Businesses can’t eliminate risk, but they can manage it to maximize the entity’s economic return. A new framework aims to help business owners and managers more effectively integrate enterprise risk management (ERM) practices into their overall business strategies.
On September 6, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) published Enterprise Risk Management — Integrating with Strategy and Performance. You can use the updated framework to develop a more effective risk management strategy and to monitor the results of your ERM practices.
The updated framework discusses ERM relative to the changes in the financial markets, the emergence of new technologies and demographic changes. It’s organized into five interrelated components:
- Governance and culture. This refers to a company’s tone and oversight function. It includes ethics, values and identification of risks.
- Strategy and objective setting. Proactive managers align the company’s appetite for risk with its strategy. This serves as the basis for identifying, assessing and responding to risk. By understanding risks, management enhances decision making.
- Performance. Management must prioritize risks, allocate its finite resources and report results to stakeholders.
- Review and revision. ERM is a continuous improvement process. Poorly functioning components may need to be revised.
- Information, communication and reporting. Sharing information is an integral part of effective ERM programs.
COSO Chair Robert Hirth said in a recent statement, “Our overall goal is to continue to encourage a risk-conscious culture.” He also said that the updated framework is not intended to replace COSO’s Enterprise Risk Management — Integrated Framework. Rather, it’s meant to reflect how the practice of ERM has evolved since 2004.
The updated framework clarifies several misconceptions from the previous version. Specifically, effective ERM encompasses more than taking an inventory of risks; it’s an entity-wide process for proactively managing risk. Additionally, internal control is just one small part of ERM; ERM includes other topics such as strategy setting, governance, communicating with stakeholders and measuring performance. These principles apply at all business levels, across all functions and to organizations of any size.
Moreover, the update enables management to better anticipate risk so they can get ahead of it, with an understanding that change creates opportunities — not simply the potential for crises. In short, it helps increase positive outcomes and reduce negative surprises that come from risk-taking activities.
ERM in the future
We can help you identify and optimize risks in today’s complex, volatile and ambiguous business environment. We’re familiar with emerging ERM trends and challenges, such as dealing with prolific data, leveraging artificial intelligence and automating business functions. Contact us for help adopting cost-effective ERM practices to help make your business more resilient.
Information provided on this web site “Site” by Thompson Greenspon is intended for reference only. The information contained herein is designed solely to provide guidance to the user, and is not intended to be a substitute for the user seeking personalized professional advice based on specific factual situations. This Site may contain references to certain laws and regulations which may change over time and should be interpreted only in light of particular circumstances. As such, information on this Site does NOT constitute professional accounting, tax or legal advice and should not be interpreted as such.
Although Thompson Greenspon has made every reasonable effort to ensure that the information provided is accurate, Thompson Greenspon, and its shareholders, managers and staff, make no warranties, expressed or implied, on the information provided on this Site, or about any other website which you may access through this Site. The user accepts the information as is and assumes all responsibility for the use of such information. Thompson Greenspon also does not warrant that this Site, various services provided through this Site, and any information, software or other material downloaded from this Site, will be uninterrupted, error-free, omission-free or free of viruses or other harmful components.
Information contained on this Site is protected by copyright and may not be reproduced in any form without the expressed, written consent of Thompson Greenspon. All rights are reserved.
Ready to talk to one of our specialists?
Our specialists are all seasoned professionals who have years of experience working within your industry. Reach out to us today to schedule a consultation.