Enterprise Risk Management (ERM) aims to help organizations better monitor, analyze, and control their risks and policymakers to focus on procedures to improve organization and risk governance. Over the years, several artifacts have been proposed in this area to address different goals in ERM. The main objective of this article is to provide an overview of the literature related to the areas of ERM and Information Systems in order to understand how traditional risk governance adapts to the new digital reality of organizations. To better structure the results obtained, the articles were divided into three distinct categories: articles that offer guidelines for ERM management, articles that propose ways to measure the maturity of organizations in ERM, and articles that propose methods to increase an organization's maturity in ERM.
Fernandes, Andre D.; Ramalho, Daniel; and Mira da Silva, Miguel, "Enterprise Risk Management and Information Systems: a Systematic Literature Review" (2022). CONF-IRM 2022 Proceedings. 11.