Skip to main content
Poole College of Management
Enterprise Risk Management Initiative

Risk Identification and Assessment

May 3, 2010

COSO Fraud Study 2010

The Committee of Sponsoring Organizations of the Treadway Commission (commonly known as COSO) has released the study, Fraudulent Financial Reporting: 1998-2007, An Analysis of U.S. Public Companies, that examines financial statement fraud allegations investigated by the U.S. Securities and Exchange Commission over a ten-year period. The study provides an in-depth analysis of the nature, extent, and characteristics of accounting frauds and provides helpful insights regarding new and ongoing issues that need to be addressed. The study examines nearly 350 alleged accounting fraud cases investigated by the SEC during the period, 1998-2007. Mark Beasley, Deloitte Professor of Enterprise Risk Management at NC State is one of the study's co-authors.

Jun 1, 2009

Internal Audit’s Role in Managing Reputation Risk

Reputational risks and corporate missteps are having more significant impacts on bottom lines and stakeholder perceptions of companies than ever before. Therefore, companies are recognizing the importance of reputational risk and placing a greater emphasis on reputational risk management. Internal audit departments can play a significant role in helping companies manage reputational risks through their advisory and monitoring efforts.

May 1, 2009

Seven Question Guide to Assessing Your Enterprise Risk Management Practices

Risk professionals should consider seven questions in evaluating risk management tools, improving risk management practices, and assessing the state of ERM in an organization. Professionals should ask these seven questions: (1) if the risk management process really assesses risk; (2) if the risk assessment is context-driven; (3) if the risk management process address root causes of failure; (4) what business performance says about risk; (5) what the organization's risks say about its controls; (6) what the organization's controls say about its risks; and (7) if the professionals and their organizations are up for the task of risk management.

Apr 15, 2009

Importance of Risk Management Mindset

Many companies that were unprepared for the current economic situation have become hesitant to make decisions regarding the future. For companies to regain confidence in making these decisions there needs to be a realization that risk management models are only as good as the decisions that are made based on the models. As a result, the risk management mindset is just as important as the model. Companies can focus on their risk management mindset by re-defining risk to include a more integrated view of risk and constructing a new "risk architecture" that incorporates information external to the company and looks at interdependencies to help make better decisions and more successfully manage their risks.

Mar 1, 2009

Ten Practical Lessons for Risk Management

Recent events have uncovered significant deficiencies in the way risks are managed at financial institutions and many other companies. Research into these deficiencies shows ten practical lessons companies can apply to address current weaknesses and strengthen risk management systems. By wielding appropriate authority, gaining support from senior management, and thoroughly examining the models and incentive systems used, risk managers can greatly improve companies' risk management systems.

Feb 1, 2009

Internal Auditors Partnership with Management

Internal auditors in the past have been used to examine how well management is performing and how well the company is operating. Now there is a need for internal auditors to work in conjunction with management to oversee risks. CHAN Healthcare Auditors realized this change in internal audit and has developed an audit process and tool that allows for a more effective approach to risk management. Even though the approach is mainly geared towards the healthcare industry, it can be used in numerous industries to determine companywide and departmental vulnerabilities.

Jan 1, 2009

Limitations of Traditional Risk Models in Forecasting Risk

The current economic crisis has upset many common assumptions about the global financial system and shaken investor confidence. While there are unique aspects to this crisis, it is important to understand that severe economic crises in general are not rare events. Traditional methods of modeling risk often fail to reflect the frequency of declines and when these declines will occur. It is important for investors to rely on more than the output from traditional risk models in assessing the potential risk associated with investments.

Oct 22, 2008

Role of Risk Managers and Continuity Planning

Risk management executives have come to the realization that a cohesive corporate risk management strategy is needed in their companies. They are becoming more involved with business continuity planning and helping with preparedness, mitigation, and recovery for operations.

Sep 1, 2008

Managing Risks for Comparative Advantage: Five Steps to Better Risk Management

This articles highlights a five-step process to help companies make changes to better their approach to risk management in response to the developments occurring in the corporate approach to risk management: 1. Identify and understand your major risks; 2. Decide which risks are natural; 3. Determine your capacity and appetite for risk; 4. Embed risk in all decisions and processes; and 5. Align governance and organization around risk.

Mar 11, 2005

ERM and Business Continuity

There is a huge debate over the roles and positioning of risk management and business continuity management within organizations. Some argue one function should be subordinate to the other. The key, however, is that the organization must determine the functional scopes of each function and communicate the appropriate relationship of the two tasks. Each organization needs to decide the appropriate mixture of these two functions.