The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has published new guidance, ‘Creating and Protecting Value: Understanding and Implementing Enterprise Risk Management’ to better inform organisations on the benefits of Enterprise Risk Management (ERM).
The guidance is based on good practices used by organisations that take an incremental, step-by- step approach to implementing ERM. It offers ‘succinct, tangible steps to implement an effective ERM program’.
As noted in the paper, any ERM initiative needs to be carefully tailored to the needs and context of a specific organisation. The updated COSO ERM Framework clarifies both the relationship between strategy and risk and that the objective of ERM is to assist the organisation to achieve its strategy and business objectives. Understanding these two points is not only critical for ERM success but important in setting the right risk culture.
It’s worth reading the paper which you can find on the COSO website. Even if your organisation does not follow the COSO model (and might instead follow ISO 31000 or other industry standards), it’s worth checking your ERM framework against the suggestions in the paper as a means of continual improvement.