Read more
Informationen zum Autor ROBERT R. MOELLER, CPA, CISA, CISSP, is an internal audit specialist and project manager with a strong understanding of business risk management, information systems, corporate governance, and security. He has over twenty-five years of experience in internal auditing, ranging from launching new internal audit functions in several companies to serving as audit director for a Fortune 50 corporation. Formerly national director of computer auditing at Grant Thornton and internal audit director at Sears Roebuck, he is the author of six books published by Wiley. He is the former president of the Institute of Internal Auditors' Chicago chapter and the former chair of the AICPA's Computer Audit Subcommittee. Klappentext Gearing your organization up to develop and follow an effective risk culture, COSO Enterprise Risk Management, Second Edition presents COSO ERM as the optimal way of looking at all aspects of risk management in today's organization, equipping professionals to better understand the COSO ERM framework and make maximum use of this tool in evaluating the risks associated with all business decisions. Using the COSO ERM framework's model and terminology, this book reveals how compliance with well-recognized and mandated standards are important for every organization and how a corporation can demonstrate that it is following best practices and is in conformity with regulatory rules. The Second Edition thoroughly provides the latest guidance on relevant topics including: How COSO ERM is an important element in enterprise governance, risk, and compliance (GRC) processes The PCAOB's release of AS5, calling for enterprises to perform "top-down" risk analyses of their own internal controls ISACA's recently revised COBIT (Control Objectives for Information-related Technology) Recently released standards from the Institute of Internal Auditors (IIA) specifying that internal auditors must assess risks when performing their internal audits The AICPA's recently released Risk Assessment Standards for private companies ISO 3100, a new international standard on risk management The new Open Compliance and Ethics Group (OCEG) risk guidance Information technology and ERM including discussion of application systems risks, effective continuity planning, and risks to systems network access including worms and viruses Helping business professionals, from staff internal auditors to corporate board members, understand risk management in general and make more effective use of the new COSO ERM risk management framework, COSO Enterprise Risk Management, Second Edition shows you how to master the various aspects of enterprise risk management?and succeed. Zusammenfassung A fully updated, step-by-step guide for implementing COSO's Enterprise Risk Management COSO Enterprise Risk Management, Second Edition clearly enables organizations of all types and sizes to understand and better manage their risk environments and make better decisions through use of the COSO ERM framework. Inhaltsverzeichnis Preface xi Chapter 1: Introduction: Enterprise Risk Management Today 1 The COSO Internal Controls Framework: How Did We Get Here? 2 The COSO Internal Controls Framework 3 COSO Internal Controls: The Principal Recognized Internal Controls Standard 14 An Introduction to COSO ERM 14 Governance, Risk, and Compliance 15 Global Computer Products: Our Example Company 16 Chapter 2: Importance of Governance, Risk, and Compliance Principles 21 Road to Effective GRC Principles 22 Importance of GRC Governance 23 Risk Management Component of GRC 25 GRC and Enterprise Compliance 26 Importance of Effective GRC Practices and Principles 28 Chapter 3: Risk Management Fundamentals 31 Fundamentals: Risk Management Phases 32 Other Risk Asses...
