Chpt_7_outline_-_ERM_model

Chpt_7_outline_-_ERM_model - There are eight elements of...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
CHAPTER 7 OUTLINE - ERM COSO Framework – Enterprise Risk Management COSO – Internal Control Framework (ICF) – The ICF had a major impact on guiding internal control frameworks COSO 1992 Internal Control Framework Objectives: efficiency, effectiveness, reporting, compliance COSO 2004 - ERM Expands COSO’s ICF Enterprises create value Risk response SEC 2003 COSO’s ICF serves as a framework for Sarbox Section 404 COBIT 1996 / 2005 Information must meet COSO criteria; IT resources must be controlled 34 IT processes must be controlled FASB 1995 SAS 78 adopts COSO 1992 FASB 2001 SAS 94 modifies SAS 78 to incorporate the effect of IT on an audit IT gains prevalence Source: Adapted from Gelinas and Dull, 2007
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
The ERM framework According to ERM, companies have four objectives (the top of the cube): 1. Strategic objectives – 2. Operations objectives – 3. Reporting objectives – 4. Compliance objectives – These goals permeate the company at all organizational levels (the side of the cube)
Background image of page 2
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 4
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Background image of page 6
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: There are eight elements of risk and control components that must be addressed by companies (the front of the cube). These are discussed in depth in the book; well discuss three of them. 1. Internal Environment (a.k.a. control environment) First it focuses on employees A. Top Management B. Board of Directors C. Commitment to Integrity, Ethics, and Competence Then it addresses the operations of the organization: D. Organizational structure Reporting lines Company and segment organization E. Responsibility assignments F. Employee development And acknowledges that external influences may affect the internal structure, such as regulations imposed by the SEC, stock exchanges, FASB, etc. 5. Risk Assessment and Response Will be covered extensively in your auditing class; this is a preview Two types of risk: 1. Inherent risk 2. Residual risk Risk assessment Expected value of risk (i.e., expected loss) =...
View Full Document

Page1 / 6

Chpt_7_outline_-_ERM_model - There are eight elements of...

This preview shows document pages 1 - 6. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online