Download Enterprise Risk Management - Integrated Framework PDF

Enterprise Risk Management - Integrated Framework
Name: Enterprise Risk Management - Integrated Framework
Pages: 246
Year: 2008
Language: English
File Size: 3.93 MB
Downloads: 0
Page 3

Committee of Sponsoring Organizations of the Treadway Commission (COSO) Oversight Representative COSO Chair John J. Flaherty American Accounting Association Larry E. Rittenberg American Institute of Certified Public Accountants Alan W. Anderson Financial Executives International John P. Jessup Nicholas S. Cyprus Institute of Management Accountants Frank C. Minter Dennis L. Neider The Institute of Internal Auditors William G. Bishop, III David A. Richards Project Advisory Council to COSO Guidance Tony Maki, Chair Partner Moss Adams LLP James W. DeLoach Managing Director Protiviti Inc. John P. Jessup Vice President and Treasurer E. I. duPont de Nemours and Company Mark S. Beasley Professor North Carolina State UniversityAndrew J. Jackson Senior Vice President of Enterprise Risk Assurance Services American Express Company Tony M. Knapp Senior Vice President and Controller Motorola, Inc. Jerry W. DeFoor Vice President and Controller Protective Life CorporationSteven E. Jameson Executive Vice President, Chief Internal Audit & Risk Officer Community Trust Bancorp, Inc. Douglas F. Prawitt Professor Brigham Young University PricewaterhouseCoopers LLP Author Principal Contributors Richard M. Steinberg Former Partner and Corporate Governance Leader (Presently Steinberg Governance Advisors)Miles E.A. Everson Partner and Financial Services Finance, Operations, Risk and Compliance Leader New York Frank J. Martens Senior Manager, Client Services Vancouver, Canada Lucy E. Nottingham Manager, Internal Firm Services Boston iii


Page 5

FOREWORD Over a decade ago, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) issued Internal Control Integrated Framework to help businesses and other entities assess and enhance their internal control systems. That framework has since been incorporated into policy, rule, and regulation, and used by thousands of enterprises to better control their activities in moving toward achievement of their established objectives. Recent years have seen heightened concern and focus on risk management, and it became increasingly clear that a need exists for a robust framework to effectively identify, assess, and manage risk. In 2001, COSO initiated a project, and engaged PricewaterhouseCoopers, to develop a framework that would be readily usable by managements to evaluate and improve their organizations" enterprise risk management. The period of the framework"s development was marked by a series of high profile business scandals and failures where investors, company personnel, and other stakeholders suffered tremendous loss. In the aftermath were calls for enhanced corporate governance and risk management, with new law, regulation, and listing standards. The need for an enterprise risk management framework, providing key principles and concepts, a common language, and clear direction and guidance, became even more compelling. COSO believes this Enterprise Risk Management Integrated Framework fills this need, and expects it will become widely accepted by companies and other organizations and indeed all stakeholders and interested parties. Among the outgrowths in the United States is the Sarbanes Oxley Act of 2002, and similar legislation has been enacted or is being considered in other countries. This law extends the long standing requirement for public companies to maintain systems of internal control, requiring management to certify and the independent auditor to attest to the effectiveness of those systems. Internal Control Integrated Framework, which continues to stand the test of time, serves as the broadly accepted standard for satisfying those reporting requirements. ThisEnterprise Risk Management Integrated Framework expands on internal control, providing a more robust and extensive focus on the broader subject of enterprise risk management. While it is not intended to and does not replace the internal control framework, but rather incorporates the internal control framework within it, companies may decide to look to this enterprise risk management framework both to satisfy their internal control needs and to move toward a fuller risk management process. Among the most critical challenges for managements is determining how much risk the entity is prepared to and does accept as it strives to create value. This report will better enable them to meet this challenge. John J. Flaherty Tony Maki Chair, COSO Chair, COSO Advisory Council v


Page 7

Table of Contents Executive S ummar y ........................................................................ ..................................... ....3 Frame w ork .................................................................... ................................................ ........11 1 . Definitio n ........................................................................ .............................................13 2 . Inter n al En v iron m en t ........................................................................ ...........................27 3 . Objecti v e Settin g ........................................................................ ..................................35 4 . Event Ide n tificatio n ........................................................................ ..............................41 5 . Risk Assess m en t ........................................................................ ..................................49 6 . Risk Respons e ........................................................................ ......................................55 7 . Control Activitie s ........................................................................ .................................61 8 . Infor m ation and Com m unicatio n ........................................................................ .........67 9 . Monitorin g ........................................................................ ...........................................75 10 . Roles and Responsibilitie s ........................................................................ ...................83 11 . Li m itations of Enterprise Risk Manage m en t ...............................................................93 12 . What to D o ........................................................................ ...........................................97 Appendices A . Objectives and Methodolog y ........................................................................ ...............99 B . Sum m ary of Key Principle s ........................................................................ ...............101 C . Relationship Between Enterprise Risk Management ... Integrated Framework and Internal Control ... Integrated Framework.................................................................109 D . Selected Bibliograph y ........................................................................ ........................113 E . Consideration of Comm e nt Letter s ........................................................................ ....115 F . Glossar y ........................................................................ .............................................121 G . Acknowledg m ent s ........................................................................ ..............................125 vii


Tags: Download Enterprise Risk Management - Integrated Framework PDF, Enterprise Risk Management - Integrated Framework free pdf download, Enterprise Risk Management - Integrated Framework Pdf online download, Enterprise Risk Management - Integrated Framework 2008 download, Enterprise Risk Management - Integrated Framework.pdf, Enterprise Risk Management - Integrated Framework read online.
About | Contact | DMCA | Terms | Privacy | Mobile Specifications
Copyright 2021 FilePdf