ebook img

COSO Enterprise Risk Management: Establishing Effective Governance, Risk, and Compliance Processes PDF

386 Pages·2011·4.08 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview COSO Enterprise Risk Management: Establishing Effective Governance, Risk, and Compliance Processes

FFIRS 07/02/2011 10:22:33 Page2 FFIRS 07/02/2011 10:22:33 Page1 COSO Enterprise Risk Management FFIRS 07/02/2011 10:22:33 Page2 FFIRS 07/02/2011 10:22:33 Page3 COSO Enterprise Risk Management Establishing Effective Governance, Risk, and Compliance Processes Second Edition ROBERT R. MOELLER JohnWiley&Sons,Inc. FFIRS 07/02/2011 10:22:33 Page4 Copyright#2007,2011byJohnWiley&Sons,Inc.Allrightsreserved.Firstedition2007 Secondedition2011 PublishedbyJohnWiley&Sons,Inc.,Hoboken,NewJersey. PublishedsimultaneouslyinCanada. ‘‘PMI’’and‘‘PMBOK’’areregisteredmarksfortheProjectManagementInstitute,Inc. Nopartofthispublicationmaybereproduced,storedinaretrievalsystem,ortransmittedinany formorbyanymeans,electronic,mechanical,photocopying,recording,scanning,orotherwise, exceptaspermittedunderSection107or108ofthe1976UnitedStatesCopyrightAct,without eitherthepriorwrittenpermissionofthePublisher,orauthorizationthroughpaymentofthe appropriateper-copyfeetotheCopyrightClearanceCenter,Inc.,222RosewoodDrive,Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600, or on the Web at www.copyright.com. RequeststothePublisherforpermissionshouldbeaddressedtothePermissionsDepartment, JohnWiley&Sons,Inc.,111RiverStreet,Hoboken,NJ07030,(201)748-6011,fax(201)748- 6008, or online at http://www.wiley.com/go/permissions. LimitofLiability/DisclaimerofWarranty:Whilethepublisherandauthorhaveusedtheirbestefforts inpreparingthisbook,theymakenorepresentationsorwarrantieswithrespecttotheaccuracyor completenessofthecontentsofthisbookandspecificallydisclaimanyimpliedwarrantiesof merchantabilityorfitnessforaparticularpurpose.Nowarrantymaybecreatedorextendedbysales representativesorwrittensalesmaterials.Theadviceandstrategiescontainedhereinmaynotbe suitableforyoursituation.Youshouldconsultwithaprofessionalwhereappropriate.Neitherthe publishernorauthorshallbeliableforanylossofprofitoranyothercommercialdamages,including butnotlimitedtospecial,incidental,consequential,orotherdamages. Forgeneralinformationonourotherproductsandservicesorfortechnicalsupport,please contactourCustomerCareDepartmentwithintheUnitedStatesat(800)762-2974,outsidethe UnitedStatesat(317)572-3993orfax(317)572-4002. Wileyalsopublishesitsbooksinavarietyofelectronicformats.Somecontentthatappearsin printmaynotbeavailableinelectronicbooks.FormoreinformationaboutWileyproducts,visit our web site at www.wiley.com. LibraryofCongressCataloging-in-PublicationData Moeller,RobertR COSOenterpriseriskmanagement:establishingeffectivegovernance,risk,andcompliance processes/RobertR.Moeller.—2nded. p.cm.—(Wileycorporatef&a;560) Includesindex. ISBN978-0-470-91288-1(hardback);ISBN978-1-118-10252-7(ebk); ISBN978-1-118-10253-4(ebk);ISBN978-1-118-10254-1(ebk) 1. Riskmanagement. I. Title. HD61.M5682011 658.1505—dc22 2011012021 PrintedintheUnitedStatesofAmerica 10 9 8 7 6 5 4 3 2 1 FFIRS 07/02/2011 10:22:33 Page5 To my wife and very best friend, Lois Moeller FFIRS 07/02/2011 10:22:33 Page6 FTOC 06/07/2011 11:36:42 Page7 Contents Preface xi Chapter1:Introduction:EnterpriseRiskManagementToday 1 TheCOSOInternalControlsFramework:HowDidWeGetHere? 