Enterprise Risk Management Info

Looking to implement ERM more formally, and wondering what others have in place for department structure, reporting, etc. Looking for the following information:

• Asset Size?
• Title of person responsible for ERM?
• Other than ERM, what else falls under that area (compliance, legal, vendor management, business coninuity, etc.)?
• If Internal Audit reports up through the head of ERM, how do you maintain independence? Who reports IA activity to Supervisory Committee?
• Where does the ERM department ultimately report?
• How many people work on ERM specifically/dept size?

THANK YOU!