COSO

COSO and the Society of Corporate Compliance & Ethics released guidance today about how to integrate corporate ethics and compliance concerns into a company’s larger risk management program, complete with a list of best practices for compliance programs mapped to COSO’s enterprise risk management framework. It’s a useful document for people who like to think…

Read More
COSO

News for all you guidance enthusiasts: COSO just released a 40-page primer on how to define your organization’s risk appetite, and then weave that risk appetite into corporate strategy and decision-making.  The booklet is available for free on the COSO website, and is the latest in a series of smaller, focused pieces of guidance that…

Read More
COSO

Fresh news on the guidance front: COSO has released a new guide to help healthcare organizations implement its internal control framework widely used by public companies. Nonprofit hospitals and related healthcare firms don’t need to use the COSO internal control framework per se, but they do have plenty of internal issues related to system access…

Read More
COSO

Nearly 30 years ago as young bank auditor, I learned about a private sector initiative known as “The Committee of Sponsoring Organizations of the Treadway Commission,” or more simply, “COSO.” It was the mid-1980s. The savings & loan crisis was raging. COSO was, and continues to be, a joint effort of five private sector organizations…

Read More
sobel

Internal control and risk management enthusiasts, listen up: we have a new podcast with incoming COSO chairman Paul Sobel, who talked about his desire for COSO to publish more guidance to help companies understand how to put its internal control and risk management frameworks to good, practical use. As always, you can listen to the…

Read More
sobel

COSO has named the chief audit executive of Georgia-Pacific Corp., Paul Sobel, as its next chairman, who already says one of his likely priorities will be offering more guidance on how companies can put COSO risk and control frameworks to better use. Sobel has been head of audit at Georgia-Pacific since 2011, and was head…

Read More

COSO unveiled its new framework for enterprise risk management this morning, a trimmed down version of the original draft that still places a heavy emphasis on embedding risk management across the whole enterprise and tying it deeply to corporate strategy. The framework is available at www.COSO.org. It’s the result of nearly three years’ work and…

Read More
erm framework

More news on the COSO framework for enterprise risk management: the final framework will consist of 20 principles rather than the originally proposed 23; the “ERM rainbow” graphic will be replaced with a more DNA-like image; and yes, COSO intends to have the complete framework ready for public consumption by sometime in July. That’s the…

Read More
coso

Interesting news on the framework front: COSO has agreed to work with the World Business Council for Sustainable Development to develop guidance on how to embed sustainable business practices into COSO’s forthcoming framework for enterprise risk management. The two groups announced their partnership last Friday; the guidance should arrive sometime in 2018. I hadn’t heard…

Read More