Cantitate/Preț
Produs

Risk Assessment for Mid–Sized Organisations: COSO Tools for a Tailored Approach

De (autor)
Notă GoodReads:
en Limba Engleză Carte Paperback – 30 May 2017
Companies often struggle with the concept of enterprise risk management. The heart of ERM is the risk assessment process that has evolved from the COSO framework. This resource offers practical examples and explanations that lay out a clearly defined framework for approaching enterprise risk management from start to finish. It identifies risk at the entity level in small and medium size enterprises, and allows you to develop a tailored approach to an organization s risk management requirements.
The publication features tightly written strategies and helpful diagrams that translate COSO guidelines into tactical plans and it includes a free download containing:
  • A set of Excel worksheets that show how following the ERM tactics will impact quantitative financial measurements
  • A PowerPoint presentation for training staff that are involved in the ERM process
Together this approach will allow you to create a solid structure for a risk management process that helps you avoid the internal and external risks that damaged so many organizations in the recent past. You will be able to:
  • Create a common language to define, identify, evaluate, and manage risk
  • Establish and agree on risk tolerances and risk appetite
  • Identify risk management expectations, current gaps, and risk owners
  • Leverage cross–functional expertise to manage risk to within acceptable levels
Citește tot Restrânge

Preț: 26781 lei

Puncte Express: 402

Preț estimativ în valută:
5466 $ 4789£

Carte disponibilă

Livrare economică 06-18 iulie
Livrare express 28 iunie-04 iulie pentru 5901 lei

Preluare comenzi: 021 569.72.76

Specificații

ISBN-13: 9781940235080
ISBN-10: 1940235081
Pagini: 144
Dimensiuni: 213 x 280 x 8 mm
Greutate: 0.38 kg
Ediția: 2nd Edition
Editura: Wiley
Locul publicării: Hoboken, United States

Public țintă

CFOs, controllers, auditors

Cuprins

INTRODUCTION: EMBRACING ENTERPRISE RISK MANAGEMENT: PRACTICAL APPROACHES FOR GETTING STARTED 1 Overview and the Question of Where to Start? 1
Keys to Success 2
Theme 1. Support From the Top Is a Necessity 2
Theme 2. Build ERM Using Incremental Steps 3
Theme 3. Focus Initially on a Small Number of Top Risks 4
Theme 4. Leverage Existing Resources 5
Theme 5. Build on Existing Risk Management Activities 5
Theme 6. Embed ERM Into the Business Fabric of the Organisation 5
Theme 7. Provide Ongoing ERM Updates and Continuing Education for Directors and Senior Management 6
Initial Action Steps and Objectives 6
Step 1. Seek Board and Senior Management Leadership, Involvement and Oversight 8
Step 2. Select a Strong Leader to Drive the ERM Initiative 8
Step 3. Establish a Management Risk Committee or Working Group 9
Step 4. Conduct the Initial Enterprise–wide Risk Assessment and Develop an Action Plan 10
Step 5. Inventory the Existing Risk Management Practices 11
Step 6. Develop Your Initial Risk Reporting 13
Step 7. Develop the Next Phase of Action Plans and Ongoing Communications 14
Continuing ERM Implementation 15
Chapter Summary 16
Where to Start: Draft Action Plan for an ERM Initiative 16
1 COMPELLING REASONS FOR ENTERPRISE RISK MANAGEMENT 21
The Evolution of the COSO Internal Control: Integrated Framework to the COSO ERM Framework 23
2 ENTITY–WIDE RISK ASSESSMENT 25
Risk Tolerance 26
Materiality 27
Objective Setting 31
3 IDENTIFYING RISK: ENTITY–LEVEL VERSUS ACTIVITY–LEVEL 33
Risk Assessment 38
Probability 39
Potential Impact 41
4 RISK MANAGEMENT 45
Control Maturity 47
Residual Risk 48
5 ACTIVITY–LEVEL RISK ASSESSMENT 51
Understanding the Approach: Financial Reporting 51
Workshop Prerequisites 52
Risk Factor Rating System 53
Risk Factor Scale 54
Weighting of Risk Factors 54
Activity–Level Risk Factor Rating Table Guidelines 57
Activity–Level Inherent and Fraud Risks 59
6 UNDERSTANDING AND COMMUNICATING RISK APPETITE 61
Enterprise Risk Management and Decision Making 62
Develop Risk Appetite 62
Communicate Risk Appetite 62
Monitor and Update Risk Appetite 62
Can it Be Done? 63
Overview 64
Risk Appetite Is an Integral Part of Enterprise Risk Management 64
Considerations Affecting Risk Appetite 64
Steps in Adopting Risk Appetite 66
Risk Appetite Statements 66
Characteristics of Effective Risk Appetite Statements 67
Reluctance to Embrace Risk Appetite 68
Risk Appetites Are Not All the Same 68
Examples of Risk Appetite Statements 69
Risk Appetite and Risk Tolerance 71
Linking Risk Appetite and Risk Tolerance 72
Examples of Risk Tolerance Statements 74
Developing Risk Appetite 75
Facilitated Discussions 75
Discussions Related to Objectives and Strategies 76
Development of Performance Models 78
Communicating Risk Appetite 78
Broad Risk Appetite Statement 79
Risks Related to Organisational Objectives 79
Categories of Risk 80
Risk Appetite Cascades Through the Organisation 81
Monitoring and Updating Risk Appetite 82
Creating a Culture 82
Roles 83
Summary of Risk Appetite Considerations 86
EPILOGUE 89
REFERENCES 91
APPENDIX A: KEY TERMS 93
APPENDIX B: SAMPLE RISK LIBRARY 95
APPENDIX C: SAMPLE HEAT MAPS 97
APPENDIX D: SAMPLE CONTROL MATURITY MODELS 103
APPENDIX E: SAMPLE COMPANY MODEL MAPPED TO
ENTITY–WIDE RISK LIBRARY 107
APPENDIX F: EXAMPLES OF RISK ASSESSMENT REPORTING 115
APPENDIX G: SAMPLE OF A FINANCIAL REPORTING RISK LIBRARY (INHERENT AND FRAUD RISKS) 125

Notă biografică

Scott McKay is a partner at Cherry, Bekaert & Holland LLP and has been named practice leader for the firm s risk advisory services group. He formerly was employed with Cree, Inc. as the company s corporate controller and at McGladrey & Pullen LLP where he performed audit, awareness and risk advisory services for both public and private companies in a variety of industries. He is a Certified Public Accountant (CPA) in California and North Carolina and maintains several other professional credentials. He frequently is requested to speak on a variety of risk management topics at universities, professional institutions and other organizations.