Understand the COSO ERM Framework
	Understand and practice the most current risk management techniques
	Be able to apply current risk management techniques to your organization
	Be prepared to play a leading role in your organization’s management of business risk

	Risk Management Basics Origins and drivers  What control frameworks (COSO/CoCo) say about risk The risk management process – basic The new understanding of risk Why COSO developed this new framework; how it differs from the original
	ERM: Two Real-World Examples The Right Way to Implement ERM Robust ERM at Countrywide Financial The minimalist approach at a Fortune 500 manufacturing firm
	ERM: Current Status, Benefits, Benchmarking Results of 2004 global CEO survey Benchmark your organization against survey results ― what do you need to get to the next level?
	Internal Environment Risk management factors & issues to consider Techniques to foster the desired environment A Tool to monitor the internal environment: Ameritech’s entity-wide Self-Assessment Survey Entity-wide surveys: keys to success, caveats, things to consider Exercise: develop survey statements for internal environment
	Objective Setting Strategic, operational, financial, compliance objectives SMART Objectives Exercise: set objectives for GROT or your own organization Risk appetite and risk tolerance
	Event Identification Events: risks and opportunities Techniques for identifying events Event categories: examples Exercise: develop event categories Exercise: identify events for your objectives
	Risk Assessment Inherent and residual risk Qualitative and quantitative risk assessment techniques Exercise: select techniques for risks you identified Risk maps Aggregating risks ― portfolio view
	ERM: Real-World Example Simple, practical, bottoms-up approach at Texas State Comptroller

 

	Risk Response & Control Activities   Risk response: avoid, reduce, share, accept Exercises: risk response Control Activities: Some useful concepts Control activities are changing COSO, CoCo and soft controls “Working inventory” of soft controls
	Information and Communication; Monitoring Enterprise risk & assurance software Monitoring risk management techniques: guidelines and tips Exercise: Monitoring Separate evaluations: Canada Post example Continuous monitoring: Fannie Mae example
	ERM: Real-World Example The Evolution of ERM at Aquila
	ERM Issues ERM architecture Sample risk management policy Risk management culture, other considerations Implementation guidelines and tips A diagnostic tool for mature risk management Internal audit’s role in ERM Link for further information

[ COSO-Based IA ] [ Sarbanes-Oxley ] [ Best Practices ] [ ERM ] [ Soft Controls ] [ Operational ] [ New Auditor ] [ Leadership ] [ Relationship ] [ Report ]