In the wake of high-profile corporate scandals and subsequent regulatory legislation, reporting internal controls has become a requirement. These requirements have led to organizations viewing risk management as an area of vital importance. Best practice organizations have for years looked to the Committee of Sponsoring Organizations of the Treadway's (COSO) Internal Control Integrated Framework as the standard to build a solid system of internal controls (Managing Risk, 2003). Formed in 1985, COSO is a voluntary and independent private sector organization that sponsored the National Commission of Financial Reporting. The National Commission was made up of various industry representatives who studied the underlying causes that lead to fraudulent financial reporting. The committee developed recommendations for public companies, independent auditors, regulators, and educational organizations, which are designed to improve "the quality of financial reporting through business ethics, effective internal controls, and corporate governance"(COSO, n.d., 1). Recognizing the need for organizations to evaluate risk management efforts, COSCO developed a framework for Enterprise Risk Management (ERM) that Morrison Management Specialists and other companies can use to establish strong internal controls.
Enterprise Risk Management
ERM is a controlled approach to help management identify and manage uncertainties and reach certain risk objectives. COSO's ERM framework concentrates on the development of a strategy that includes the importance of a risk and internal control "consciousness" throughout an organization. COSO's framework introduces eight key principles for ERM: "internal environment; objective setting; event identification; risk assessment; risk response; control ...