COSO enterprise risk management : establishing effective governance, risk, and compliance processes /

"Using the COSO ERM (Committee of Sponsoring Organizations Enterprise Risk Management) framework's model, this book discusses the importance of understanding the various risks facing the many aspects of business operations. It will help professionals develop and follow an effective risk culture. In addition, it shows how compliance with well-recognized and mandated standards are important for every organization as well as shows how a corporation can demonstrate that it is following best practices and is in conformity with regulatory rules.New topics to be discussed include: (a) the PCAOB's (Public Company Accounting Oversight Board's) release of AS5, which calls for enterprises to perform "top down" risk analyses of their own internal controls, as a major step to SOx compliance; (b) ISACA's (Information Systems Audit and Control Association) recently revised CobiT (Control Objectives for Information related Technology) with a major emphasis on understanding risk when evaluating and assessing IT and enterprise internal controls. This book will discuss the importance of understanding risks when using CobiT; (c) the Institute of Internal Auditors (IIA) Standards recently released specify that internal auditors must assess risks when performing their internal audits; (d) ISO 3100, a standard on risk management, will be introduced; and (e) the AICPA's recently released Risk Assessment Standards for private companies"--Provided by publisher