COSO updates its Enterprise Risk Management – Integrated Framework: comments requested
- Published: Wednesday, 15 June 2016 08:53
In response to the importance of risk management as well as growing complexity and speed of risk over the past decade, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) has updated its Enterprise Risk Management – Integrated Framework and is seeking public comments on the changes.
The update, ‘Enterprise Risk Management — Aligning Risk with Strategy and Performance’, is designed to address the needs of all organizations to improve their approach to managing new and existing risks as a way to help create, preserve, sustain and realize value.
COSO, which provides thought leadership and guidance on internal control, enterprise risk management, and fraud deterrence, released the original ERM Framework in 2004. Today, it is used widely to enhance an organization’s ability to manage uncertainty, gauge risk, and increase stakeholder value. However, significant new risks have emerged since the Framework was released, demanding heightened board awareness and oversight of risk management as well as improved risk reporting.
“As we’ve seen the Framework applied in practice, we’ve recognized that it has the potential to be used more extensively,” said Robert B. Hirth Jr., COSO Chair. “We realized that certain aspects would benefit from more depth and clarity, as well as greater insight into the links between strategy, risk and performance.”
The update ‘reflects the critical importance of the connection between strategy and performance, offers perspective on current and evolving concepts and applications of enterprise risk management, and updates the core definitions of risk and enterprise risk management’.
One of the most significant enhancements is the introduction of components and supporting principles that reflect the evolution of risk management thinking and practices.
Enterprise Risk Management — Aligning Risk with Strategy and Performance also updates the importance of enterprise risk management’s role in strategic planning and emphasizes how critical it is to embed risk management practices across all departments and functions of an organization.
COSO engaged PwC, author of the original 2004 Framework, to lead the update to the Framework under direction of the COSO Board. The COSO Board also formed an Advisory Council comprising representatives of industry, academia, government, and nonprofit organizations to provide input as the project progresses.
Public comments on the updates will be accepted from June 15th through to September 30th, 2016. Written comments on the exposure draft will become part of the public record and will be available on the COSO website until December 31st, 2016.