The Committee of Sponsoring Organizations of the Treadway Commission (COSO) released an updated risk framework that highlights the importance of enterprise risk management's (ERM's) role in strategic planning.
The framework, Enterprise Risk Management—Integrating With Strategy and Performance, builds on 2004's Enterprise Risk Management—Integrated Framework.
"The complexity of risk has changed, new risks have emerged, and both boards and executives have enhanced their awareness and oversight of enterprise risk management while asking for improved risk reporting," said Bob Hirth, COSO's chair. "Our overall goal is to continue to encourage a risk-conscious culture."
The first part of the updated framework offers a perspective on current and evolving concepts and applications of ERM to meet the evolving business environment's demands. The framework is divided into five components that accommodate different viewpoints and operating structures to enhance strategies and decision-making.
The updated framework focuses on challenges and evolving expectations of ERM that business leaders deal with today when making decisions, from fast-changing technology to shifts in economic markets to changing demographics.
"When embedding ERM in both day-to-day and strategic decision-making, ERM adds identifiable value," said Suzanne Christensen, CPA, treasurer and head of investor relations and risk at Invesco and a member of the framework update advisory group. "The new guide better supports this objective by providing clearer linkage between ERM and decision-making."
The updated framework was developed by PwC under the direction of the COSO board. COSO plans for the framework to be translated into several languages, including Chinese, Japanese, Spanish, and French.
The document is available in printed form, ebook, online subscription, and PDF licensing for organizations. COSO released its proposed ERM framework about a year ago and allowed public comment through last September.
COSO is a committee of five sponsoring organizations, including the AICPA, that provides thought leadership and guidance on ERM, internal control, and fraud deterrence.