Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Enterprise Risk Management

No description

Linda Batch

on 15 June 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Enterprise Risk Management

COSO Enterprise Risk Management
Committee of Sponsoring Organizations

- American Accounting Association
- American Institute of CPA's
- Institute of Management Accountants
- The Institute of Internal Auditors
- Financial Executives International

In 2006, CFO magazine released a poll regarding the control frameworks that were implemented by companies:

COSO 82%
COSO Enterprise Risk Management
Integrated Framework

1977 - The US implemented the
Foreign Corrupt Practices Act
which criminalized transnational bribery and required companies to implement internal control processes.

1985 - The
Treadway Commission
- a private sector initiative
- make recommendations on fraudulent financial reporting
This has been adopted around the world
Who uses it?
board of directors and management

In the future here are we taking this company and how are we going to get there?
What is it used for?
Set Strategy
Identify events that may have
a material impact

Assess and Manage the risks associated with the events
Governance to ensure objectives
strategies and objectives
are met.

Recap - Control Concepts
Internal Control
A process designed to provide reasonable assurance regarding the achievement of corporate objectives
- Effective and efficient operations
- Reliability of reporting
- Compliance with laws and regulations
Categories of Controls
General Controls
Ensure the control environment is stable
Impacts the entire organization
Application Controls
Ensure transactions are processed correctly
Only specific processes are impacted
Functions of Controls
Preventive Controls
Detective Controls
Corrective Controls
Scenario 1
Before sending out an invoice, the accounts receivable clerk queries the shipping data to ensure the items being invoiced have been sent to the customer.

Scenario 2
You completing a trial balance in a traditional accounting system and it does not balance.

Scenario 3
Unless overridden through a special procedure, all quantities on electronic purchase orders that exceed the standard reorder level listed in the supply table are rolled back to the standard amount.
Preventive, Detective or Corrective?
Let's focus on
Internal Environment
Refer to the Springer's Lumber and Supply
Refer to the Eight Components of Risk Management Exercise on Slate (Module 5)
Who created the COSO ERM Framework?
Why was it created?
Why are we studying the COSO ERM Framework?
Internal Environment
Management's philosophy, operating style and risk appetite
The board of directors - represent shareholders
Commitment to integrity, ethical values and
Organizational structure
Methods of assigning authority and responsibility (DOAG)
Human resource standards (hiring, performance evaluations
External influences (stock exchanges, IFRS)
Shared beliefs and attitudes about risks that affect policies and procedures - how much risk is management willing to accept to achieve their goals
Board of Directors
Audit committee
Approve strategy
Review security policies
Commitment to integrity, ethical values, and
Organizational Structure - Hierarchical, Matrix
Methods of assigning authority and responsibility such as delegation of authority guidelines, and signing authority limits
Human Resource Standards
External Influences
Full transcript