The Committee of Sponsoring Organizations of the Treadway Commission (COSO) issued Internal Control – Integrated Framework to help businesses and other entities assess and enhance their internal control systems. That framework has since been incorporated into policy, rule, and regulation, and used by thousands of enterprises to better control their activities in moving toward achievement of their established objectives.
The underlying premise of COSO’s Enterprise Risk Management – Integrated Framework is that every entity exists to provide value for its stakeholders. All entities face uncertainty, and the challenge for management is to determine how much uncertainty to accept as it strives to grow stakeholder value. Uncertainty presents both risk and opportunity, with the potential to erode or enhance value. Enterprise risk management enables management to effectively deal with uncertainty and associated risk and opportunity, enhancing the capacity to build value.
Value is maximized when management sets strategy and objectives to strike an optimal balance between growth and return goals and related risks, and efficiently and effectively deploys resources in pursuit of the entity’s objectives. Enterprise risk management encompasses:
Aligning risk appetite and strategy
Management considers the entity’s risk appetite in evaluating strategic alternatives, setting related objectives, and developing mechanisms to manage related risks.
Enhancing risk response decisions
Enterprise risk management provides the rigor to identify and select among alternative risk responses – risk avoidance, reduction, sharing, and acceptance.
Reducing operational surprises and losses
Entities gain enhanced capability to identify potential events and establish responses, reducing surprises and associated costs or losses.
Identifying and managing multiple and cross-enterprise risks
Every enterprise faces a myriad of risks affecting different parts of the organization, and enterprise risk management facilitates effective response to the interrelated impacts, and integrated responses to multiple risks.
By considering a full range of potential events, management is positioned to identify and proactively realize opportunities.
Improving deployment of capital
Obtaining robust risk information allows management to effectively assess overall capital needs and enhance capital allocation.
RISKID has a structured process for risk management that complies to the COSO Enterprise Risk Management Framework. Stakeholders are involved in the risk management processes through a very easy and user-friendly way. We strongly believe that effective risk management can only be achieved by raising the risk awareness of the whole organization. When people can openly communicate their risks and concerns with others, they will become more alert of each others risks and consequently they will be able to tailor their actions to the actions of others. Their actions will become more effective, which will ultimately contribute to the success of the organization.
Go back to the overview >>