{"product_id":"coso-enterprise-risk-management-isbn-9780470912881","title":"COSO Enterprise Risk Management","description":"\u003cb\u003eA fully updated, step-by-step guide for implementing COSO's Enterprise Risk Management\u003c\/b\u003e  \u003cp\u003e\u003ci\u003eCOSO Enterprise Risk Management, Second Edition\u003c\/i\u003e clearly enables organizations of all types and sizes to understand and better manage their risk environments and make better decisions through use of the COSO ERM framework. The \u003ci\u003eSecond Edition\u003c\/i\u003e discusses the latest trends and pronouncements that have affected COSO ERM and explores new topics, including the PCAOB's release of AS5; ISACA's recently revised CobiT; and the recently released IIA Standards.\u003c\/p\u003e \u003cul\u003e \u003cli\u003eOffers you expert advice on how to carry out internal control responsibilities more efficiently\u003c\/li\u003e \u003cli\u003eUpdates you on the ins and outs of the COSO Report and its emergence as the new platform for understanding all aspects of risk in today's organization\u003c\/li\u003e \u003cli\u003eShows you how an effective risk management program, following COSO ERM, can help your organization to better comply with the Sarbanes-Oxley Act\u003c\/li\u003e \u003cli\u003eKnowledgeably explains how to implement an effective ERM program\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003ePreparing professionals develop and follow an effective risk culture, \u003ci\u003eCOSO Enterprise Risk Management, Second Edition\u003c\/i\u003e is the fully revised, invaluable working resource that will show you how to identify risks, avoid pitfalls within your corporation, and keep it moving ahead of the competition.\u003c\/p\u003e \u003cp\u003ePreface xi\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1: Introduction: Enterprise Risk Management Today 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eThe COSO Internal Controls Framework: How Did We Get Here? 2\u003c\/p\u003e \u003cp\u003eThe COSO Internal Controls Framework 3\u003c\/p\u003e \u003cp\u003eCOSO Internal Controls: The Principal Recognized Internal Controls Standard 14\u003c\/p\u003e \u003cp\u003eAn Introduction to COSO ERM 14\u003c\/p\u003e \u003cp\u003eGovernance, Risk, and Compliance 15\u003c\/p\u003e \u003cp\u003eGlobal Computer Products: Our Example Company 16\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2: Importance of Governance, Risk, and Compliance Principles 21\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eRoad to Effective GRC Principles 22\u003c\/p\u003e \u003cp\u003eImportance of GRC Governance 23\u003c\/p\u003e \u003cp\u003eRisk Management Component of GRC 25\u003c\/p\u003e \u003cp\u003eGRC and Enterprise Compliance 26\u003c\/p\u003e \u003cp\u003eImportance of Effective GRC Practices and Principles 28\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3: Risk Management Fundamentals 31\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFundamentals: Risk Management Phases 32\u003c\/p\u003e \u003cp\u003eOther Risk Assessment Techniques 45\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4: COSO ERM Framework 51\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eERM Definitions and Objectives: A Portfolio View of Risk 51\u003c\/p\u003e \u003cp\u003eCOSO ERM Framework Model 55\u003c\/p\u003e \u003cp\u003eOther Dimensions of the ERM Framework 86\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5: Implementing ERM in the Enterprise 89\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eRoles and Responsibilities of an Enterprise Risk Management Function 90\u003c\/p\u003e \u003cp\u003eRisk Management Policies, Standards, and Strategies 100\u003c\/p\u003e \u003cp\u003eBusiness, IT, and Risk Transfer Processes 105\u003c\/p\u003e \u003cp\u003eRisk Management Reviews and Corrective Action Practices 108\u003c\/p\u003e \u003cp\u003eERM Communications Approaches 112\u003c\/p\u003e \u003cp\u003eCRO and an Effective Enterprise Risk Management Function 113\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6: Importance of Strong Enterprise Governance Practices 115\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHistory and Background of Enterprise Governance: A U.S. Perspective 116\u003c\/p\u003e \u003cp\u003eEnterprise Integrity and Ethical Behavior 119\u003c\/p\u003e \u003cp\u003eDisclosure and Transparency 125\u003c\/p\u003e \u003cp\u003eRights and Equitable Treatment of Shareholders and Key Stakeholders 126\u003c\/p\u003e \u003cp\u003eGovernance Role and Responsibilities of the Board 128\u003c\/p\u003e \u003cp\u003eGovernance as a Key Element of GRC 128\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7: Enterprise Compliance Issues Today 131\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCompliance Issues Today 132\u003c\/p\u003e \u003cp\u003eEstablish a Compliance Assessment Team 133\u003c\/p\u003e \u003cp\u003eCompliance Risk Assessments and Compliance Program Reviews 136\u003c\/p\u003e \u003cp\u003eWork Unit–Level Compliance Tracking and Review Processes 138\u003c\/p\u003e \u003cp\u003eCompliance-Related Procedures and Staff Education Programs 141\u003c\/p\u003e \u003cp\u003eEnterprise Hotline Compliance and Whistleblower Support 142\u003c\/p\u003e \u003cp\u003eAssessing the Overall Enterprise Compliance Program 144\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8: Integrating ERM with COSO Internal Controls 147\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCOSO Internal Controls Background and Earlier Legislation 147\u003c\/p\u003e \u003cp\u003eEfforts Leading to the Treadway Commission 151\u003c\/p\u003e \u003cp\u003eCOSO Internal Controls Framework 156\u003c\/p\u003e \u003cp\u003eCOSO Internal Controls and COSO ERM: Compared 174\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9: Sarbanes-Oxley and Enterprise Risk Management Concerns 177\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSarbanes-Oxley Act Background 177\u003c\/p\u003e \u003cp\u003eSOx Legislation Overview 179\u003c\/p\u003e \u003cp\u003eEnterprise Risk Management and SOx Section 404 Reviews 193\u003c\/p\u003e \u003cp\u003eInternal Controls Reporting and Materiality 198\u003c\/p\u003e \u003cp\u003ePCAOB Risk-Based Auditing Standards 199\u003c\/p\u003e \u003cp\u003eSarbanes-Oxley: The Other Sections 200\u003c\/p\u003e \u003cp\u003eSOx and COSO ERM 201\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10: Corporate Culture and Risk Portfolio Management 203\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWhistleblower and Hotline Functions 204\u003c\/p\u003e \u003cp\u003eRisk Portfolio Management 208\u003c\/p\u003e \u003cp\u003eIntegrated Enterprise-Wide Risk Management 211\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 11: OCEG Capability Model GRC Standards 215\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eGRC Capability Model “Red Book” 215\u003c\/p\u003e \u003cp\u003eOther OCEG Materials: The “Burgundy Book” 223\u003c\/p\u003e \u003cp\u003eLevel and Scope of the OCEG Standards-Setting Authority 224\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 12: Importance of GRC Principles in the Board Room 225\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eBoard Decisions and Risk Management 226\u003c\/p\u003e \u003cp\u003eBoard Organization and Governance Rules 230\u003c\/p\u003e \u003cp\u003eCorporate Charters and the Board Committee Structure 231\u003c\/p\u003e \u003cp\u003eAudit Committees and Managing Risks 235\u003c\/p\u003e \u003cp\u003eEstablishing a Board-Level Risk Committee 238\u003c\/p\u003e \u003cp\u003eAudit and Risk Committee Coordination 244\u003c\/p\u003e \u003cp\u003eCOSO ERM and Corporate Governance 245\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 13: Role of Internal Audit in Enterprise Risk Management 247\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eInternal Audit Standards for Evaluating Risk 248\u003c\/p\u003e \u003cp\u003eCOSO ERM for More Effective Internal Audit Planning 251\u003c\/p\u003e \u003cp\u003eRisk-Based Internal Audit Findings and Recommendations 264\u003c\/p\u003e \u003cp\u003eCOSO ERM and Internal Audit 265\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 14: Understanding Project Management Risks 267\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eProject Management Process 268\u003c\/p\u003e \u003cp\u003e\u003ci\u003ePMBOK\u003c\/i\u003e_ \u003ci\u003eGuide\u003c\/i\u003e: \u003ci\u003eA Guide to the Project Management Book of Knowledge \u003c\/i\u003e269\u003c\/p\u003e \u003cp\u003e\u003ci\u003ePMBOK\u003c\/i\u003e_ \u003ci\u003eGuide\u003c\/i\u003e’s Project Manager Risk Management Approach 272\u003c\/p\u003e \u003cp\u003eProject-Related Risks: What Can Go Wrong 282\u003c\/p\u003e \u003cp\u003eImplementing ERM for Project Managers 285\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 15: Information Technology and Enterprise Risk Management 291\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eIT and the COSO ERM Framework 292\u003c\/p\u003e \u003cp\u003eIT Application Systems Risks 294\u003c\/p\u003e \u003cp\u003eEffective IT Continuity Planning 302\u003c\/p\u003e \u003cp\u003eWorms, Viruses, and System Network Risks 307\u003c\/p\u003e \u003cp\u003eIT and Effective ERM Processes 309\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 16: Establishing an Effective GRC Culture throughout the Enterprise 311\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eFirst Steps to Establishing a GRC Culture: An Example 312\u003c\/p\u003e \u003cp\u003ePromoting the Concept of Enterprise Risk 314\u003c\/p\u003e \u003cp\u003eEstablishing of Enterprise-Wide Governance Awareness 319\u003c\/p\u003e \u003cp\u003eEnterprise Codes of Conduct 323\u003c\/p\u003e \u003cp\u003eBuilding a GRC Culture: Risk, Governance, and Compliance Education Programs 326\u003c\/p\u003e \u003cp\u003eKeeping the GRC Culture Current 327\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 17: ISO 31000 and 38500 Risk Management Worldwide Standards 331\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eISO Standards-Setting Process 332\u003c\/p\u003e \u003cp\u003eUnderstanding ISO 31000 334\u003c\/p\u003e \u003cp\u003eISO 38500: The Corporate Governance of IT 337\u003c\/p\u003e \u003cp\u003eImplementing an ISO Standard 340\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 18: ERM and GRC Principles Going Forward 343\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eERM and GRC for the Internal Controls Professional 344\u003c\/p\u003e \u003cp\u003eCOSO’s Ongoing Support Role 347\u003c\/p\u003e \u003cp\u003eCOSO ERM and GRC Future Prospects 348\u003c\/p\u003e \u003cp\u003eAbout the Author 351\u003c\/p\u003e \u003cp\u003eIndex 353\u003c\/p\u003e  \u003cp\u003e\u003cb\u003eROBERT R. MOELLER, CPA, CISA, CISSP,\u003c\/b\u003e is an internal audit specialist and project manager with a strong understanding of business risk management, information systems, corporate governance, and security. He has over twenty-five years of experience in internal auditing, ranging from launching new internal audit functions in several companies to serving as audit director for a Fortune 50 corporation. Formerly national director of computer auditing at Grant Thornton and internal audit director at Sears Roebuck, he is the author of six books published by Wiley. He is the former president of the Institute of Internal Auditors' Chicago chapter and the former chair of the AICPA's Computer Audit Subcommittee.   \u003c\/p\u003e\u003cp\u003eGearing your organization up to develop and follow an effective risk culture, COSO \u003ci\u003eEnterprise Risk Management, Second Edition\u003c\/i\u003e presents COSO ERM as the optimal way of looking at all aspects of risk management in today's organization, equipping professionals to better understand the COSO ERM framework and make maximum use of this tool in evaluating the risks associated with all business decisions. \u003c\/p\u003e\u003cp\u003eUsing the COSO ERM framework's model and terminology, this book reveals how compliance with well-recognized and mandated standards are important for every organization and how a corporation can demonstrate that it is following best practices and is in conformity with regulatory rules. \u003c\/p\u003e\u003cp\u003eThe \u003ci\u003eSecond Edition\u003c\/i\u003e thoroughly provides the latest guidance on relevant topics including: \u003c\/p\u003e\u003cul\u003e \u003cli\u003eHow COSO ERM is an important element in enterprise governance, risk, and compliance (GRC) processes\u003c\/li\u003e \u003cli\u003eThe PCAOB's release of AS5, calling for enterprises to perform \"top-down\" risk analyses of their own internal controls\u003c\/li\u003e \u003cli\u003eISACA's recently revised COBIT (Control Objectives for Information-related Technology)\u003c\/li\u003e \u003cli\u003eRecently released standards from the Institute of Internal Auditors (IIA) specifying that internal auditors must assess risks when performing their internal audits\u003c\/li\u003e \u003cli\u003eThe AICPA's recently released Risk Assessment Standards for private companies\u003c\/li\u003e \u003cli\u003eISO 3100, a new international standard on risk management\u003c\/li\u003e \u003cli\u003eThe new Open Compliance and Ethics Group (OCEG) risk guidance\u003c\/li\u003e \u003cli\u003eInformation technology and ERM including discussion of application systems risks, effective continuity planning, and risks to systems network access including worms and viruses\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003eHelping business professionals, from staff internal auditors to corporate board members, understand risk management in general and make more effective use of the new COSO ERM risk management framework, COSO \u003ci\u003eEnterprise Risk Management, Second Edition\u003c\/i\u003e shows you how to master the various aspects of enterprise risk management—and succeed.\u003c\/p\u003e","brand":"Wiley","offers":[{"title":"Default Title","offer_id":47988996407525,"sku":"NP9780470912881","price":79.0,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9780470912881.jpg?v=1761782364","url":"https:\/\/k12savings.com\/products\/coso-enterprise-risk-management-isbn-9780470912881","provider":"K12savings","version":"1.0","type":"link"}