Enterprise risk management and COSO : a guide for directors, executives, and practitioners

Praise for Enterprise Risk Management and COSO: A Guide for Directors, Executives, and Practitioners "Enterprise Risk Management and COSO is a comprehensive reference book that presents core management of risk tools in a helpful and organized way. If you are an internal auditor who is interested in risk management, exploring this book is one of the best ways to gain an understanding of enterprise risk management issues." -Naly de Carvalho, FSA Times "This book represents a unique guide on how to manage many of the critical components that constitute an organization's corporate defense program." -Sean Lyons, Corporate Defense Management (CDM) professional "This book provides a comprehensive analysis of enterprise risk management and is invaluable to anyone working in the risk management arena. It provides excellent information regarding the COSO framework, control components, control environment, and quantitative risk assessment methodologies. It is a great piece of work." -J. Richard Claywell, CPA, ABV, CVA, CM&AA, CFFA, CFD "As digital information continues its exponential growth and more systems become interconnected, the demand and need for proper risk management will continue to increase. I found the book to be very informative, eye-opening, and very pragmatic with an approach to risk management that will not only add value to all boards who are maturing and growing this capability, but also will provide them with competitive advantage in this important area of focus." -David Olivencia, President, Hispanic IT Executive Council Optimally manage your company's risks, even in the worst of economic conditions. There has never been a stronger need for sound risk management than now. Today's organizations are expected to manage a variety of risks that were unthinkable a decade ago. Insightful and compelling, Enterprise Risk Management and COSO reveals how to: Successfully incorporate enterprise risk management into your organization's culture Foster an environment that rewards open discussion of risks rather than concealment of them Quantitatively model risks and effectiveness of internal controls Best discern where risk management resources should be dedicated to minimize occurrence of risk-based events Test predictive models through empirical data

About the Contributors. Acknowledgments. Preface. SECTION I ORGANIZATIONAL RISK MANAGEMENT. Chapter 1 An Introduction to Risk. Chapter 2 Key Tenets of Enterprise Risk Management. Chapter 3 Mitigating Operational Risks Through Strategic Thinking. Chapter 4 Mitigating Risk in Internal Investigations and Insurance Coverage. SECTION II QUANTITATIVE RISK MANAGEMENT. Chapter 5 Recognized Control Frameworks: COSO-IC and COSO-ERM. Chapter 6 Other Control Frameworks. Chapter 7 Qualitative Control Concepts. Chapter 8 Quantitative Control Relationships. Chapter 9 Excel Applications. Chapter 10 Interdependent Systems. Chapter 11 Documentation. Chapter 12 The Process for Assessing Internal Control. Chapter 13 Monitoring Internal Controls. Chapter 14 Accounting Policies and Procedures. Chapter 15 Business Process Applications. Chapter 16 General and Infrastructure Systems. Chapter 17 Trusted System Providers. Chapter 18 Reporting on Internal Control. Chapter 19 Review and Acceptance of Assessments. Glossary. Appendix: Internal Control Sections of the Sarbanes-Oxley Act. Index.