COSO Enterprise Risk Management: Understanding the New Integrated ERM Framework - Hardcover

About the Author

Robert R. Moeller, CPA, CISA, CISSP, is an internal audit specialist and project manager with a strong understanding of information systems, corporate governance, and security. He has over twenty–five years of experience in internal auditing, ranging from launching new internal audit functions in several companies to serving as audit director for a Fortune 50 corporation. He held positions with Grant Thornton (national director of computer auditing) and Sears Roebuck (audit director). A frequently published author and professional speaker, he provides insights into many of the new rules impacting internal auditors today as well as the challenges audit committees face when dealing with Sarbanes–Oxley, internal controls, and their internal auditors.

From the Back Cover

Praise for
COSO Enterprise Risk Management

"COSO ERM is a thoughtful introduction to the challenges of risk management at the enterprise level and contains a wealth of information on dealing with it through the use of the COSO framework. Detailed procedures covering a wide variety of situations are followed by a thorough explanation of how each is deployed. As a project management professional, I appreciate how the author addresses the need for risk management at a project level. His background as someone who ′practices what they preach′ and realizes the impact of the Sarbanes–Oxley auditing rules comes through clearly in the book, and it should be mandatory reading for anyone seeking to understand how to tackle their own ERM issues."
Greg Gomel, PMP, CQM, CSQE, ITIL, Director, Project Management, Insight North America

"This volume clearly and comprehensively outlines the usefulness of COSO Enterprise Risk Management guidance. It should provide considerable benefit to those having governance responsibilities in this important area."
Curtis Verschoor, L & Q Research Professor, School of Accountancy and MISDePaul University, Chicago

Transform your company′s internal control function into a valuable strategic tool

Today′s companies are expected to manage a variety of risks that would have been unthinkable a decade ago. More than ever, it is vital to understand the dimensions of risk as well as how to best manage it to gain a competitive advantage.

COSO Enterprise Risk Management clearly enables organizations of all types and sizes to understand and better manage their risk environments and make better decisions through use of the COSO ERM framework.

A pragmatic guide for integrating ERM with COSO internal controls, this important book:

• Offers you expert advice on how to carry out internal control responsibilities more efficiently

• Updates you on the ins and outs of the COSO Report and its emergence as the new platform for understanding all aspects of risk in today′s organization

• Shows you how an effective risk management program, following COSO ERM, can help your organization to better comply with the Sarbanes–Oxley Act

• Knowledgeably explains how to implement an effective ERM program

COSO Enterprise Risk Management is the invaluable working resource that will show you how to identify risks, avoid pitfalls within your corporation, and keep it moving ahead of the competition.

From the Inside Flap

COSO Enterprise Risk Management

Understanding the New Integrated ERM Framework

When COSO ERM was first released, some professionals inadvertently viewed this new risk–based framework as simply an update of the COSO Internal Controls framework of ten years before.?Filled with valuable advice and guidance from an industry insider, COSO Enterprise Risk Management hails COSO ERM as the new way of looking at all aspects of risk in today′s organization, equipping professionals to better understand the COSO ERM framework and make maximum use of this tool in evaluating the risks associated with all business decisions.

Using the COSO ERM framework′s model and terminology, this timely book discusses the importance of understanding the various risks facing many aspects of business operations and helps professionals develop and follow an effective risk culture for many business and operating decisions. To this end, a hypothetical company, "Global Computer Products, Inc.," illustrates the practical application of COSO ERM within realistic corporate circumstances.

COSO Enterprise Risk Management thoroughly provides clear–cut guidance on relevant topics including:

• The importance of enterprise risk management today

• Key concepts and terminology used in risk assessments

• ERM as an overall structure, integrating the strategic, operational, reporting, and compliance objectives

• The ways in which the COSO ERM framework approach can help an organization to better manage risks and to achieve key objectives

• Information technology and ERM including discussion of application systems risks, effective continuity planning, and worms, viruses, and systems network access risks

Compliance with well–recognized and mandated standards are important for every organization and allows a corporation to demonstrate that they are following best practices and are in conformity with regulatory rules. COSO Enterprise Risk Management uniquely helps business professionals at all levels from staff internal auditors to corporate board members to understand risk management in general and make more effective use of the new COSO ERM risk management framework.