Risk management involves the identification, assessment, and prioritization of risks and the application of resources to minimize, control, and mitigate the impact of unfortunate events on a business. It is the job of a board to oversee that their management teams have adequate risk management policies and procedures in place. A major part of any risk oversight plan is determining a company’s risk appetite: the amount of risk an organization is willing to accept in pursuit of strategic objectives. When done right, it is a robust process that can help management and the board understand exposures and make appropriate risk-based strategic decisions.
PwC’s 2015 Annual Corporate Directors Survey
Directors have become more confident in their ability to oversee risk and are taking more concrete actions to deter fraud and ensure appropriate “tone at the top.”
COSO ERM framework update addresses risk management changes
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has issued for comment a draft of an update to its 2004 ERM framework.