COSO Supports Integration of Strategy
and Enterprise Risk Management
COSO highlights specific areas where management can work with its board
to enhance the board's risk oversight capabilities for strategic advantage
November 4, 2009
ALTAMONTE SPRINGS, Fla. — The Committee of Sponsoring Organizations of the Treadway Commission (COSO) - an organization providing thought leadership and guidance on internal controls, enterprise risk management and fraud deterrence – has released a new thought paper, Strengthening Enterprise Risk Management for Strategic Advantage, that highlights specific areas where senior management can work with its board of directors to enhance the board's risk oversight capabilities and the organization's strategic value. This document builds upon four specific board risk oversight responsibilities outlined in a recently released COSO thought paper, Effective Enterprise Risk Oversight: The Role of the Board of Directors, to provide more detail on ways senior management can work with the board and others in the organization to strengthen risk management in all types of organizations.
"Management is often being asked to provide their boards with more information regarding key risk exposures," said COSO Chairman David Landsittel. "The challenge facing management is designing and implementing an enterprise wide approach to risk management that is both strategic and value-adding so that the board and senior management have a rich understanding of the organization's top risk exposures. This thought paper highlights four specific areas where management can work with their board to provide appropriate risk oversight related to strategies and objectives."
This thought paper calls attention to COSO's Enterprise Risk Management – Integrated Framework (2004), COSO's definition of ERM, and the key elements of effective board risk oversight. The paper builds upon four critical areas, which are also highlighted in COSO's Effective Enterprise Risk Oversight: The Role of the Board of Directors, to provide a basis for introspection about current approaches to risk management and to be a catalyst for management to strengthen its overall approach to enterprise wide risk management to help boards fulfill their risk oversight responsibilities.
"Through our hands-on work with boards and senior executives of organizations of all sizes and industries, we observe a desire for stronger integration of strategy execution and risk oversight," said Mark Beasley, Deloitte Professor of Enterprise Risk Management and Director of NC State's ERM Initiative. "This COSO thought paper provides a rich discussion of the many ways management and boards can work to capture the strategic advantage of an enterprise-wide approach to risk management."
COSO has developed these two thought papers on enterprise risk management to provide more in-depth discussion on how senior management can strengthen risk management processes for strategic advantage. Both thought papers can be downloaded for free at www.coso.org, in addition to the executive summary of COSO's Enterprise Risk Management – Integrated Framework (2004).
Originally formed in 1985 to sponsor the National Commission on Fraudulent Financial Reporting, COSO is a voluntary private sector organization dedicated to improving the quality of financial reporting through business ethics, effective internal controls, and corporate governance. COSO comprises the American Accounting Association (AAA), the American Institute of Certified Public Accountants (AICPA), Financial Executives International (FEI), the Institute of Management Accountants (IMA), and The Institute of Internal Auditors (IIA).
About NC State's ERM Initiative
The ERM Initiative in the College of Management at North Carolina State University is pioneering thought-leadership about the emergent discipline of enterprise risk management, with a particular focus on the integration of ERM in strategy planning and governance. The ERM Initiative conducts outreach to business professionals through executive education and hands-on advising, its internet portal (www.erm.ncsu.edu); research, advancing knowledge and understanding of ERM issues; and undergraduate and graduate business education for the next generation of business executives.