Week4 Discussion
ITS 835
Unit 4
Frameworks
ISO 31000/Updated ISO 31000
COSO
COSO II
ISO 31000/Updated
History of 31000
Structure of 31000
Current Use of 31000
Exhibit: ISO 31000 Enterprise Risk Management Process Chart
3
COSO
History of COSO
Structure of COSO
Current Use of COSO
4
COSO II
History of COSO II
Structure of COSO II
Current Use of COSO II
Exhibit COSO II
5
Corporate Objectives
Risk Management Process (ISO 31000)
Internal Audit
COSO Lines of Defense
COSO’s Lines of Defense
First Line: Business and Operating Units
Second Line: Risk and Compliance Functions
Third Line: Internal Audit
Measuring Performance
Conventional Performance Metrics
Non-Financial Measures
Methodology of Determining Appropriate Performance Metrics
Executive Buy-In
Single biggest factor when it comes to successful Enterprise Risk Management (ERM) is executive support
Responsibility for ERM starts at the top
Every manager is responsible
References
COSO (2013). Retrieved from https://www.coso.org.
CAN/CSA-ISO 31000-10 (2009). Risk Management – Principles and Guidelines, International Standards Organization/Canadian Standards Association.