing Capital Adequacy (September 2002) and Capital Allocation (November 2002). This article describes an application that logically precedes those two in the overall enterprise risk management (ERM) process, i.e., how to model the integration of risks from various sources.

Consistent with previous articles, and to keep the discussion grounded in practical reality, we will describe the process in terms of an example that is specific to a certain industry, namely, the insurance industry.


Our discussion of the risk integration stage of the ERM process assumes that individual risk factors already will have been identified and prioritized through an enterprise risk assessment exercise. It also assumes that probability distributions for certain risk factors will have been determined. It is not assumed that probability distributions will have been determined around all risk factors, only those that have been determined to be (1) high priority and (2) of specific relevance to the question under study, e.g., capital management.

For capital management purposes, one would expect to have probability distributions around such risk factors as claim cost trends, natural catastrophe frequency and severity, asset values, and investment returns, for example.

A discussion of both the risk assessment exercise and the determination of probability distributions can be found in the Tillinghast-Towers Perrin monograph, RiskValueInsights: Creating Value Through Enterprise Risk Management.

Key Performance Indicators and Structural Financial Models

Perhaps the most critical step in integrating risks of disparate types, and from various sources, is to express each risk in terms of its potential impact (favorable or unfavorable) on the key performance indicators (KPIs) used to manage the organization. For any given organization, these KPIs may be one or more of such measures as revenue growth, earnings growth, earnings per share, growth in surplus, growth in embedded value, customer satisfaction, and brand image, for example.

For publicly traded companies, the KPIs are often explicitly or implicitly defined by the market (i.e., they are the measures focused upon by the organization's stock analysts). Ideally, the prioritization of risks that emerge from the organization's enterprise risk assessment exercise will have been done in terms of each risk's impact on these KPIs.

Most organizations will have at least a simple financial model of their operations that describe how various inputs (i.e., risk factors, conditions, strategies, and tactics) will impact their KPIs. These models are often used in developing strategic and operational plans. For example, insurance companies typically make assumptions regarding future trends in claim costs by business segment (e.g., by line of business, by region), which are used to determine needed rate levels by segment. These rate level projections are then combined with assumptions on volume growth and other relevant inputs to derive a pro forma estimate of overall corporate earnings (or some other KPI).

Often, business decisions (e.g., rate level, volume growth) are fine-tuned to produce the desired expected KPI result. Because these models explicitly capture the structure of the cause-and-effect relationships linking inputs to outcomes, they are termed structural (or causal) financial models.

While some organizations develop more sophisticated structural financial models than others, these models represent an excellent tool for integrating individual risk factors. We will return to this idea momentarily.

Stochastic Models

The structural financial models described above are generally deterministic models, i.e., they describe expected outcomes from a given set of inputs without regard to the probabilities of outcomes above or below the expected values. These models can be transformed into stochastic (or probabilistic) models by treating certain inputs as variable. For example, an expected future claim cost trend might be an input to a deterministic model of corporate earnings; recognizing that there is uncertainty in this trend, a probability distribution around the expected trend would be an input to a stochastic model. The model output (corporate earnings, in this case) would then also be a probability distribution.

Risk Correlations

Some of the variable inputs may be correlated with one another. For example, economic inflation (a driver of claim cost trends across multiple lines of business) is highly correlated with interest rates (a driver of asset values and investment returns). It is important to capture these correlationsâ€"indeed, this is the essence of ERM. A structural financial model of the enterprise is a practical way to do this.

In essence, a structural financial model allows one to capture the correlations among variable inputs in a simple, accurate, and logically consistent way by virtue of the model's cause-and-effect linkages of these inputs to common higher-level inputs. How this works can be seen in the sidebar examples given in Chapter V of RiskValueInsights: Creating Value Through Enterprise Risk Management. To the extent that certain inputs are not related to a common higher-level input, yet one believes that correlation exists between them, these correlations can be stated explicitly in terms of a covariance matrix, whose values can be determined through data analysis and/or expert opinion.

Structural Simulation Models

Once built, the structural financial model can be used to create a probability distribution of KPI outcomes by means of simulation. Such a model is termed a structural simulation model. A class of structural simulation models specific to the property/casualty insurance sector are termed Dynamic Financial Analysis (DFA) models. The KPI distributions that result from a structural simulation model can then be used for a number of purposes, including strategy optimization and capital management; the latter was described in the earlier two "Practical ERM Applications" articles cited above.

The marginal contribution of each individual risk factor to the overall risk profile of the organization can be determined by "turning off" that risk factor (i.e., by changing that particular input from stochastic to deterministic) and examining the impact on the KPI probability distribution. This technique provides a straightforward way of isolating the impact of a particular risk factor (such as natural catastrophes) on overall capital adequacy, for example. In this way, the prioritization of risk factors, which is typically done by informed judgment in the risk assessment step, can be more rigorously validated.

The Statistical Analytic Approach

It should be noted that an alternative to the structural simulation approach is the statistical analytic approach. Statistical analytic approaches make a number of simplifying, often restrictive, assumptions that allow the user to generate results quickly by solving equations "in closed form", i.e., without the need for simulations. These models therefore generally sacrifice structure and realism for speed and simplicity. They also are designed around a getting an answer to a specific narrowly defined question and thus lack the flexibility and robustness of structural simulation models.

Moreover, statistical analytic models also require that the correlations between all risk factors be explicitly stated in a covariance matrix, without regard to cause-and-effect relationships; spurious results are therefore more likely. Statistical analytic models are more prevalent and relevant in the banking sector than in the insurance sector; in the banking sector, risks are more "symmetric" and well-behaved, and speed of calculation is more critical. Within the insurance sector, statistical analytic models are more appropriate for industry oversight bodies than for individual companies; they can generally be run using publicly available data.

A fuller comparison of these two approaches is contained in an earlier article in this series, The Language of Enterprise Risk Management: A Practical Glossary and Discussion of Relevant Terms, Concepts, Models, and Measures (May 2002).

Opinions expressed in Expert Commentary articles are those of the author and are not necessarily held by the author's employer or IRMI. Expert Commentary articles and other IRMI Online content do not purport to provide legal, accounting, or other professional advice or opinion. If such advice is needed, consult with your attorney, accountant, or other qualified adviser.

© 2000-2015 International Risk Management Institute, Inc. (IRMI). All rights reserved.