Explore the positive side of risk
In many organisations, risk is an important, but largely supportive, function focused on well-defined risks, such as financial, operational, and cyber risk, yet rarely integrated with the core business. This can result in a risk mitigation culture that’s seen as separate from the core business needs for growth and innovation.
But risk management done right is tightly embedded in management’s core business processes, where identifying and managing strategic risks are an integral part of strategy setting and execution. This level of integration can help your organisation more effectively achieve intended business objectives and get better value from its Enterprise Risk Management (ERM) program.
Deloitte’s Risk Advisory team helps clients to implement sound risk management practices and embed a risk aware culture to drive good customer outcomes, sound business performance and limit potential misconduct.
Deloitte’s Risk Advisory team can help answer the following questions:
On May 14, 2013, the Committee of Sponsoring Organisations of the Treadway Commission (COSO) released an updated version of its Internal Control — Integrated Framework (the “2013 Framework”).
Originally issued in 1992, COSO’s Internal Control — Integrated Framework (the “1992 Framework”) became one of the most widely accepted internal control frameworks in the world. COSO’s primary objective in updating and enhancing the framework is to address the significant changes to business and operating environments that have taken place over the past 20 years.
The 2013 Framework creates a more formal structure for designing and evaluating the effectiveness of internal control by:
Using principles to describe the components of internal control — The 2013 Framework contains 17 principles that explain the concepts associated with the five components of the COSO Framework:
In addition, the 2013 Framework outlines a more formal way of designing and evaluating internal control in accordance with the principles.
We work with organisations to enhance the effectiveness, quality and implementation of their internal control framework. Our services include:
Gap Assessment
Assess the company’s readiness to demonstrate compliance with the COSO II internal control framework. Key activities may include:
Risk Assessment, Quality of Information, and Monitoring
Activities
Provide advice and recommendations on the following key topics/concepts emphasised in the revised Framework:
Opens in new window