Identifying and responding to risk is a challenging job, since new threats are constantly emerging and old ones can change or unexpectedly reappear. When the Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its comprehensive Enterprise Risk Management: Integrated Framework in 2004, it provided a valuable tool for dealing with organizational threats. In the ensuing years, organizational approaches to risk have advanced and matured, and the nature of risk has steadily evolved.
In response, COSO has released an updated framework to better address the current environment. The new document, Enterprise Risk Management: Integrating with Strategy and Performance, is focused on ensuring that enterprise risk management (ERM) is not simply an agenda item, but something that’s embedded in an organization’s strategic decision making. The new framework is intended to drive changes in setting and implementing organizational strategy in several ways.