In the United States, COSO published its Enterprise Risk Management Aligning Risk with Strategy and Performance
Question:
In the United States, COSO published its Enterprise Risk Management – Aligning Risk with Strategy and Performance (COSO ERM, or ERM framework) in 2017. In 2004, COSO identified a need for a robust framework to help companies effectively identify, assess, and manage risk. The resulting risk management framework expanded on the previously issued Internal Control – Integrated Framework, incorporating all key aspects of that framework in the broader ERM framework. COSO updated its Internal Control – Integrated Framework in 2013 and released an update to the 2004 ERM framework in 2017. COSO defines ERM as the culture, capabilities, and practices, integrated with strategy-setting and its execution, that organizations rely on to manage risk in creating, preserving, and realizing value. In 2009, the International Organization for Standardization issued its standard ISO 31000:2009 (ISO 31000), the first globally recognized standard related to risk management. ISO 31000 was developed to provide a globally accepted way of viewing risk management, taking into consideration principles, frameworks, models, and practices that were evolving around the world. ISO 31000 includes three sections— principles, framework, and process. Utilize the Knowledge Leader website and perform the following:
A. Authenticate to the Knowledge Leader website using your username and password.
B. Perform research on these two globally recognized risk management frameworks. Compare and contrast these frameworks. How do they differ? How are they similar?
C. Submit a brief write-up indicating the results of your research to your instructor.
Step by Step Answer:
Internal Auditing Assurance & Advisory Services
ISBN: 9780894139871
4th Edition
Authors: Urton L. Anderson, Michael J. Head, Sridhar Ramamoorti, Cris Riddle, Mark Salamasick, Paul J. Sobel