Buch, Englisch, 366 Seiten, Format (B × H): 183 mm x 260 mm, Gewicht: 921 g
Reihe: Wiley Corporate F&A
Buch, Englisch, 366 Seiten, Format (B × H): 183 mm x 260 mm, Gewicht: 921 g
Reihe: Wiley Corporate F&A
ISBN: 978-0-470-91288-1
Verlag: Wiley
COSO Enterprise Risk Management, Second Edition clearly enables organizations of all types and sizes to understand and better manage their risk environments and make better decisions through use of the COSO ERM framework. The Second Edition discusses the latest trends and pronouncements that have affected COSO ERM and explores new topics, including the PCAOB's release of AS5; ISACA's recently revised CobiT; and the recently released IIA Standards.
* Offers you expert advice on how to carry out internal control responsibilities more efficiently
* Updates you on the ins and outs of the COSO Report and ist emergence as the new platform for understanding all aspects of risk in today's organization
* Shows you how an effective risk management program, following COSO ERM, can help your organization to better comply with the Sarbanes-Oxley Act
* Knowledgeably explains how to implement an effective ERM program
Preparing professionals develop and follow an effective risk culture, COSO Enterprise Risk Management, Second Edition is the fully revised, invaluable working resource that will show you how to identify risks, avoid pitfalls within your corporation, and keep it moving ahead of the competition.
Autoren/Hrsg.
Fachgebiete
Weitere Infos & Material
Preface xi
Chapter 1: Introduction: Enterprise Risk Management Today 1
The COSO Internal Controls Framework: How Did We Get Here? 2
The COSO Internal Controls Framework 3
COSO Internal Controls: The Principal Recognized Internal Controls Standard 14
An Introduction to COSO ERM 14
Governance, Risk, and Compliance 15
Global Computer Products: Our Example Company 16
Chapter 2: Importance of Governance, Risk, and Compliance Principles 21
Road to Effective GRC Principles 22
Importance of GRC Governance 23
Risk Management Component of GRC 25
GRC and Enterprise Compliance 26
Importance of Effective GRC Practices and Principles 28
Chapter 3: Risk Management Fundamentals 31
Fundamentals: Risk Management Phases 32
Other Risk Assessment Techniques 45
Chapter 4: COSO ERM Framework 51
ERM Definitions and Objectives: A Portfolio View of Risk 51
COSO ERM Framework Model 55
Other Dimensions of the ERM Framework 86
Chapter 5: Implementing ERM in the Enterprise 89
Roles and Responsibilities of an Enterprise Risk Management Function 90
Risk Management Policies, Standards, and Strategies 100
Business, IT, and Risk Transfer Processes 105
Risk Management Reviews and Corrective Action Practices 108
ERM Communications Approaches 112
CRO and an Effective Enterprise Risk Management Function 113
Chapter 6: Importance of Strong Enterprise Governance Practices 115
History and Background of Enterprise Governance: A U.S. Perspective 116
Enterprise Integrity and Ethical Behavior 119
Disclosure and Transparency 125
Rights and Equitable Treatment of Shareholders and Key Stakeholders 126
Governance Role and Responsibilities of the Board 128
Governance as a Key Element of GRC 128
Chapter 7: Enterprise Compliance Issues Today 131
Compliance Issues Today 132
Establish a Compliance Assessment Team 133
Compliance Risk Assessments and Compliance Program Reviews 136
Work Unit-Level Compliance Tracking and Review Processes 138
Compliance-Related Procedures and Staff Education Programs 141
Enterprise Hotline Compliance and Whistleblower Support 142
Assessing the Overall Enterprise Compliance Program 144
Chapter 8: Integrating ERM with COSO Internal Controls 147
COSO Internal Controls Background and Earlier Legislation 147
Efforts Leading to the Treadway Commission 151
COSO Internal Controls Framework 156
COSO Internal Controls and COSO ERM: Compared 174
Chapter 9: Sarbanes-Oxley and Enterprise Risk Management Concerns 177
Sarbanes-Oxley Act Background 177
SOx Legislation Overview 179
Enterprise Risk Management and SOx Section 404 Reviews 193
Internal Controls Reporting and Materiality 198
PCAOB Risk-Based Auditing Standards 199
Sarbanes-Oxley: The Other Sections 200
SOx and COSO ERM 201
Chapter 10: Corporate Culture and Risk Portfolio Management 203
Whistleblower and Hotline Functions 204
Risk Portfolio Management 208
Integrated Enterprise-Wide Risk Management 211
Chapter 11: OCEG Capability Model GRC Standards 215
GRC Capability Model ''Red Book'' 215
Other OCEG Materials: The ''Burgundy Book'' 223
Level and Scope of the OCEG Standards-Setting Authority 224
Chapter 12: Importance of GRC Principles in the Board Room 225
Board Decisions and Risk Management 226
Board Organization and Governance Rules 230
Corporate Charters and the Board Committee Structure 231
Audit Committees and Managing Risks 235
Establishing a Board-Level Risk Committee 238
Audit and Risk Committee Coordination 244
COSO ERM and Corporate Governance 245
Chapter 13: Role of Internal Audit in Enterprise Risk Management 247
Internal Audit Standards for Evaluating Risk 248
COSO ERM for More Effective Internal Audit Planning 251
Risk-Based Internal Audit Findings and Recommendations 264
COSO ERM and Internal Audit 265
Chapter 14: Understanding Project Management Risks 267
Proje
