How pharmaceutical companies successfully implements an Enterprise Risk Management (ERM) programme, to identify and manage potential risks, can mean the difference between financial freedom and financial despair. The Committee of Sponsoring Organization (COSO) guidelines, a voluntary private sector organization in the United State, has developed internal control guidelines to provide guidance to executive management and governance entities on critical aspects of organizational governance, business ethnic, internal control, fraud and financial reporting. This chapter will discuss an approach to build an ERM implementation  plan within Fidson Healthcare Limited, by outlining the responsibilities and influence of industry participants, sales forces, middle- management and senior leadership and the ways in which they focus on monitoring and developing the risk mitigation process. The influences of technologies are integrated and new directions, such as e-mails and e-detailing. Thus, in order to mitigate business risk, some companies use Enterprise Risk Management concept (ERM, developed by COSO) to establish an effective corporate management system. The researcher is thus, quickening to use this piece of study to evaluate the need of ERM in Fidson Healthcare Limited. Data were sourced from the primary and secondary sources of data, using words by other authors and information gathered from the oral interview carried out on the respondent. Hypothesis was formulated and tested using Chi- square method. Finally, it was discovered that there is need for Enterprise Risk Management tools Pharmaceutical Companies (Fidson Healthcare Limited), for them to achieve their business objectives and for effectiveness in running of their businesses.




In the business world, every individual and businesses are exposed to risk. For any business to exist and survive, the business has to go through some challenges of risk. Risks are in existence simply because entities, companies and organizations have ‘assets’ of a material or immaterial nature that could be subject to physical harm that has consequences on the known entity (Andy Osborne 2012- Risk Management made easy).

In Risk management, there is no formal definition of. Risk has been defined by different scholars based on their level of understanding. One of such definition of risk is “Risk implies exposure to uncertainty or threat (Kannan and Thangavard, 2008) and “a decision to do nothing to explicitly avoid the opportunities that exists and leaving threats unmanaged.”(Webster, 2007). Also, Risk can be defined as the combination of the probability of an event and its consequences (ISO/IEC Guide 73).

Risk management therefore, is a proactive approach to reduce threats, increase opportunities, and optimize achievements of objectives (Pearce and Robinson, 2000, Webster, 2004,’ Gray and Larson, 2006.’Rejda, 2001). Also, Andy Osborne 2012 says risk management is a structured and coherent approach to identify, analyze and manage risks that affects the strategy, process, people and technologies.

“Prior the emergence of ERM, organizations used to handle their risk individually and independently, using the traditional ways of risk managements of”:

·        Identification

·        Evaluation

·        Control

As time goes on, companies now realized that it would favour them more to treat their risks as a whole (portfolio), as would surely reduce its costs and expenditure incurred in managing risk. And that was how ERM came into existence in 2004 Olaf Passenheim, 2011).

ERM is a holistic way of treating risk in an organization, Olaf Passenheim-2011). ERM is a risk cover that takes into considerations, all types of risks faced by an organization, such as – Strategic, Financial, Operation and Hazard risks. These frameworks are the ways ERM can be effected by an organization (Olaf Passenheim- 2011).

ERM is usually decided and effected by senior managers of an organization, and after the decision is taken, it passes on to other personnel of the organization, until it gets to the lowest rank of the organization. This is because; everyone has to have knowledge of the way risk is being managed in their organization.

In the corporate environment, COSO (2004) also says Enterprise risk management is the best tool to be used in combating all risk available and causing damages to the industry; using its frameworks guide of:

Strategic Risk

 Operational Risk

 Financial/Reporting Risk

Hazard/Compliance Risk

Enterprise risk management is a procedure to minimize the adverse effects of a possible financial loss by:

 Identifying potential sources of loss

Measuring the financial consequences of a loss occurring.

 Using controls to minimize actual losses or their financial consequences (Olaf Passenheim-2011).

A closer look on Enterprise risk management in pharmaceutical company reveals that in Fidson Healthcare limited, that there are lots of risks that need proper management. Some of the risks are IT risk, financial reporting risks, environmental or legal risks, production risk and administrative risk. With the situation of all risk exposures in the industry, the industry needs to set goals of risk management which are to protect the industry against downside risks, to manage volatility around business and financial results of the industry and to optimize risk and returns of Fidson Healthcare Limited.