KnowledgeLeader Blog

Given the dynamic environment, the audit committee should take a close look at the company’s risk profile at least annually. Ideally, this review should be supported by an updated risk assessment by management. As the committee evaluates disclosure issues, an understanding of the key risks can provide valuable insights.

Topics: Enterprise Risk Management, Risk Assessment, Audit Committee & Board, Strategic Risk

Expectations for transaction monitoring (TM) governance are quickly evolving due to the complexity of detection systems, the demand for additional operational oversight, increased regulatory scrutiny and the need for an adequate control framework to guarantee proper risk management.

Topics: Enterprise Risk Management, Laws & Regulations, Fraud, Foreign Corrupt Practices Act, Compliance, Financial Services Industry

The point of the article, of course, was that people must focus their attention in the correct places when considering what would most influence their quality of life. That same exact issue exists within organizations where the board and management must ensure that they build and sustain the long-term health of the company.

Topics: Enterprise Risk Management, Internal Audit, Audit Committee & Board, IT Infrastructure

The chief audit executive (CAE) and internal audit can play one or more of the following roles in conjunction with the implementation of enterprise risk management (ERM) in an organization.

Topics: Enterprise Risk Management, Internal Audit, Risk Assessment, Audit Planning, Strategic Risk

WHAT DOES COSO STAND FOR?

In 1992, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) developed a COSO Framework for evaluating internal controls. This model has been adopted as the generally accepted framework for internal control and is widely recognized as the definitive standard against which organizations measure the effectiveness of their systems of internal control. 

Topics: Enterprise Risk Management, Corporate Governance, COSO, Audit Committee & Board

Everyone talks about the need for good risk management programs, but nobody seems to know how to audit them to ensure that they work. The people that bear responsibility for setting the parameters of an enterprise risk management (ERM) program is pretty clear: the board of directors and the C-level executives. They decide what the risks are, what level of risk they’re willing to tolerate and what risks they do not want to tolerate. They are responsible for monitoring and responding to ERM outputs and obtaining assurance that the organization’s risks are acceptably managed within the specified boundaries.

 

Topics: Enterprise Risk Management, Internal Audit, COSO, Risk Assessment, Audit Committee & Board, Governance, Risk & Compliance

Many organizations have failed to keep pace with changing trends in risk and compliance. Resource allocation for many risk and compliance initiatives implemented under pressure of a crisis to demonstrate urgency and prioritization or regulators has proven to be unsustainable.

Topics: Enterprise Risk Management, Risk Assessment, Governance, Risk & Compliance, Strategic Risk, Agile Auditing

While strategy-setting defines an enterprise’s overall strategic direction, differentiating capabilities and required infrastructure, a business plan lays out how an organization intends to execute a strategy during an annual period or, if longer, the operating cycle. Organizations should ask themselves: How should risk be integrated into the annual business planning process?

Topics: Enterprise Risk Management, Risk Assessment, Governance, Risk & Compliance, Business Continuity Management

Organizations have learned many lessons over the years from specific financial crises. For example, if a chief executive ignores the warning signs posed by the risk management function, resists contrarian information suggesting the corporate strategy is either not working or losing relevance, or fails to consider critical risks when evaluating whether to enter a new market or consummate a complex acquisition, the shareholders and other constituents can end up paying a high price.

Topics: Enterprise Risk Management, Internal Audit, Audit Committee & Board, Strategic Risk

We all know that change is inevitable, but what can an organization do to keep its strategies and risk management capabilities on the same course as the ever-changing business environment? 

Topics: Enterprise Risk Management, Corporate Governance, Audit Committee & Board, Strategic Risk