New COSO Help on Sustainability Reporting

ESG

COSO dropped extensive new guidance this week on how companies can build effective internal control over sustainability reporting, to assure that the ESG disclosures your company might make have the same accuracy and reliability that exists for financial reporting. COSO published the guidance on Thursday — 114 pages of it, walking the reader through every…

Read More

COSO Guidance on Cloud Computing Issues

cloud

COSO released another guidance document last week, this one talking about how to apply COSO’s enterprise risk management framework for issues in cloud computing. Considering that just about every business under the sun is migrating to the cloud, and that the compliance risks within such migration can be considerable, let’s take a look at what…

Read More

New Guidance From COSO, SCCE 

COSO

COSO and the Society of Corporate Compliance & Ethics released guidance today about how to integrate corporate ethics and compliance concerns into a company’s larger risk management program, complete with a list of best practices for compliance programs mapped to COSO’s enterprise risk management framework. It’s a useful document for people who like to think…

Read More

New COSO Risk Appetite Guidance

COSO

News for all you guidance enthusiasts: COSO just released a 40-page primer on how to define your organization’s risk appetite, and then weave that risk appetite into corporate strategy and decision-making.  The booklet is available for free on the COSO website, and is the latest in a series of smaller, focused pieces of guidance that…

Read More

COSO Guidance for Healthcare Firms

COSO

Fresh news on the guidance front: COSO has released a new guide to help healthcare organizations implement its internal control framework widely used by public companies. Nonprofit hospitals and related healthcare firms don’t need to use the COSO internal control framework per se, but they do have plenty of internal issues related to system access…

Read More

Guest Column: COSO at a Tipping Point?

COSO

Nearly 30 years ago as young bank auditor, I learned about a private sector initiative known as “The Committee of Sponsoring Organizations of the Treadway Commission,” or more simply, “COSO.” It was the mid-1980s. The savings & loan crisis was raging. COSO was, and continues to be, a joint effort of five private sector organizations…

Read More

Podcast: New COSO Chairman Sobel

sobel

Internal control and risk management enthusiasts, listen up: we have a new podcast with incoming COSO chairman Paul Sobel, who talked about his desire for COSO to publish more guidance to help companies understand how to put its internal control and risk management frameworks to good, practical use. As always, you can listen to the…

Read More

COSO Names New Chairman

sobel

COSO has named the chief audit executive of Georgia-Pacific Corp., Paul Sobel, as its next chairman, who already says one of his likely priorities will be offering more guidance on how companies can put COSO risk and control frameworks to better use. Sobel has been head of audit at Georgia-Pacific since 2011, and was head…

Read More

COSO Debuts Final ERM Framework

COSO unveiled its new framework for enterprise risk management this morning, a trimmed down version of the original draft that still places a heavy emphasis on embedding risk management across the whole enterprise and tying it deeply to corporate strategy. The framework is available at www.COSO.org. It’s the result of nearly three years’ work and…

Read More

More Details on COSO ERM Framework

erm framework

More news on the COSO framework for enterprise risk management: the final framework will consist of 20 principles rather than the originally proposed 23; the “ERM rainbow” graphic will be replaced with a more DNA-like image; and yes, COSO intends to have the complete framework ready for public consumption by sometime in July. That’s the…

Read More