COSO Enterprise Risk Management How do we use the COSO ERM framework?
Slide 61
Slide 62
Slide 63
Slide 64
Slide 65
Slide 66
Slide 67
Slide 68
Slide 69
Role of Executive Management
Slide 71
Slide 72
Slide 73
Slide 74
Slide 75
Slide 76
Slide 77
Slide 78
Slide 79
Role of the Director
Slide 81
Slide 82
Slide 83
Slide 84
Slide 85
Slide 86
Slide 87
Slide 88
Slide 89
Slide 90
Slide 91
Slide 92
Slide 93
Slide 94
Role of the Chief Risk Officer
Slide 96
Slide 97
Slide 98
Slide 99
Slide 100
Slide 101
Slide 102
Slide 103
Slide 104
Slide 105
Slide 106
Risk Management Oversight Structure
Slide 108
Slide 109
Slide 110
Slide 111
Slide 112
Slide 113
Slide 114
Slide 115
Slide 116
Slide 117
Slide 118
Slide 119
Slide 120
Slide 121
Slide 122
Slide 123
Slide 124
Slide 125
Role of Internal Audit
Slide 127
Vision and Objectives
Conducting Risk Assessments
Getting Started – Set the Foundation
Building & Enhancing Capabilities
Building a Compelling Business Case
Making it Happen
Relevance to SOX Compliance
Other Questions
Nội dung
Enterprise Risk Management (ERM) ‘Integrated Framework’ FUNDAMENTALS & ROLES • • • • • • • The Fundamentals COSO Enterprise Risk Management Role of Executive Management Role of the Director Role of the Chief Risk Officer Risk Management Oversight Structure Role of Internal Audit IMPLEMENTATION • • • • • • • • Risk Management Vision and Objectives Conducting Risk Assessments Getting Started – Set the Foundation Building & Enhancing Capabilities Building a Compelling Business Case Making it Happen Relevance to Sarbanes-Oxley Compliance Other Questions The Fundamentals What is Enterprise Risk Management (ERM)? “a process, effected by an entity’s board of directors, management and other personnel, applied in strategy-setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.” The Fundamentals • • • • A process, ongoing and flowing through an entity Effected by people at every level of an organization Applied in strategy-setting Applied across the enterprise, at every level and unit, and includes taking an entity-level portfolio view of risk • Designed to identify potential events affecting the entity and manage risk within its risk appetite • Able to provide reasonable assurance to an entity’s management and board • Geared to the achievement of objectives in one or more separate but overlapping categories – it is “a means to an end, not an end in itself.” The Fundamentals Why implement ERM? Reduce unacceptable performance variability Align and integrate varying views of risk management Build confidence of investment community and stakeholders Enhance corporate governance Successfully respond to a changing business environment Align strategy and corporate culture The Fundamentals Traditional Risk Management protecting the tangible assets reported on a company’s balance sheet and the related contractual rights and obligations (physical and financial assets) ERM enhancing business strategy The Fundamentals Five broad categories of assets representing sources of value • Physical • Financial • Customer • Employee Supplier • Organizational The Fundamentals 10 Risk Management Oversight Structure 121 Risk Management Oversight Structure 122 Risk Management Oversight Structure 123 Risk Management Oversight Structure 124 Risk Management Oversight Structure 125 Role of Internal Audit 126 IMPLEMENTATION • • • • • • • • Vision and Objectives Conducting Risk Assessments Getting Started – Set the Foundation Building & Enhancing Capabilities Building a Compelling Business Case Making it Happen Relevance to Sarbanes-Oxley Compliance Other Questions 127 Vision and Objectives 128 Conducting Risk Assessments 129 Getting Started – Set the Foundation 130 Building & Enhancing Capabilities 131 Building a Compelling Business Case 132 Making it Happen 133 Relevance to SOX Compliance 134 Other Questions 135 ... ROLES • • • • • • • The Fundamentals COSO Enterprise Risk Management Role of Executive Management Role of the Director Role of the Chief Risk Officer Risk Management Oversight Structure Role of... Fundamentals What is Enterprise Risk Management (ERM)? “a process, effected by an entity’s board of directors, management and other personnel, applied in strategy-setting and across the enterprise, designed... and management? Management s choices as to the relevant business objectives, the specific risk responses and the allocation of entity resources are management decisions and are not part of ERM Risk