Give your two cents on the updated COSO ERM framework

coso erm framework update
July 14, 2016

The recently released updated COSO Enterprise Risk Management (ERM) framework is available for public comment through Sept 30, 2016. Provide feedback here.

With risk strategy and management vastly expanding and increasing in complexity, this updated framework is designed to apply to all businesses more extensively to meet changing demands.

Updates from the 2004 framework include:

  • Increasing focus on in-depth board awareness and oversight
  • Linking strategy and performance
  • Evolution of practices
  • Current and changing approaches

COSO partnered with PwC, author of the original framework, and created an advisory council, composed of industry leaders and nonprofit organizations, to determine what updates and changes were necessary to include.

For early adopters of the COSO ERM framework, this comment period is an opportunity to contribute ideas and concerns, and help ensure the new framework addresses your needs and provides solutions accordingly. If you are not currently using this framework, this is a prime time to see how it would be a good fit for your organization.

Improving your ERM strategy comes in two components: The framework and the technology used to implement it. As with any effective framework, in order to be effectively supportive, a technology solution needs to be flexible enough to adapt to the evolving nature of risk.

Wdesk provides a unique reporting environment that easily connects all three lines of defense in a way the encourages a healthy risk culture and provides timely visibility into critical risk information. The cloud-based platform is flexible enough to help risk managers effectively execute any ERM function, including the COSO ERM framework. To learn more, watch this short video.

Joe Boeser

About the author

Joe Boeser brings over 10 years experience in risk management, compliance, and ERM to his role as Senior Product Marketing Manager at Workiva. Joe's extensive experience includes developing and implementing risk management and ERM programs as well as directly managing risk and control operations. This includes managing the ERM program at a large banking institution and overseeing SOX and internal audit programs. Joe holds an MBA and Juris Doctor.