Understanding the COSO 2017 Enterprise Risk Management Framework, Part 1: An Introduction

On a more serious note, the COSO ERM also underscores the relationship between risk and value. It elevates the discussion of strategy and risk, looking at the possibility that strategy and business objectives are not in strong alignment with the organizational mission, vision and values. It allows for deep insight into the implications of the various strategies that management is contemplating and the risks that stem from executing a chosen strategy.

If oversight of cyber risks was trivial, it wouldn’t be an issue anymore. But it is still an issue because cyber risks are a business concern, and making smart business decisions is a nontrivial issue.

In September 2017, the Committee of Sponsoring Organizations (COSO) of the Treadway Commission issued an updated enterprise risk management (ERM) framework, titled “Enterprise Risk Management — Integrating with Strategy and Performance,” to help business leaders understand and prioritize the risks their organizations face and measure how these risks impact business performance. Continue reading at SecurityIntelligence.com