COSO Committee of Sponsoring Organizations of the Treadway Commission
Committee of Sponsoring Organizations of the Treadway Commission
The ERM Framework introduces the concepts of risk appetite and risk tolerance.
-
Risk appetite is the broad-based amount of risk an entity is willing to accept in pursuit of its mission/vision. It serves as a guidepost in strategy-setting and selecting related objectives.
-
Risk tolerance is the acceptable level of variation in performance relative to achievement of objectives. In setting risk tolerance levels, management considers the relative importance of the related objectives and aligns risk tolerance with risk appetite.
Operating within risk tolerance provides management greater assurance that the entity remains within its risk appetite, which in turn provides added comfort that the entity will achieve its objectives. The concept of risk tolerance is included in the Framework as a precondition to internal control, but not as a part of internal control.
| Generated November 9, 2014 22:46:48 |