Enterprise Risk Management Feed

enterprise risk management

Enterprise Risk Management is a risk-based approach to managing an enterprise, integrating concepts of internal control, the Sarbanes–Oxley Act and strategic planning. The AICPA provides information, tools and resources on enterprise risk management for its members to add value to their company and their clients.










What We’ve Uncovered… About the Risk Assessment Standards

When performing peer reviews, reviewers document the areas in which firms struggle to comply with professional standards. The AICPA Peer Review Team compiles and periodically communicates these common areas of noncompliance so that other firms won’t make the same mistakes. This is just one of the many ways in which peer review benefits the profession.

Over the past few months, peer reviewers have reported that firms failed to properly assess risk and properly document IT risk assessments. Some of the most common areas of noncompliance with the risk assessment standards are listed below, along with some advice to help your firm prevent the same mistakes.

Continue reading "What We’ve Uncovered… About the Risk Assessment Standards" »

Innovation through Sustainability: It’s as Simple as Soda Pop

Sustainable-innovationCall it what you will: pop, soda, Coke, Pepsi, Cheerwine, bubbly juice… countless Americans have an insatiable thirst for carbonated drinks, but we all know the costs of consuming a lot of soda over time can add up and it’s often bad for us. Plus, the discarded cans and bottles take a heavy toll on the environment, piling up in landfills across the world.

Enter SodaStream, an appliance you can use to make carbonated drinks straight from the faucet. SodaStream International Ltd., the product’s manufacturer, has a completely sustainable business model featuring reusable bottles that can last one year or more, rechargeable CO2 canisters and any number of flavored syrups to liven up your drink. The result: landfills are spared more than 1,000 plastic bottles per consumer every year, customers reuse system components, and this savvy company gains major profits and a well-earned reputation for being innovative and environmentally conscious. Over the past few years the company has also achieved remarkable growth, increasing revenue by 51% and net income by nearly 60% from 2011 to 2012. What CFO wouldn’t be impressed with that?

Continue reading "Innovation through Sustainability: It’s as Simple as Soda Pop" »

Technology Risks and Rewards: A Balancing Act

Smartphone or data riskThe AICPA has long recognized the impact that technology has on the accounting profession. In fact, for over two decades, we’ve been reaching out to members and key stakeholders to better understand how it can be effectively harnessed through our Top Technology Initiatives Survey.

Back in the early 1990s when the survey debuted, the technologies we take for granted today would have been impossible to fathom. In an era when only early adopters had digital answering machines, the idea of a personal computer, which could obtain almost any piece of information in the world was beyond most people’s comprehension. Now, we carry these devices around in our pockets, take pictures with them and call them phones.

Continue reading "Technology Risks and Rewards: A Balancing Act" »

The Watchful CPA: Risks of Theft and Fraud

Audit detecting fraud theftAudit claims alleging failure to detect theft and fraud are not new.  However, their frequency and severity are increasing dramatically.  Between 2008 and 2010, the percentage of audit claims alleging failure to detect fraud and theft more than doubled, from 30 percent to nearly two-thirds of all audit claims.  Equally alarming, many claims arising from tax, bookkeeping, compilation and review engagements now include similar allegations.  By 2010, among all claims alleging failure to detect theft and fraud, 24 percent emanated from tax services, 17 percent from compilation and review services, 11 percent from accounting and other services, and 4 percent from investment advisory services. The remaining claims involved audits.

Continue reading "The Watchful CPA: Risks of Theft and Fraud" »

Internal Control - Integrated Framework - 20 Years Later

Almost 20 years ago, the Committee of Sponsoring Organizations of the Treadway Commission (COSO), of which the AICPA is a member, produced the landmark Internal Control – Integrated Framework. With this published framework, COSO, an organization providing thought leadership and guidance on internal control, enterprise risk management and fraud deterrence, established a common internal control model against which companies and organizations may develop and assess their control systems. It became the world’s most widely used internal control framework.

But a lot has happened since 1992, such as the Internet! With advances in technology and business operations, the time was right for the framework to be updated so it could remain relevant and useful. In November 2010, COSO announced such a project. An online survey in January 2011 gleaned input from a broad audience. Last month COSO released the proposed updated Internal Control – Integrated Framework Exposure Draft to obtain input from the users of the framework and the general public. As a member of COSO, the AICPA has a representative on the COSO Board and a representative on the project’s Advisory Council.

Continue reading "Internal Control - Integrated Framework - 20 Years Later" »

What’s a Significant Business Risk? Not Discussing Risk

Rebekah Brooks arrested; murdoch in trouble 

No matter where you turn lately, the headlines have been focused on the situation surrounding News Corporation’s News of the World. The tabloid closed its doors recently in the wake of a massive voice mail hacking scandal. What’s interesting to me about this story is that a 168 year-old business fell because staff (and whomever else was in the know) was willing to subordinate their judgment and professional ethics in the interest of gaining a competitive edge to meet organizational goals.

It’s an extraordinary case, but for me it poses some important questions: to what lengths is my staff willing to go to move the business forward? What message does our board and management team communicate about our ethical commitment and the risks we are willing—and not willing—to take? What are we doing to make sure we don’t end up in a situation like that of the News of the World?

Continue reading "What’s a Significant Business Risk? Not Discussing Risk" »


Subscribe in a reader

Enter your Email: