Skip to main content
Poole College of Management
Enterprise Risk Management Initiative
Top of Page

ERM Frameworks and Best Practices

Jun 26, 2018

The Relationship between Internal Controls, ERM, and the Business Model

COSO's Improving Organizational Performance and Governance discusses how COSO's Internal Control Integrated Framework and COSO's ERM Integrated Framework relate to the standard business model. The frameworks can contribute to an organization's long-term success. The key takeaway is that good risk management and internal control are necessary for the long term success of all organizations. Improving organizational performance and governance will support this goal.

Jun 26, 2018

The Age of Cloud Computing

Cloud computing delivers benefits like cost savings and scalability but also introduces new risks. Using COSO’s ERM framework, companies can identify and mitigate risks such as lack of transparency, security concerns, and vendor lock-in.

Jun 26, 2018

COSO’s Take on the Three Lines of Defense

As risks begin to threaten the achievement of company objectives, senior management must determine the appropriate way to respond. Responsibilities and duties must be clearly identified so individuals are aware of their roles in addressing these risks and controls. COSO developed the three lines of defense model that addresses how specific duties related to risks and controls could be assigned and coordinated within the organization to alleviate the threat. Ultimately, the model is designed to ensure individuals within each line of defense are aware of their full responsibilities and how these responsibilities fit into the organization's overall risk and control structure.

Jun 26, 2018

COSO Releases Examples of Framework Applications

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has released an important supplement to its 2017 Enterprise Risk Management – Integrating with Strategy and Performance. This compendium to the 2017 framework includes detailed examples for applying principles from the updated ERM Framework to day-to-day practices. The compendium of examples recognizes the connection between ERM and strategic setting and organizational performance and includes examples across a wide range of industries. Each illustration in the compendium was developed from industry practices identified through extensive research, including interviews and case studies.

Jun 21, 2018

Conducting Scenario Planning Workshops

Learn from IBM’s Claudio Martinez de la Vega about scenario planning workshops, with step-by-step guidance on pre-planning, facilitation, and capturing insights to strengthen ERM processes.

Apr 24, 2018

Strategies for Designing a Lasting ERM Process: A Case Study

Discover strategies for sustaining an effective ERM process over time. NC State’s thought paper highlights six real-life case studies offering key insights for boards and senior executives.

Mar 20, 2018

2018 The State of Risk Oversight: An Overview of Enterprise Risk Management Practices

2018 The State of Risk Oversight: An Overview of Enterprise Risk Management Practices (9th Edition)

Nov 27, 2017

Where are You on the Risk Management Journey?

Discover how LEADERS are applying structured risk management to enhance regulatory compliance, shareholder confidence, and strategic risk assessment. Learn about effective risk management processes and organizational levels involved in ERM.

Sep 11, 2017

COSO Revises Its ERM Framework

COSO's 2017 Updated ERM Framework Guidance

Jul 25, 2017

Today’s Risk Management Challenges: It’s a Small World After All

   In late June, I spoke at a conference in Italy focused on risk management and organizational change.  Those in attendance included both business professionals and academics interested in understanding…