COSO Enterprise Risk Management Understanding the New Integrated ERM Framework
by Robert R. Moeller
Corporations face increasing risks in business operations in today’s competitive environment. However until very recently all organizations, including non-profits and governments, have not had a consistent definition of what is meant by risk management. All of that changed in 2004 when the Committee on Sponsoring Organizations (COSO) launched a new risk management definition called COSO enterprise risk management or COSO ERM. This new framework provides both a structure and definition allowing organizations to understand and manage their risk environments. The author’s objective in this book is to assist business professionals to understand risk management and effectively implement the COSO ERM framework.
The book starts with the importance of ERM in today’s organization and the fundamentals. It moves on to the components of COSO ERM and organizational objectives. The next chapters deal with implementing the framework and integrating it with COSO internal controls. Coverage continues with topics relating ERM with Sarbanes-Oxley, the corporate board room, internal audit, project management and information technology. The book concludes with establishing an effective risk culture and the global perspective of ERM.
When reviewing this book I did notice that each chapter begins with a large type font and then shifts to a smaller type which detracts from readability. I am not sure if this was intentional or a production oversight. In light of the number of books published by Wiley my feeling is this occurred in production and the publisher should be able to correct when they reprint.
While I tend to lean towards books with checklists and tools with value-added take away features, this work does provide all the foundations for a skill set in COSO ERM. All in all, Mr. Moeller provides auditors with the most current information on the new framework and would be a valuable addition to the professional library.