COSO Risk Management Plan LAW/531 BUSINESS LAW March 18, 2013 Nicole Harrison COSO Learning Activity Beasley, Hancock and Branson (2009) have mentioned that “Many senior executives and their organization’s board of directors are working to strengthen risk oversight so that they are better informed about emerging risk exposures, particularly those impacting strategy” (p. 01). This statement clarifies that companies are looking for better ways to manage risk and they are using techniques to help achieving this goal.
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is an organization leading the way on providing frameworks and guidance on enterprise risk management, internal control and fraud deterrence designed to improve organizational performance and governance and to reduce the extent of fraud (COSO, 2013). It is a joint initiative of five private sector organizations including the American Accounting Association, the American Institute of CPAs, the Financial Executives International, the Association of Accountants and Financial Professionals in Business and the Institute of Internal Auditors.
This paper has the objective of identify recommendations about how it would be useful for an organization to adopt COSO as the structure for its own corporate compliance plan. According to Steinberg (2011) “In recent years, to complement the use of key performance indicators, which focus primarily on past performance, more organizations have adopted forward-looking key risk indicators to further enhance risk management effectiveness” (p. 01). Corporations monitor their performance based on indicators (KPIs) that provide a trend from a time in the past to date.
This performance trend can be compared to others, such as competitors and general industry performance to assume how the business is moving ahead. But that is not enough. Risk-management specialists and organizations like COSO suggest that corporations start looking at Key Risk Indicators (KRIs). Those indicators are looking to the future of the business and its industry and enable management to deal with risk events more quickly (Steinberg, 2011). The KRIs can be part of the strategic plan of a corporation and help to create a more precise SWOT analysis by using real ratios instead of mere market assumptions.
Beasley, Hancock and Branson (2009) say that “Risk management and strategy-setting activities are often viewed as separate and distinct, with risk management sometimes stigmatized as being a non-value adding, compliance, or regulatory function with no visible or clearly articulated connection to the organization’s strategy” (p 13). Corporations should review this outdated concept and start using the power of risk management as an essential element of their strategy.
COSO presents their own definition of Enterprise Risk Management (ERM) and summarizes important elements to a successful implementation. The organization defines ERM on Beasley, Hancock and Branson’s article (2009) as “A process, effected by the entity’s board of directors, management, and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within the risk appetite, to provide reasonable assurance regarding the achievement of objectives” (p. 4). COSO is great source of knowledge and experience for all sizes of companies. A financial crisis, a simple change in the market, the complexity of business transactions, advances in technology, globalization, and the speed of product cycles can be fatal for any business and, in order to avoid that, managers, executives, and boards should strength risk management in their organizations. References
COSO Committee of Sponsoring Organizations of the Treadway Commision (2013). About Us. Retrieved from http://www. coso. org/ Beasley, Mark S. , Hancock, Bonnie V. , and Branson, Bruce C. (2009). Strengthening Enterprise Risk Management for Strategic Advantage. Committee of Sponsoring Organizations of the Treadway Commision (COSO). Steinberg, Richard M. (2011). Using the New COSO Risk-Management Guidance. ERM & Internal Controls. Haymarket Media, Inc.