COSO Enterprise Risk Management - (Wiley Corporate F&a) 2nd Edition by Robert R Moeller (Hardcover)

About the Book

"Using the COSO ERM (Committee of Sponsoring Organizations Enterprise Risk Management) framework's model, this book discusses the importance of understanding the various risks facing the many aspects of business operations. It will help professionals develop and follow an effective risk culture. In addition, it shows how compliance with well-recognized and mandated standards are important for every organization as well as shows how a corporation can demonstrate that it is following best practices and is in conformity with regulatory rules.New topics to be discussed include: (a) the PCAOB's (Public Company Accounting Oversight Board's) release of AS5, which calls for enterprises to perform "top down" risk analyses of their own internal controls, as a major step to SOx compliance; (b) ISACA's (Information Systems Audit and Control Association) recently revised CobiT (Control Objectives for Information related Technology) with a major emphasis on understanding risk when evaluating and assessing IT and enterprise internal controls. This book will discuss the importance of understanding risks when using CobiT; (c) the Institute of Internal Auditors (IIA) Standards recently released specify that internal auditors must assess risks when performing their internal audits; (d) ISO 3100, a standard on risk management, will be introduced; and (e) the AICPA's recently released Risk Assessment Standards for private companies"--Provided by publisher.

Book Synopsis

A fully updated, step-by-step guide for implementing COSO's Enterprise Risk Management

COSO Enterprise Risk Management, Second Edition clearly enables organizations of all types and sizes to understand and better manage their risk environments and make better decisions through use of the COSO ERM framework. The Second Edition discusses the latest trends and pronouncements that have affected COSO ERM and explores new topics, including the PCAOB's release of AS5; ISACA's recently revised CobiT; and the recently released IIA Standards.

• Offers you expert advice on how to carry out internal control responsibilities more efficiently
• Updates you on the ins and outs of the COSO Report and its emergence as the new platform for understanding all aspects of risk in today's organization
• Shows you how an effective risk management program, following COSO ERM, can help your organization to better comply with the Sarbanes-Oxley Act
• Knowledgeably explains how to implement an effective ERM program

Preparing professionals develop and follow an effective risk culture, COSO Enterprise Risk Management, Second Edition is the fully revised, invaluable working resource that will show you how to identify risks, avoid pitfalls within your corporation, and keep it moving ahead of the competition.

From the Back Cover

Gearing your organization up to develop and follow an effective risk culture, COSO Enterprise Risk Management, Second Edition presents COSO ERM as the optimal way of looking at all aspects of risk management in today's organization, equipping professionals to better understand the COSO ERM framework and make maximum use of this tool in evaluating the risks associated with all business decisions.

Using the COSO ERM framework's model and terminology, this book reveals how compliance with well-recognized and mandated standards are important for every organization and how a corporation can demonstrate that it is following best practices and is in conformity with regulatory rules.

The Second Edition thoroughly provides the latest guidance on relevant topics including:

• How COSO ERM is an important element in enterprise governance, risk, and compliance (GRC) processes
• The PCAOB's release of AS5, calling for enterprises to perform "top-down" risk analyses of their own internal controls
• ISACA's recently revised COBIT (Control Objectives for Information-related Technology)
• Recently released standards from the Institute of Internal Auditors (IIA) specifying that internal auditors must assess risks when performing their internal audits
• The AICPA's recently released Risk Assessment Standards for private companies
• ISO 3100, a new international standard on risk management
• The new Open Compliance and Ethics Group (OCEG) risk guidance
• Information technology and ERM including discussion of application systems risks, effective continuity planning, and risks to systems network access including worms and viruses

Helping business professionals, from staff internal auditors to corporate board members, understand risk management in general and make more effective use of the new COSO ERM risk management framework, COSO Enterprise Risk Management, Second Edition shows you how to master the various aspects of enterprise risk management--and succeed.

About the Author

ROBERT R. MOELLER, CPA, CISA, CISSP, is an internal audit specialist and project manager with a strong understanding of business risk management, information systems, corporate governance, and security. He has over twenty-five years of experience in internal auditing, ranging from launching new internal audit functions in several companies to serving as audit director for a Fortune 50 corporation. Formerly national director of computer auditing at Grant Thornton and internal audit director at Sears Roebuck, he is the author of six books published by Wiley. He is the former president of the Institute of Internal Auditors' Chicago chapter and the former chair of the AICPA's Computer Audit Subcommittee.