Future-Ready Sales Governance: A Scalable ERM Framework for Risk-Value Co-Management in Global Retail

Jing Yang

doi:10.70393/616a736d.333331

Authors

Jing Yang Purdue University

DOI:

https://doi.org/10.70393/616a736d.333331

ARK:

https://n2t.net/ark:/40704/AJSM.v3n6a02

Disciplines:

Management

Subjects:

Operations Management

References:

16

Keywords:

Sales Compliance Governance, Policy Automation, Risk-Performance Alignment

Abstract

This study proposes a future-ready sales-governance framework, grounded in COSO-ERM, to address the dual challenge of compliance and value creation in the global retail sector. The framework integrates three components—the Three Lines model (3LOD), a Policy-as-Code digital control library, and a KRI × KPI dual-metric system—to embed risk management within pricing, promotion, channel, and third-party processes. Using Walmart as the primary empirical case, we implement a mixed-methods evaluation that combines descriptive reconstruction, pre- and post-comparative analysis, and longitudinal trends based on public disclosures, regulatory materials, and industry benchmarks. We analyze monthly incident-to-resolution time (IRT) as the primary efficiency outcome, reporting period means with 95% confidence intervals. Metric definitions and data sources are detailed in Table 1, and annual aggregates are presented in Table 2. Results indicate materially improved compliance efficiency and more stable commercial outcomes consistent with ERM maturation and policy-as-code coverage. Overall, ERM-driven sales governance enables a shift from reactive compliance to proactive risk–value co-management, enhancing organizational resilience and supporting sustainable growth in increasingly regulated markets.

Downloads

Download data is not yet available.

Metrics

Metrics Loading ...

Author Biography

Jing Yang, Purdue University

School of Business, Purdue University, Indiana, USA, 47907.

References

[1] Simpson, E. M., & Thorpe, D. I. (1995). A conceptual model of strategic considerations for international retail expansion. Service Industries Journal, 15(4), 16-24.

[2] Wolak, R., Kalafatis, S., & Harris, P. (1998). An investigation into four characteristics of services. Journal of Empirical Generalisations in Marketing Science, 3(2).

[3] Mayer, N., Aubert, J., Grandry, E., Feltus, C., Goettelmann, E., & Wieringa, R. (2019). An integrated conceptual model for information system security risk management supported by enterprise architecture management. Software & Systems Modeling, 18(3), 2285-2312.

[4] Sultan, E. W. A. M. (2022). Key performance indicators (KPIs), key result indicator (KRIs) and objectives and key results (OKRs): A new key incorporated results (KIRs) approach. Arabian Journal of Business and Management Review (Kuwait Chapter), 11(4), 147-157.

[5] Van Danh, B., & Anh, N. D. T. N. H. (2016). Proposing appropriate processes for creating KPIs in performance appraisal of Vietnamese companies. Tạp chí Khoa học và Công nghệ-Đại học Đà Nẵng, 6-8.

[6] Eastman, E. M., Ehinger, A. C., & Xu, J. (2024). Enterprise risk management and corporate tax planning. Journal of Risk and Insurance, 91(3), 529-566.

[7] Miller, K. D., & Reuer, J. J. (1998). Firm strategy and economic exposure to foreign exchange rate movements. Journal of International Business Studies, 29(3), 493-513.

[8] Palkovics, L., & Fries, A. (2001). Intelligent electronic systems in commercial vehicles for enhanced traffic safety. Vehicle System Dynamics, 35(4-5), 227-289.

[9] Sollanek, K. J., Staab, J. S., Kenefick, R. W., & Cheuvront, S. N. (2020). Biological variation of arginine vasopressin. European Journal of Applied Physiology, 120(3), 635-642.

[10] Davies, H., & Zhivitskaya, M. (2018). Three lines of defence: a robust organising framework, or just lines in the sand. Global Policy, 9, 34-42.

[11] Mozar, C. A., Ybañez, A. E. B., & Paulino, E. P. (2025). Risk Governance Ecosystem in Information Communications Technology Industry using the Three Lines of Defense (3LOD) Framework Approach in the Philippines. Journal of Business and Management Studies, 7(5), 117-131.

[12] Caracciolo, M. (2023). Policy as Code: How to automate cloud compliance verification with open-source tools (Doctoral dissertation, Politecnico di Torino).

[13] Benade, S. J., & van Waveren, C. C. (2012, July). Project Portfolio Management and Enterprise Resource Management: Merging Technologies? In 2012 Proceedings of PICMET'12: Technology Management for Emerging Technologies (pp. 2395-2404). IEEE.

[14] Agbor, G. (2024). Corporate Criminal Liability in Bribery and Corruption in the United States and the World.

[15] Warczak Jr, P. (2021). The War on Bribes: The FCPA and the Global Battle to End Corruption. Available at SSRN 3828842.

[16] Bahmann, B., & Carbon, C. C. (2025). The Impact of Innovation on Leadership Succession in Family Businesses: A Structured Literature Review [2004-2024]. European Journal of Family Business, 15(1), 1-18.