GAP Enterprises, LLC - Global Strategy With Imagination


	COSO

COSO ERM Framework

The Committee of Sponsoring Organizations (COSO) of the Treadway Commission¹ is guiding force behind the COSO Enterprise Risk Management (ERM) framework which emphasizes the importance of identifying and managing risks across the enterprise. While many organizations perform risk management within each subdivision, the vision of COSO is that these risks are aggregated and viewed from the top as an overall portfolio of risk. COSO is the predominant risk framework organizations use in compliance with Sarbanes-Oxley Act of 2002, and is a base of the Japanese Financial Internal Controls act ("JSOX").

The COSO ERM framework incorporates and expands upon COSO's groundbreaking 1992 study, Internal Control–Integrated Framework, which many organizations adopted, especially with the reporting requirements of Sarbanes-Oxley.

COSO's new ERM framework consists of eight components: internal environment, objective setting, event identification, risk assessment, risk response, control activities, information and communication, and monitoring. The three new components of the COSO framework are objective setting, event identification, and risk response. And the five taken from the control model are broader in their descriptions and in terms of the practical guidance. Author PricewaterhouseCoopers estimates that 60 percent of the new document is leveraged from COSO's earlier work. But because risk is a more all-encompassing topic than internal control, the resulting discussion found in the new framework is much more comprehensive than its predecessor.

From a broader perspective, the framework is expected to be a useful tool that boards and other stakeholders can use to measure how well their management teams are handling the risks they face. It is designed to answer the question, "Do we have a risk management program in place in our organization?"

COSO also hopes that exposing the framework for public comment will help ensure its validity and power.

###

Click here for help with COSO or Sarbanes Oxley.

¹ COSO is a voluntary private sector organization dedicated to improving the quality of financial reporting through business ethics, effective internal controls, and corporate governance. COSO was originally formed in 1985 to sponsor the National Commission on Fraudulent Financial Reporting, an independent private sector initiative which studied the causal factors that can lead to fraudulent financial reporting and developed recommendations for public companies and their independent auditors, for the SEC and other regulators, and for educational institutions.

The National Commission was jointly sponsored by the five major financial professional associations in the United States, the American Accounting Association, the American Institute of Certified Public Accountants, the Financial Executives Institute, the Institute of Internal Auditors, and the National Association of Accountants (now the Institute of Management Accountants). The Commission was wholly independent of each of the sponsoring organizations, and contained representatives from industry, public accounting, investment firms, and the New York Stock Exchange.

The Chairman of the National Commission was James C. Treadway, Jr., Executive Vice President and General Counsel, Paine Webber Incorporated and a former Commissioner of the U.S. Securities and Exchange Commission. (Hence, the popular name "Treadway Commission"). Currently, the COSO Chairman is John Flaherty, Chairman, Retired Vice President and General Auditor for PepsiCo Inc. http://www.coso.org/