Posts Tagged ‘ERM’
A Messy Picture for Risks in 2022
Consulting firm Protiviti recently published its annual survey of enterprise risks worrying corporate leaders for the coming year. As always, the survey is worth a look so you can decipher what might be on the minds of your board and C-suite, and then anticipate the ways they’ll likely exasperate you over the next 12 months.…
Read MoreCitigroup, Part II: Better ERM Program
Today we continue our in-depth look at the enforcement action against Citigroup, because the case truly does raise a host of interesting audit and compliance issues. Our prior post looked at Citigroup’s struggles with data governance; now let’s examine how the bank needs to revamp its enterprise risk management. The consent order from the Office…
Read MoreGuest Column: COSO at a Tipping Point?
Nearly 30 years ago as young bank auditor, I learned about a private sector initiative known as “The Committee of Sponsoring Organizations of the Treadway Commission,” or more simply, “COSO.” It was the mid-1980s. The savings & loan crisis was raging. COSO was, and continues to be, a joint effort of five private sector organizations…
Read MorePodcast: New COSO Chairman Sobel
Internal control and risk management enthusiasts, listen up: we have a new podcast with incoming COSO chairman Paul Sobel, who talked about his desire for COSO to publish more guidance to help companies understand how to put its internal control and risk management frameworks to good, practical use. As always, you can listen to the…
Read MoreSEC Looking for Chief Risk Officer
Audit and risk professionals with a yearning for public service at a good salary, you have a new option: the Securities and Exchange Commission is looking for its first-ever chief risk officer. The agency posted the job this week. Salary is $185,000 to $245,000, which is on par with what CROs earn in the private…
Read MoreCOSO Debuts Final ERM Framework
COSO unveiled its new framework for enterprise risk management this morning, a trimmed down version of the original draft that still places a heavy emphasis on embedding risk management across the whole enterprise and tying it deeply to corporate strategy. The framework is available at www.COSO.org. It’s the result of nearly three years’ work and…
Read MoreSEC DERA, We Love You!
Let’s all be honest: the Securities and Exchange Commission is not known for a sense of humor. This is too bad, because at least some individual SEC employees I’ve met over the years have been quite funny. Their inner comedian yearns to break free in a litigation release or SEC comment letter, only to be…
Read MoreMore Details on COSO ERM Framework
More news on the COSO framework for enterprise risk management: the final framework will consist of 20 principles rather than the originally proposed 23; the “ERM rainbow” graphic will be replaced with a more DNA-like image; and yes, COSO intends to have the complete framework ready for public consumption by sometime in July. That’s the…
Read MoreUpdate to COSO’s ERM Framework Update
COSO plans to simplify its forthcoming framework for enterprise risk management, paring back some of the 23 proposed principles and renaming some of the framework’s five components, according to a project summary PwC has been circulating lately. A friend of the cause passed along that presentation to me earlier this week, and the framework’s development…
Read MoreAmazon.com Launching New ERM Effort
Spotted on the Internet this weekend: Amazon.com is looking for a program manager to join a newly formed enterprise risk management team—which means, of course, that Amazon has a newly formed ERM team. That’s news to me. The job description says Amazon wants to create a new, centralized ERM function that acts as an adviser…
Read More