Guidance on Enterprise Risk Management

 

Enterprise Risk Management — Integrated Framework (2004)

In response to a need for principles-based guidance to help entities design and implement effective enterprise-wide approaches to risk management, COSO issued the Enterprise Risk Management – Integrated Framework in 2004. This framework defines essential enterprise risk management components, discusses key ERM principles and concepts, suggests a common ERM language, and provides clear direction and guidance for enterprise risk management. The guidance introduces an enterprise-wide approach to risk management as well as concepts such as:  risk appetite, risk tolerance, portfolio view. This framework is now being used by organizations around the world to design and implement effective ERM processes. Available for purchase in the AICPA Store. Click “Order Here” above.

MORE >>

 

 

ERM Thought Papers


ERM Risk Assessment in Practice
This thought paper provides leadership thinking on risk assessment approaches and techniques that have emerged as the most useful and sustainable for decision-making. It represents another in a series of papers published by COSO aimed at helping organizations move up the maturity curve in their ongoing development of a robust ERM program.
Read the press release
View and download here 


Enterprise Risk Management for Cloud Computing
This thought paper is published in response to the growing number of organizations utilizing cloud computing as a viable alternative for meeting their technology needs. The thought paper provides guidance on following the principles of the COSO Enterprise Risk Management (ERM) Integrated Framework to assess and mitigate the risks arising from cloud computing.  
Read the press release.
View and download here.

Enhancing Board Oversight: Avoiding and Challenging Traps and Biases in Professional Judgment
A thought-paper detailing a five-step judgment process that board members and others can use to overcome common pitfalls and mitigate the effects of judgment bias. The judgment process is based on KPMG’s Professional Judgment Framework, which enables individuals to identify where and when the quality of judgments tends to be threatened by predictable, systematic judgment traps and biases.
Read the press release
View and download here

Enterprise Risk ManagementUnderstanding and Communicating Risk Appetite
Organizations encounter risk every day as they pursue their objectives. Risk appetite — the amount of risk organizations are willing to accept in pursuit of their objectives — is an integral part of an effective ERM system. This thought paper aims to help organizations develop, better articulate, and implement “risk appetite.” It provides examples of statements of risk appetite and emphasizes the notion that risk appetite should be clearly defined, communicated by management, embraced by the board, and continually monitored and updated.
Read the press release
View and download here.

 

Embracing Enterprise Risk Management: Practical Approaches for Getting Started
This paper is intended to help organizations start down the path toward improving risk management. This thought paper describes how an organization can start to move from informal risk management to ERM. Moreover, it discusses the increasing importance of and focus on ERM and the need for all types of organizations to understand and embrace ERM. The paper also examines perceived barriers to starting ERM and working through those barriers.

Read the press release
View and download here.


Developing Key Risk Indicators to Strengthen Enterprise Risk Management

This paper is directed towards managers. It provides practical examples to help executives develop effective key risk indicators to heighten board and management enterprise risk awareness in order to increase the effectiveness of an ERM process and improve the execution of an organization’s strategy.

Read the press release
View and download here.

 

Board Risk Oversight – A Progress Report: Where Boards of Directors Currently Stand in Executing their Risk Oversight Responsibilities
This report is based on a survey that sought input directly from over 200 corporate directors to obtain deeper knowledge of the current state and desired future state of the risk oversight process as it is applied by boards of directors.

Read the press release
View and download here.

COSO’s 2010 Report on ERM: Current State of Enterprise Risk Oversight and Market Perceptions of COSO’s ERM Framework
This report is based on a survey launched to obtained information from corporate management about the current state of their risk oversight processes and feedback about COSO’s 2004 Enterprise Risk Management - Integrated Framework.

Read the press release.
View and download here.

Strengthening Enterprise Risk Management for Strategic Advantage
This document is a helpful resource for articulating the strategic value of effective ERM. The publication further develops the responsibilities of board of directors presented in the first thought paper on ERM. This paper highlights key elements of ERM for board and senior executive consideration as they re-examine their existing approaches to risk oversight. The paper also provides a list of four specific areas where senior management can work with its board to enhance the board’s risk oversight capabilities.

Read the press release
View and download here.

Effective Enterprise Risk Oversight: The Role of the Board of Directors
The paper emphasizes the role of the directors with regard to ERM. It lays out four core responsibilities of boards in the oversight of management’s risk processes and top risk exposures arising out of those processes.

Read the press release
View and download here.