John Wiley & Sons Enterprise Risk Management Cover This new publication includes invaluable guidance for anyone responsible for or advising on an enter.. Product #: 978-1-941651-08-7 Regular price: $74.67 $74.67 Auf Lager

Enterprise Risk Management

Guidance for Practical Implementation and Assessment



1. Auflage Februar 2018
64 Seiten, Softcover
Wiley & Sons Ltd

ISBN: 978-1-941651-08-7
John Wiley & Sons

Jetzt kaufen

Preis: 79,90 €

Preis inkl. MwSt, zzgl. Versand

This new publication includes invaluable guidance for anyone responsible for or advising on an enterprise risk management process (ERM), whether the process is in its early stages or is already well established. This resource will help you ensure the ERM process is well designed, well executed, and ultimately successful.

Global, economic, and regulatory conditions as well as everyday internal risks can affect business operations, so it's important to have a process in place that identifies these events and manages risks. This guide leverages the concepts of existing frameworks as a foundation for providing illustrative examples, best practices, and guidance for implementing or assessing an enterprise risk management process.

Recognition iii

1 Overview of the Enterprise Risk Management Guide 1

I. Introduction 1

II. Who Should Use this Guide 1

III. Conceptual Basis 2

2 ERM Concepts and Components 3

I. What does ERM Encompass? 3

Events, Opportunities and Risks 3

The Importance of Taking an Enterprise View 3

Risk Appetite, Risk Tolerance, and Risk Attitude 4

II. Components of Enterprise Risk Management 4

1.0 Internal Environment 5

2.0 Objective Setting 5

3.0 Event Identification 6

4.0 Risk Assessment 8

5.0 Risk Response 11

6.0 Control Activities 12

7.0 Information and Communication 13

8.0 Monitoring 13

III. ERM Roles and Responsibilities 14

Entity Roles 14

Board or Equivalent Roles 14

Entity Management 14

Internal Auditors 15

The Role of External Parties in the ERM Process 15

3 ERM Program Development 17

I. Mobilize 17

Establishing Appropriate Sponsorship 18

Project Governance 18

Planning and Launch 18

Timeline 19

II. Current State Analysis 19

Current State Considerations 19

Gather Documentation 20

Timeline 20

III. Future State Operating Model Design 20

Peer and Industry Analysis . 21

Develop a Target ERM Operating Model and Framework 21

Develop the ERM Risk Appetite and Risk Tolerances 21

Link Current ERM Activities to the ERM Program Plan 23

Documenting ERM Policies 23

ERM Program Scalability and Related Considerations 23

3 ERM Program Development--continued ERM Program Technology Considerations 23

Timeline 24

IV. Gap Analysis 24

Preliminary Observations 24

Recommendations 24

Timeline 24

V. Implementation 25

Develop Implementation Roadmap 25

Project Planning 25

Communication and Training 25

Design Program Performance Metrics 26

Changes to the Implementation Plan 26

Timeline 27

4 ERM Program Maturity Monitoring and Evaluation 29

I. ERM Program Evaluation 29

Approach to an ERM Program Evaluation 30

II. Keeping Up with Change 30

III. Understanding Continuous Improvement 31

IV. Commitment to Continuous Improvement 32

Glossary of Terms 33

Appendix Page

A COSO and ISO 31000 Framework Mapping 35

B Example ERM Program Maturity Self-Assessment 45

C References 53
Founded in 1887, the American Institute of Certified Public Accountants (AICPA) represents the CPA and accounting profession nationally and globally regarding rule-making and standard-setting, and serves as an advocate before legislative bodies, public interest groups and other professional organizations. The AICPA develops standards for audits of private companies and other services by CPAs; provides educational guidance materials to its members; develops and grades the Uniform CPA Examination; and monitors and enforces compliance with the accounting profession's technical and ethical standards.
The AICPA's founding established accountancy as a profession distinguished by rigorous educational requirements, high professional standards, a strict code of professional ethics, a licensing status and a commitment to serving the public interest.