Coso current erm challenges and our responses
This presentation is the property of its rightful owner.
Sponsored Links
1 / 19

COSO: Current ERM Challenges and Our Responses PowerPoint PPT Presentation


  • 80 Views
  • Uploaded on
  • Presentation posted in: General

COSO: Current ERM Challenges and Our Responses. RIMS 2012 Annual Conference April 17, 2012 by David Landsittel COSO Chairman. About COSO. Formed in 1985 to sponsor a Commission to examine fraudulent financial reporting A joint initiative of five private sector organizations Sponsors :

Download Presentation

COSO: Current ERM Challenges and Our Responses

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Coso current erm challenges and our responses

COSO: Current ERM Challenges and Our Responses

RIMS 2012 Annual Conference

April 17, 2012

by David Landsittel

COSO Chairman


About coso

About COSO

Formed in 1985 to sponsor a Commission to examine fraudulent financial reporting

A joint initiative of five private sector organizations

Sponsors:

American AccountingAssociation (AAA)

American Institute of Certified Public Accountants (AICPA)

Financial ExecutivesInternational (FEI)

Institute of Management Accountants (IMA)

The Institute of Internal Auditors (IIA)


Mission

COSO’s Mission is “To provide thought leadership through the development of comprehensive frameworks and guidance on enterprise risk management, internal control and fraud deterrence designed to improve organizational performance and governance and to reduce the extent of fraud in organizations.”

COSO’s Fundamental Principle

Good risk management and internal control are necessary for long term success of all organizations

Mission


Coso s three areas of focus

COSO’s Three Areas of Focus

Enterprise Risk Management

Internal Control

Fraud Deterrence


Coso current erm challenges and our responses

Timeline

2010: Fraud Study II-

Fraudulent Financial

Reporting: 1998-2007

2004: Enterprise Risk

Management Framework

1987: Treadway

Commission Report

2009: Guidance on

Monitoring Internal

Control Systems

1996: Internal Control

Issues in Derivatives

1990

2000

2010

1995

2005

1985

1999: Fraud Study I-

Fraudulent Financial

Reporting: 1987-1997

2006: Guidance for Smaller Businesses onInternal Control overFinancial Reporting

1992: Internal Control –

Integrated Framework

2010-2012: Recent ERM thought papers on current issues


Coso erm framework

COSO ERM Framework

Issued in 2004

Fundamental characteristics

A portfolio view of risks at the

entity-level

Risk identification, prioritization,

and response

Managing risk within the entity’s

risk appetite

Consideration of risks in

formulation of strategy

Widely but not universally used

Implementation not as robust


Some current erm challenges that impact coso

Some Current ERM Challenges that Impact COSO

Uneven support to adopt any formal risk management process

Less than robust ERM implementation

Difficulty “getting started” with ERM implementation

Failure to consider low likelihood but high impact risks – overconfidence

Inadequate board oversight of risk management – and regulatory pressure mounting for better oversight

Immature development of risk appetite


Coso erm response

COSO ERM Response

Our objective – to assist stakeholders in moving up “maturity curve” of an effective ERM process


Coso erm thought papers

COSO ERM “Thought Papers”

  • “Effective Enterprise Risk Oversight: The Role of Board of Directors” – 09/2009

  • “Strengthening Enterprise Risk Management for Strategic Advantage” – 10/2009

  • “Board Risk Oversight – A Progress Report” – 12/2010

  • “COSO’s 2010 Report on ERM” – 12/2010

  • “Embracing Enterprise Risk Management: Practical Approaches for Getting Started” – 01/2011

  • “Developing Key Risk Indicators to Strengthen Enterprise Risk Management” – 01/2011

  • “Understanding and Communicating Risk Appetite” – 01/2012

  • “Enhancing Board Oversight: Avoiding Judgment Traps and Biases” – 03/2012

    Coming Soon:

    • “COSO Enterprise Risk Management for Cloud Computing”


Coso current erm challenges and our responses

Outlines four areas contributing to effective ERM board oversight

  • Understanding risk appetite

  • Understanding how an entity’s portfolio of risks aligns with risk appetite

  • Understanding most significant risks and how management is responding

  • Understanding and assessing risk management processes

1. “Effective Enterprise Risk Oversight: The Role of Board of Directors”


Coso current erm challenges and our responses

Focuses on how management can work with board to enhance board’s oversight capabilities

Discusses the four ERM focus areas noted on preceding slide, but from a management perspective

2. “Strengthening Enterprise Risk Management for Strategic Advantage”


3 board risk oversight a progress report

3. “Board Risk Oversight – A Progress Report”

  • Major findings:

    • Strong majority reports boards not executing mature/robust risk oversight processes

    • Overall dissatisfaction in the way risk is considered in context of enterprise’s strategy

    • Processes for monitoring and reporting of risks should be enhanced

    • Public companies report better processes than other enterprises


Coso current erm challenges and our responses

4. “COSO’s 2010 Report on ERM: Current State of Enterprise Risk Oversight”

  • The state of ERM appears to be relatively immature, with a notable level of dissatisfaction with how organizations are currently overseeing enterprise-wide risks

  • Reporting of top risk exposures to the board appears to be casual and unstructured

  • Most respondents believe that the COSO ERM Framework is theoretically sound and describes key elements of a robust ERM process


Coso current erm challenges and our responses

5. “Embracing Enterprise Risk Management: Practical Approaches for Getting Started”

  • Describes how an organization can start to move from informal risk management to ERM

  • Discusses the increasing importance of an enterprise focus on risks

  • Examines perceived barriers to starting ERM and working through those barriers


Coso current erm challenges and our responses

6. “Developing Key Risk Indicators to Strengthen Enterprise Risk Management”

  • Emphasizes need for ERM processes that focus on forward looking information – i.e. key risk indicators or ”KRI’s”

  • Illustrates how KRIs heighten board and management enterprise risk awareness

  • Provides practical examples to help executives develop effective KRI’s


7 understanding and developing risk appetite

7. “Understanding and Developing Risk Appetite”

  • Emphasizes that risk appetite is the amount of risk an organization is willing to accept in pursuit of its objectives

  • Stresses that risk and strategy are intertwined – strategy must be formulated with due regard to risk appetite

  • Points out that risk appetite should be communicated by management, embraced by the board, and integrated throughout the entity

  • Emphasizes that well communicated risk appetite serves as a boundary around the amount of risk an organization might take on


8 enhancing board oversight avoiding judgment traps and biases

8. “Enhancing Board Oversight: Avoiding Judgment Traps and Biases”

Observes that the complexities of the global business environment place a premium on sound judgment and decision making

Highlights some pitfalls and biases in judgment to which decision makers are vulnerable

Details a five-step judgment process that board members and others can use to overcome common pitfalls and mitigate the effects of judgment bias


Coso enterprise risk management for cloud computing coming soon

“COSO Enterprise Risk Management for Cloud Computing” – Coming Soon

Emphasizes that cloud computing entails new business risks because it brings to organizations a different dimension of collaboration and human interaction et al

Applies COSO ERM model to risk considerations

Points out that for many organizations applying cloud computing with appropriate risk mitigation in place will bring multiple benefits


David landsittel www coso org

David Landsittelwww.coso.org

Thank You


  • Login