Understanding the COSO 2017 Enterprise Risk Management Framework, Part 2: Combining Apples With Oranges

There has never been a better time to understand the linkage between cyber risks, business strategy and performance, and to ensure that at all levels of the organizations are making the best decisions possible — for both today’s world and tomorrow’s cyber earthquakes.

This past September, the Committee of Sponsoring Organizations (COSO) of the Treadway Commission issued an updated enterprise risk management (ERM) framework, titled “Enterprise Risk Management — Integrating with Strategy and Performance,” to help business leaders understand the risks their organizations face and evaluate their impact on business performance.

While the COSO ERM guidance is designed to simplify risk management at an enterprise level, organizations can derive even more value from the framework by coupling it with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), which is geared more toward day-to-day, ground-level risk management. Continue reading at SecurityIntelligence.com