High-level guidance for implementing enterprise risk management
in any organization

A Practical Guide to Risk Management shows organizations how to
implement an effective ERM solution, starting with senior
management and risk and compliance professionals working together
to categorize and assess risks throughout the enterprise. Detailed
guidance is provided on the key risk categories, including
financial, operational, reputational, and strategic areas, along
with practical tips on how to handle risks that overlap across
categories.

* Provides high-level guidance on how to implement enterprise
risk management across any organization

* Includes discussion of the latest trends and best
practices

* Features the role of IT in ERM and the tools that are available
in both assessment and on-going compliance

* Discusses the key challenges that need to be overcome for a
successful ERM initiative

Walking readers through the creation of ERM architecture and
setting up on-going monitoring and assessement processes, this is
an essential book for every CFO, controller and IT manager.

ANNE M. MARCHETTI has twenty-five years of finance and accounting experience in both private industry and public accounting. She is a Sarbanes-Oxley subject matter expert focused on the design, implementation, analysis, and optimization of internal control systems and corporate governance programs. Ms. Marchetti has worked globally with both public and private entities in most industries as well as organizations of all sizes. She regularly interacts with Big Four, middle market, and local external audit firms as a liaison on behalf of these organizations. She is a member of the AICPA faculty and is the author of Beyond Sarbanes-Oxley Compliance: Effective Enterprise Risk Management and Sarbanes-Oxley Ongoing Compliance Guide, both published by Wiley.

Klappentext

Although Enterprise Risk Management (ERM) is a top concern for organizations of all types across the globe, the process of implementing ERM often overwhelms business leaders, who fear they don't have the time, money, experience, or resources to develop and sustain what they perceive to be a daunting project. Written to demystify the entire ERM process, Enterprise Risk Management Best Practices shows you how to easily and painlessly implement and maintain a practical, cost-effective ERM plan in any organization, regardless of its size, finances, or resources.

Author Anne Marchetti—a Sarbanes-Oxley expert and thought leader on the subject—provides step-by-step guidance complemented by simplified explanations of related concepts in a handy, reader-friendly guide. Enterprise Risk Management Best Practices begins by explaining how ERM initiative must begin from the top, with senior management and risk and compliance professionals working together to categorize and assess risks throughout the enterprise. Marchetti then provides detailed coverage on the key risk categories of concern—financial, operational, reputational, and strategic—along with practical tips on how to handle risks that overlap across categories. Enterprise Risk Management Best Practices proceeds to walk you through the entire process of crafting ERM architectures and setting up ongoing monitoring and assessment processes.

A must-read for CFOs, controllers, finance executives, auditors, IT managers, and consultants who want to curtail surprises and losses as well as capitalize on business opportunities, Enterprise Risk Management Best Practices delves deeply into:

• The value and benefits of ERM
• Corporate governance: roles and responsibilities
• The role of IT in ERM
• The ERM process, step by step
• COSO framework
• Financial reporting competencies
• Whistleblower programs
• Financial reporting objectives and risk
• Moving beyond and reevaluating initial compliance
• Available tools in assessment and ongoing compliance
• Key challenges you may face along the way
• Best practices for a successful ERM initiative
• International financial reporting standards
• Key elements of an effective IFRS implementation
• Cost minimization and control optimization insights and strategies

Even a minimal investment in risk assessment and risk management can improve efficiency and reduce losses in your organization. Let Enterprise Risk Management Best Practices guide you through a successful ERM program tailored to suit your company's unique needs.

Zusammenfassung
High-level guidance for implementing enterprise risk management in any organization

A Practical Guide to Risk Management shows organizations how to implement an effective ERM solution, starting with senior management and risk and compliance professionals working together to categorize and assess risks throughout the enterprise. Detailed guidance is provided on the key risk categories, including financial, operational, reputational, and strategic areas, along with practical tips on how to handle risks that overlap across categories.

• Provides high-level guidance on how to implement enterprise risk management across any organization
• Includes discussion of the latest trends and best practices
• Features the role of IT in ERM and the tools that are available in both assessment and on-going compliance
• Discusses the key challenges that need to be overcome for a successful ERM initiative

Walking readers through the creation of ERM architecture and setting up on-going monitoring and assessement processes, this is an essential book for every CFO, controller and IT manager.

Preface xi

Chapter 1: Overview of Enterprise Risk Management 1

ERM Introduction 1

Guidance: History and Relationship 3

Organization View 5

ERM Today 7

Increased Pressure to Manage Risk 9

Additional evidence 10

Perceived Barriers to Risk Management 11

Building the Business Case for ERM: Value and Benefi ts 11

Keys to Success 13

Summary 15

Notes 16

Chapter 2: Corporate Governance and Roles and Responsibilities 17

Board Behavior 18

Corporate Culture 19

Roles and Responsibilities 20

Summary 23

Chapter 3: ERM Defined 25

Definitions and Concepts 28

Risk Categories 30

Internal Environment 31

Summary 34

note 34

Chapter 4: The ERM Process Step by Step 35

Step 1 Strategy and Objective Definition 36

Step 2 Event Identification 38

Step 3 Risk Assessment 40

Step 4 Risk Response 41

Step 5 Communication 45

Step 6 Monitoring 46

Oversight 47

Summary 47

Notes 48

Chapter 5: COSO Framework and Financial Controls 49

Focus on Financial Controls 49

Control Environment 52

Integrity and Ethical Values 53

Board of Directors 55

Management's Philosophy and Operating Style 57

Organizational Structure 57

Financial Reporting Competencies 58

Authority and Responsibility 59

Human Resources 60

Summary 61

Notes 62

Appendix 5A: Excerpt from a Code of Ethics Policy 63

Our Guiding Principles and Values 64

Conflicts of Interest 64

Confidential Information; Intellectual Property 65

Appendix 5B: Whistleblower Program 67

Reports Regarding Accounting Matters 67

Investigation of Suspected Violations 68

Discipline for Violations 68

Appendix 5C: Approval Policy and Procedures 69

Policy 69

Purpose 69

Scope 69

Approva…