KnowledgeLeader Blog

Second Line of Defense: What Needs to Be Present

Posted by Protiviti KnowledgeLeader on Thu, May 02, 2019 @ 04:19 PM

What is the Second Line of Defense?

Essential to effective risk management, the lines-of-defense model is implicit in COSO’s internal control framework through the control environment, control, activities, monitoring and other components of an internal control system. It provides assurance to the board of directors, as the elected representatives of the shareholders to oversee the organization’s operations on their behalf, that risks are reduced to a manageable level as dictated by the organization’s appetite for risk. Much more than “segregating incompatible duties” and “ensuring checks and balances,” the lines-of defense model emphasizes a fundamental concept of risk management: From the boardroom to the customer-facing processes, managing risk is everyone’s responsibility.

Read More

Topics: enterprise risk management, corporate governance, internal audit, COSO, audit committee & board, strategic risk, KL Tools

What Is Intellectual Property and What Are the Risks?

Posted by Protiviti KnowledgeLeader on Thu, Feb 21, 2019 @ 05:15 PM

Copyright pirates, brand impersonators, patent flouters and trade secret thieves are a major threat to businesses, given their increased aggressiveness towards intellectual property (IP) theft. These, and any other original creative works that have economic value and are protected by law, can be categorized as IP.

Read More

Topics: enterprise risk management, risk assessment, strategic risk, data security,, performance management/measurement, KL Tools, intellectual property

Currency Risk: The Purpose and Risk of Money

Posted by Protiviti KnowledgeLeader on Fri, Dec 14, 2018 @ 01:14 PM

What is Money?

People may say that “money is the root of all evil,” but is it? It may be best to point out that the original quote is better expressed as, “for the love of money is the root of all evil,” which more properly conveys the idea that money is just a thing and not evil itself, but greed and excessive desire for money can be judged morally.

Enough philosophy – let’s get down to brass tacks. Money is useful.

Read More

Topics: enterprise risk management, risk assessment, investments and foreign exchange, accounting/finance, cash and treasury, performance management/measurement, KL Tools, KL Publications

What is Organizational Alignment Risk?

Posted by Protiviti KnowledgeLeader on Thu, Feb 22, 2018 @ 11:33 AM

What is Organizational Alignment Risk?

Organizational alignment is defined as a conscious and systematic coordination and alignment of three powerful and interrelated driving forces: organizational strategy, organizational culture and organizational infrastructure. Organizational alignment is to be mutually supportive and contribute as efficiently and effectively as possible to meet organizational goals and objectives.

Read More

Topics: enterprise risk management, risk assessment, audit committee & board, strategic risk, performance management/measurement, KL Tools

Risk Assessment Maps and Prioritizing Business Processes

Posted by Protiviti KnowledgeLeader on Fri, Nov 17, 2017 @ 08:39 AM

Risk assessment helps identify and document critical business processes and the internal controls within each process. Combined with facilitated management meetings, this approach can help gain company-wide consensus by including key process owners in risk and controls analysis.

Read More

Topics: enterprise risk management, performance management, risk assessment, governance risk & compliance, performance measurement

What Is Internal Audit’s Role in Cyber Security?

Posted by Katrina Opgenorth on Fri, Jun 09, 2017 @ 08:57 AM

Corporations today are thinking about how to protect assets. A few of the white collar crime problems include hacking/intrusions (cyber vulnerability), insider/outsider trading (convergence of cyber and financial crimes), the Foreign Corrupt Practices Act (FCPA), spear fishing (email compromise) and economic espionage. They must consider the possibility of internal corruption or external corruption, and environmental factors such as culture and competition contributing to these crimes. As protection, organizations can use cyber security, pen testing and data loss prevention tactics.

Read More

Topics: enterprise risk management, internal audit, internal controls, risk assessment, cybersecurity, IT controls

What is the COSO Enterprise Risk Management Framework?—Updated!*

Posted by Katrina Opgenorth on Mon, Feb 20, 2017 @ 09:00 AM

In initiating the project to update its ERM framework, COSO saw opportunities to achieve clarity on several fronts.  The updated framework recognizes the increasing importance of the interconnection of risk, strategy and enterprise performance – particularly in conjunction with making important decisions.  It begins with an underlying premise that every entity exists to provide value to its stakeholders and faces uncertainty in the pursuit of that value.  Therefore, the framework itself focuses on preserving and creating enterprise value, with an emphasis on managing risk within the entity’s risk appetite.  The term “uncertainty” is defined as not knowing how or if potential events may manifest themselves in the context of achieving future strategies and business objectives. “Risk” is considered the effect of such uncertainty in the formulation and execution of the business strategy and the achievement of business objectives.

Read More

Topics: enterprise risk management, COSO Framework

How to Define Risk Management Goals and Objectives in Your Organization

Posted by Lark Scheierman on Mon, Feb 13, 2017 @ 10:00 AM

Risk oversight and risk management are high priorities on the agenda of most organizations. Here are popular KnowledgeLeader tools that focus on risk management: 

Read More

Topics: enterprise risk management, risk management goals, risk management objectives

Keeping Pace with Change: Five Questions Directors Should Ask

Posted by Sharise Cruz on Wed, Dec 11, 2013 @ 02:59 PM

We all know that change is inevitable, but what can an organization do to keep its strategies and risk management capabilities on the same course as the ever-changing business environment?

Read More

Topics: Protiviti, enterprise risk management, corporate governance, Board Perspectives, audit committee & board, strategic risk

Raising the Bar: Auditing Your Enterprise Risk Management Program

Posted by Sharise Cruz on Wed, Oct 23, 2013 @ 11:36 AM
Read More

Topics: enterprise risk management, Hot Issues, internal audit, COSO, risk assessment, Dan Swanson, audit committee & board, governance risk & compliance

Add a Comment:

Subscribe to Our Blog

About KnowledgeLeader

KnowledgeLeader, provided by Protiviti, is the premier resource for internal audit and risk management professionals.

With over 1,400 customizable tools and 1,300 articles by industry experts, we offer the most comprehensive service on the market.

For more information:

 Tour the Site

Recent Posts

Posts by Topic

see all