COSO ERM Framework/Activities
Internal Environment: Risk Management Philosophy –Board of Directors –Establish Risk Management Framework–Organizational Structure –Assignment of Authority and Responsibility
Objective Setting: Strategic Objectives ––Develop Risk Appetite / Risk Tolerances
Event Identification: Identify potential threats –Events –Influencing Factors –Event Interdependencies –Event Categories –Distinguish Risks/Opportunities
Risk Assessment: Inherent and Residual Risk –Establishing Likelihood and Impact –Data Sources –Assessment Techniques
Risk Response: Evaluating Possible Responses –Selected Responses –Portfolio View
Control Activities: Integration with Risk Response –Types of Control Activities
Information and Communication: Relevant information is identified and communicated
Ongoing Monitoring: Coordinating Risk Activities–Reporting Deficiencies
Replies