COSO ERM Framework
The COSO Enterprise Risk Management framework provides a structured approach for organizations to identify, assess, and manage risks that could affect the achievement of strategic objectives.
Explanation
The 2017 COSO ERM framework is organized around five interrelated components: governance and culture, strategy and objective-setting, performance, review and revision, and information, communication, and reporting. It emphasizes integrating risk management with strategy and performance, moving beyond a compliance-only mindset. The framework applies to entities of all sizes and encourages consideration of risk appetite and risk tolerance in decision-making.
Key Points
- •Five components: governance & culture, strategy & objective-setting, performance, review & revision, information & communication
- •Integrates risk management with strategy and performance
- •Risk appetite defines how much risk the organization is willing to accept
Exam Tip
Don't confuse COSO ERM (enterprise risk management) with the COSO Internal Control framework (five components focused on internal control over financial reporting).
Frequently Asked Questions
Related Topics
Balanced Scorecard
The balanced scorecard is a strategic performance management framework that measures organizational success across four perspectives: financial, customer, internal processes, and learning and growth.
Cost Accounting
Cost accounting is the process of recording, classifying, analyzing, and allocating costs to products, services, or activities to support management decision-making.
Test your knowledge
Practice scenario-based questions on this topic with detailed explanations.