COSO drafts updated approach to enterprise risk management

The proposal would clarify concepts introduced in 2004.

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has published Enterprise Risk Management—Aligning Risk With Strategy and Performance.

The draft of the updated framework proposes:

  • Five components supported by 23 principles. The components are risk governance and culture; risk, strategy, and objective setting; risk in execution; risk information, communication, and reporting; and monitoring ERM performance.
  • A new definition of ERM.
  • An emphasized relationship between risk and value.
  • Renewed focus on the integration of ERM throughout management, linking it to decision-making.
  • Examining the role of culture.
  • Strategic focus on the potential misalignment of mission, vision, and values; the implications of the chosen strategy; and the risk to executing the strategy.
  • Delineating between ERM and internal control. COSO updated its internal control framework in 2013 to reflect changes in technology and the business environment. The proposed framework on ERM neither replaces nor supersedes the internal control document, which was an articulation of 17 principles spread across five main components.
  • Refining risk appetite and acceptable variation in performance. Risk and performance are not considered static and separate but are constantly changing and influencing each other.
  • An update to the "COSO cube," from the 2004 framework.

COSO is a committee of five sponsoring organizations, including the AICPA. The organizations come together periodically to provide thought leadership on ERM, internal control, and fraud deterrence.

COSO is seeking public comment on the exposure draft through Sept. 30. Comments can be made by visiting


Year-end tax planning and what’s new for 2016

Practitioners need to consider several tax planning opportunities to review with their clients before the end of the year. This report offers strategies for individuals and businesses, as well as recent federal tax law changes affecting this year’s tax returns.


News quiz: Retirement planning, tax practice, and fraud risk

Recent reports focused on a survey that gauges the worries about retirement among CPA financial planners’ clients, a suit that affects tax practitioners, and a guide that offers advice on fraud risk. See how much you know with this short quiz.


Bolster your data defenses

As you weather the dog days of summer, it’s a good time to make sure your cybersecurity structure can stand up to the heat of external and internal threats. Here are six steps to help shore up your systems.