Please enable JavaScript.
Coggle requires JavaScript to display documents.
Committee of Sponsoring Organisations of the Treadway Commission (COSO):…
Committee of Sponsoring Organisations of the Treadway Commission (COSO): ERM - Integrated Framework
Arose out of need for robust framework to effectively identify, assess & manage risk
Developed jointly with PwC
ERM Framework with key principles & concepts, a common language, and clear direction and guidance
US Sarbanes-Oxley Act of 2002
Underlying premise of ERM: every firm exists to provide stakeholder value
All firms face uncertainty
Value maximised: management sets strategy and objectives to strike optimal balance between growth & return goals & related risks, efficiently and effectively deploys resources
ERM comprises: (1) aligning risk appetite & strategy; (2) enhancing risk responses, (3) reducing operational surprises & losses, (4) identifying and managing multiple & cross-enterprise risks; (5) seizing opportunities; and (6) improving deployment of capital
Events: risks and opportunities
May be negative, positive or both: Positive may offset negative impacts or represent opportunities.
Management channels opportunities back to strategy or objective setting processes, formulating plans to seize opportunities
ERM Defined: Process, effected by board, management and other personnel, applied in strategy setting and across firm, designed to identify potential events that may affect firm, and manage risk to be within its risk appetite
Objectives: (1) strategic, (2) operations, (3) reporting, (4) compliance
Components of ERM: (1) internal environment, (2) objective setting, (3) event identification, (4) risk assessment,(4) risk response, (5) control activities, (6) information and communication, (7) monitoring
Relationship of objectives and components
Direct relationship
Effectiveness: Exercise of judgment resulting from assessment of whether 8 components are present & functioning effectively
Limitations: There are always limitations. Human judgment in decision-making, decisions on responding to risk and establishing controls need to consider relative costs and benefits, breakdowns occur because of human failures
Encompasses Internal Control: integral part of ERM
Roles and responsibilities
CEO: ultimately responsible and ought to assume ownership
Other managers
Use of COSO based ERM report
Board
senior management
Other entity personnel
Regulators
Professional bodies
Educators