05984nam 2200577 a 450 991087741490332120200520144314.01-283-22791-697866132279111-118-26914-41-118-10252-5(CKB)2550000000042754(EBL)697656(OCoLC)811494190(SSID)ssj0000529403(MiAaPQ)EBC697656(EXLCZ)99255000000004275420110322h20112007 uy 0engurcnu||||||||txtrdacontentcrdamediacrrdacarrierCOSO enterprise risk management establishing effective governance, risk, and compliance processes /Robert R. Moeller2nd ed.Hoboken, N.J. Wiley2011, c20071 online resource (386 p.)Wiley corporate f&a ;560Description based upon print version of record.0-470-91288-X Includes bibliographical references and index.COSO ENTERPRISE RISK MANAGEMENT: Establishing Effective Governance, Risk, and Compliance Processes; Contents; Preface; Chapter 1: Introduction: Enterprise Risk Management Today; The COSO Internal Controls Framework: How Did We Get Here?; The COSO Internal Controls Framework; COSO Internal Controls: The Principal Recognized Internal Controls Standard; An Introduction to COSO ERM; Governance, Risk, and Compliance; Global Computer Products: Our Example Company; Chapter 2: Importance of Governance, Risk, and Compliance Principles; Road to Effective GRC Principles; Importance of GRC GovernanceRisk Management Component of GRCGRC and Enterprise Compliance; Importance of Effective GRC Practices and Principles; Chapter 3: Risk Management Fundamentals; Fundamentals: Risk Management Phases; Other Risk Assessment Techniques; Chapter 4: COSO ERM Framework; ERM Definitions and Objectives: A Portfolio View of Risk; COSO ERM Framework Model; Other Dimensions of the ERM Framework; Chapter 5: Implementing ERM in the Enterprise; Roles and Responsibilities of an Enterprise Risk Management Function; Risk Management Policies, Standards, and Strategies; Business, IT, and Risk Transfer ProcessesRisk Management Reviews and Corrective Action PracticesERM Communications Approaches; CRO and an Effective Enterprise Risk Management Function; Chapter 6: Importance of Strong Enterprise Governance Practices; History and Background of Enterprise Governance: A U.S. Perspective; Enterprise Integrity and Ethical Behavior; Disclosure and Transparency; Rights and Equitable Treatment of Shareholders and Key Stakeholders; Governance Role and Responsibilities of the Board; Governance as a Key Element of GRC; Chapter 7: Enterprise Compliance Issues Today; Compliance Issues TodayEstablish a Compliance Assessment TeamCompliance Risk Assessments and Compliance Program Reviews; Work Unit-Level Compliance Tracking and Review Processes; Compliance-Related Procedures and Staff Education Programs; Enterprise Hotline Compliance and Whistleblower Support; Assessing the Overall Enterprise Compliance Program; Chapter 8: Integrating ERM with COSO Internal Controls; COSO Internal Controls Background and Earlier Legislation; Efforts Leading to the Treadway Commission; COSO Internal Controls Framework; COSO Internal Controls and COSO ERM: ComparedChapter 9: Sarbanes-Oxley and Enterprise Risk Management ConcernsSarbanes-Oxley Act Background; SOx Legislation Overview; Enterprise Risk Management and SOx Section 404 Reviews; Internal Controls Reporting and Materiality; PCAOB Risk-Based Auditing Standards; Sarbanes-Oxley: The Other Sections; SOx and COSO ERM; Chapter 10: Corporate Culture and Risk Portfolio Management; Whistleblower and Hotline Functions; Risk Portfolio Management; Integrated Enterprise-Wide Risk Management; Chapter 11: OCEG Capability Model GRC Standards; GRC Capability Model ''Red Book''Other OCEG Materials: The ''Burgundy Book''"Using the COSO ERM (Committee of Sponsoring Organizations Enterprise Risk Management) framework's model, this book discusses the importance of understanding the various risks facing the many aspects of business operations. It will help professionals develop and follow an effective risk culture. In addition, it shows how compliance with well-recognized and mandated standards are important for every organization as well as shows how a corporation can demonstrate that it is following best practices and is in conformity with regulatory rules.New topics to be discussed include: (a) the PCAOB's (Public Company Accounting Oversight Board's) release of AS5, which calls for enterprises to perform "top down" risk analyses of their own internal controls, as a major step to SOx compliance; (b) ISACA's (Information Systems Audit and Control Association) recently revised CobiT (Control Objectives for Information related Technology) with a major emphasis on understanding risk when evaluating and assessing IT and enterprise internal controls. This book will discuss the importance of understanding risks when using CobiT; (c) the Institute of Internal Auditors (IIA) Standards recently released specify that internal auditors must assess risks when performing their internal audits; (d) ISO 3100, a standard on risk management, will be introduced; and (e) the AICPA's recently released Risk Assessment Standards for private companies"--Provided by publisher.Wiley Corporate F&ARisk managementRisk management.658.15/5BUS001000bisacshMoeller Robert R724549MiAaPQMiAaPQMiAaPQBOOK9910877414903321COSO enterprise risk management4198622UNINA