2 TheCOSOInternalControlsFramework 3 COSOInternalControls:ThePrincipalRecognizedInternalControlsStandard 14 AnIntroductiontoCOSOERM 14 Governance,Risk,andCompliance 15 GlobalComputerProducts:OurExampleCompany 16 Chapter2:ImportanceofGovernance,Risk,andCompliance Principles 21 RoadtoEffectiveGRCPrinciples 22 ImportanceofGRCGovernance 23 RiskManagementComponentofGRC 25 GRCandEnterpriseCompliance 26 ImportanceofEffectiveGRCPracticesandPrinciples 28 Chapter3:RiskManagementFundamentals 31 Fundamentals:RiskManagementPhases 32 OtherRiskAssessmentTechniques 45 Chapter4:COSOERMFramework 51 ERMDefinitionsandObjectives:APortfolioViewofRisk 51 COSOERMFrameworkModel 55 OtherDimensionsoftheERMFramework 86 Chapter5:ImplementingERMintheEnterprise 89 RolesandResponsibilitiesofanEnterpriseRiskManagementFunction 90 RiskManagementPolicies,Standards,andStrategies 100 Business,IT,andRiskTransferProcesses 105 RiskManagementReviewsandCorrectiveActionPractices 108 ERMCommunicationsApproaches 112 CROandanEffectiveEnterpriseRiskManagementFunction 113 vii FTOC 06/07/2011 11:36:43 Page8 viii & Contents Chapter6:ImportanceofStrongEnterpriseGovernancePractices 115 HistoryandBackgroundofEnterpriseGovernance:AU.S.Perspective 116 EnterpriseIntegrityandEthicalBehavior 119 DisclosureandTransparency 125 RightsandEquitableTreatmentofShareholders andKeyStakeholders 126 GovernanceRoleandResponsibilitiesoftheBoard 128 GovernanceasaKeyElementofGRC 128 Chapter7:EnterpriseComplianceIssuesToday 131 ComplianceIssuesToday 132 EstablishaComplianceAssessmentTeam 133 ComplianceRiskAssessmentsandComplianceProgramReviews 136 WorkUnit–LevelComplianceTrackingandReviewProcesses 138 Compliance-RelatedProceduresandStaffEducationPrograms 141 EnterpriseHotlineComplianceandWhistleblowerSupport 142 AssessingtheOverallEnterpriseComplianceProgram 144 Chapter8:IntegratingERMwithCOSOInternalControls 147 COSOInternalControlsBackgroundandEarlierLegislation 147 EffortsLeadingtotheTreadwayCommission 151 COSOInternalControlsFramework 156 COSOInternalControlsandCOSOERM:Compared 174 Chapter9:Sarbanes-OxleyandEnterpriseRiskManagement Concerns 177 Sarbanes-OxleyActBackground 177 SOxLegislationOverview 179 EnterpriseRiskManagementandSOxSection404Reviews 193 InternalControlsReportingandMateriality 198 PCAOBRisk-BasedAuditingStandards 199 Sarbanes-Oxley:TheOtherSections 200 SOxandCOSOERM 201 Chapter10:CorporateCultureandRiskPortfolioManagement 203 WhistleblowerandHotlineFunctions 204 RiskPortfolioManagement 208 IntegratedEnterprise-WideRiskManagement 211 Chapter11:OCEGCapabilityModelGRCStandards 215 GRCCapabilityModel‘‘RedBook’’ 215 OtherOCEGMaterials:The‘‘BurgundyBook’’ 223 LevelandScopeoftheOCEGStandards-SettingAuthority 224

Description:
A fully updated, step-by-step guide for implementing COSO's Enterprise Risk ManagementCOSO Enterprise Risk Management, Second Edition clearly enables organizations of all types and sizes to understand and better manage their risk environments and make better decisions through use of the COSO ERM fra
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.