Professional Documents
Culture Documents
Part 1
Lecture 6
COSO COSO-ERM
• Control (internal) • Internal environment
environment • Objective setting
• Risk assessment • Event identification
• Control activities • Risk assessment
• Information and • Risk response
communication • Control activities
• Monitoring • Information and
communication
• Monitoring
Copyright © Pearson Education Limited 2015.
7-25
COSO’S Enterprise Risk Management
Framework
• COSO developed a
model to illustrate the
elements of ERM.
• Strategic objectives
▫ High-level goals
• Operations objectives
▫ Effectiveness and efficiency of operations
• Reporting objectives
▫ Improve decision making and monitor
performance
• Compliance objectives
▫ Compliance with applicable laws and regulations
Copyright © Pearson Education Limited 2015.
7-32
Internal Environment
• Management’s philosophy, operating style, and
risk appetite
• Commitment to integrity, ethical values, and
competence
• Internal control oversight by Board of Directors
• Organizing structure
• Methods of assigning authority and
responsibility
• Human resource standards