COSO is an organization dedicated to providing thought leadership and guidance on internal control, enterprise risk management and fraud deterrence.
COSO releases draft update to its 2004 Enterprise Risk Management – Integrated Framework (Framework) for a public comment period ending on September 30th.
As part of COSO’s efforts to solicit public feedback in the development of the COSO Framework, we encourage you to download the updated draft Framework at erm.coso.org and provide comments by September 30th.
The draft update, titled: Enterprise Risk Management – Aligning Risk with Strategy and Performance (updated Framework) reflects input from hundreds of business and risk professionals, senior executives and board members, academics and government representatives from across the globe.
Visit pwc.com/coso-erm, your gateway to learn more about the major concepts and themes of the updated draft Framework and how they may impact your business.
Originally developed in 2004 by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), the COSO ERM – Integrated Framework is one of the most widely recognized and applied risk management frameworks in the world.
The Framework provides guidance to boards and management to manage risks from strategy setting through execution and recognizes the increasing importance of the connection between strategy and entity performance.
Hundreds of business executives and risk professionals from around the world asked us how they could use Enterprise Risk Management (ERM) programs more strategically to create value-driven performance.
We listened and so did the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Together we set out to update the ERM – Integrated Framework (the Framework) to address how the alignment of risk, strategy and performance could create unprecedented opportunity for optimal business performance.
Originally issued in 2004 by COSO, the Framework is one of the most widely recognized and applied enterprise risk management frameworks in the world.
COSO will release a draft of the new Framework to the public for a 90-day comment period soon. While it’s consistent with the 2004 version, it provides boards and management with the principles to manage risk, from strategy-setting through execution. It clearly establishes the connections between risk, strategy and performance to create, preserve and realize value.
In a separate initiative, COSO released the updated Internal Control–Integrated Framework in May 2013. The 2013 Framework superseded the original 1992 Framework and went into effect at the end of the transition period on December 15, 2014.
Blog: PwC to update COSO Enterprise Risk Management - Integrated Framework
COSO has elected PwC to lead the process of reviewing and updating its Enterprise Risk Management Framework. Learn more about the effort.
10Minutes on why the COSO Update deserves your attention
PwC - 5/14/13
COSO has published a PwC-authored update to its framework, the first in over 20 years, which gives you an opportunity to refresh your controls for today's environment.
COSO Seeks Public Comment on Update to Enterprise Risk Management – Integrated Framework
COSO – 06/14/2016
COSO unveiled an update to its Enterprise Risk Management – Integrated Framework and is seeking public comment of the proposal June 15. The update is designed to address the needs of all organizations to improve their approach to managing new and existing risks as a way to help create, preserve, sustain and realize value.
COSO white paper explains how to leverage COSO framework across three lines of defense
COSO - 07/07/2015
This new COSO white paper advocates applying the Three Lines of Defense model for clearly defining responsibilities for three aspects of risk: risk ownership, risk monitoring, and risk assurance. Functions that own and manage risks are the first line. Various risk control and compliance functions that monitor risks are the second line. Internal audit, which provides independent assurance on the effectiveness of control and compliance functions, is the third line.
COSO Names Advisory Group for ERM-Integrated Framework Update
COSO - 02/09/2015
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) announced the appointed group of advisors and observers for the project to review and update the 2004 Enterprise Risk Management–Integrated Framework (Framework). The group is made up of representatives from leading professional service, technological, legal, academic and public organizations.
COSO report offers guidance on using Frameworks to assess cyber risks
COSO - 01/14/2015
COSO has published a new thought leadership paper titled COSO in the Cyber Age to provide direction on how the Internal Control-Integrated Framework (2013) and the Enterprise Risk Management-Integrated Framework (2004) can help organizations effectively and efficiently evaluate and manage cyber risks.
COSO announces project to update Enterprise Risk Management–Integrated Framework
COSO - 10/21/2014
COSO announced a project to review and update the 2004 Enterprise Risk Management–Integrated Framework (Framework). The Framework is a widely accepted framework used by management to enhance an organization’s ability to manage uncertainty and to consider how much risk to accept as it strives to increase stakeholder value. This initiative is intended to (1) enhance the Framework’s content and relevance in an increasingly complex business environment and (2) develop tools to assist management in reporting risk information and in reviewing and assessing the application of enterprise risk management.