SU5.1 Flashcards
(29 cards)
What does COSO stand for?
Committee of Sponsoring Organisations of the Treadway Commission
What is the purpose of the COSO ERM framework?
To provide guidance on enterprise risk management (ERM), internal control, and fraud prevention
What is a fundamental principle of good risk management according to COSO?
Good risk management is necessary for long term success
Why was the COSO ERM framework updated in 2017?
The risk landscape has evolved dramatically and organizations need to be more adaptive to changes
What is the underlying premise of ERM?
Every entity exists to provide value for its stakeholders
How does ERM help entities?
Enhances capacity to create, preserve, and realize value
What are the four ways value can be affected by management decisions?
- Created
- Preserved
- Eroded
- Realized
What is value creation?
When the benefits derived from resources deployed exceed the cost of those resources used
What does value preservation focus on?
Resources used in day-to-day operations to create sustained value
What is value erosion?
When management implements a strategy not yielding expected outcomes
What is value realization?
When stakeholders receive benefits created by the entity
Why is it important to apply ERM?
- Achieve performance and profitability targets
- Avoid negative surprises
- Ensure effective reporting
- Ensure compliance with laws and regulations
- Gain competitive advantage
- Create and protect value
What does governance refer to in the context of ERM?
Allocation of roles, authorities, and responsibilities among stakeholders
What is internal control in the context of ERM?
The process to provide reasonable assurance that objectives will be achieved
How does COSO define Enterprise Risk Management (ERM)?
The culture, capabilities, and practices integrated with strategy-setting and performance that organizations rely on to manage risk
What role does culture play in ERM?
Culture is shaped by people at all levels and influences how ERM practices are implemented
What does developing capabilities in ERM entail?
Capacity to adapt to change and anticipate challenges that may hinder success
What does applying practices in ERM mean?
ERM is continually applied to all activities and is part of management decisions at all levels
What is the relationship between ERM and strategy-setting?
ERM integrates with daily tasks and aligns strategies with the organization’s mission
What is risk appetite?
The range of appropriate practices that guides risk-based decisions
What are the five interrelated components of the COSO ERM framework?
- Governance & Culture
- Strategy & Objective-Setting
- Performance
- Review & Revision
- Information, Communication, & Reporting
How many principles are associated with the COSO ERM framework?
20 principles
What is ISO 31000?
A family of codified standards relating to risk management
What does the ISO 31000 standard provide?
Principles, a framework, and a process to manage any type of risk
