Management of "risk appetite" a necessity, paper says


In order to balance risks and opportunities, organizations must develop, communicate, monitor and update their “risk appetites,” according to a white paper released Friday by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).

Authored by University of Wisconsin-Madison accounting professor Larry Rittenberg and Frank Martens, a director in the advisory practice of PwC, the paper defines risk appetite as the amount of risk on a broad level that an organization is willing to accept in pursuit of value.

The paper, titled Enterprise Risk Management–Understanding and Communicating Risk Appetite, says risk appetite should be communicated by management, embraced by the board and integrated throughout the entity. The paper provides real-world examples and says that the current financial crisis was caused, in part, because of a failure to articulate risk appetite and identify who was responsible when risks were incurred.

A board must consider whether its strategies are consistent with the organization’s risk appetite, according to the paper. Organizations are more likely to achieve their goals, the paper says, when properly communicated risk appetite guides management in setting goals and making decisions.

COSO is a joint initiative of five private-sector organizations, including the AICPA, providing guidance on enterprise risk management (ERM), internal control and fraud deterrence.

“Organizations encounter risk every day as they pursue their objectives, and risk appetite is an integral part of an effective ERM system,” Rittenberg said in a statement. “It may seem to be an elusive topic, but the reality is that a well-communicated risk appetite serves as a boundary around the amount of risk an organization might take on, and should be considered when setting strategy or business goals.”

Ken Tysiac ( ) is a JofA senior editor.

More from the JofA:

 Find us on Facebook  |   Follow us on Twitter  |   View JofA videos


News quiz: College debt, stolen identities, and retirement planning

See how much you know about these developments and others in the Journal of Accountancy news quiz.


Preventing and detecting fraud at not-for-profits

Organizations in all industries must deal with the potential for fraud to occur, and design controls to prevent and detect it. Environment, policies, and controls can help organizations steer clear of problems.


The dangers of dabbling

To meet evolving marketplace needs, CPAs often look to diversify their service offerings. Firms can mitigate the risk of experiencing competency-related professional liability claims by implementing these basic steps.