Coso Enterprise Risk Management, Second Edition: Establishing Effective Governance, Risk, And Compliance Processes9780470912881pdf/txt下载_在线阅读全文

当前位置:首页 > 管理 > 英文原版书-管理 > Coso Enterprise Risk Management, Second Edition: Establishing Effective Governance, Risk, And Compliance Processes9780470912881

内容简介

　　A fully updated, step-by-step guide for implementing COSO'sEnterprise Risk Management
　　COSO Enterprise Risk Management, Second Edition clearly enablesorganizations of all types and sizes to understand and bettermanage their risk environments and make better decisions throughuse of the COSO ERM framework. The Second Edition discusses thelatest trends and pronouncements that have affected COSO ERM andexplores new topics, including the PCAOB's release of AS5; ISACA'srecently revised CobiT; and the recently released IIAStandards.
　　Offers you expert advice on how to carry out internal controlresponsibilities more efficiently
Updates you on the ins and outs of the COSO Report and itsemergence as the new platform for understanding all aspects of riskin today's organization
　　Shows you how an effective risk management program, followingCOSO ERM, can help your organization to better comply with theSarbanes-Oxley Act
　　Knowledgeably explains how to implement an effective ERMprogram

A fully updated, step-by-step guide for implementing COSO's
Enterprise Risk Management 
　　COSO Enterprise Risk Management, Second Edition clearly enables
organizations of all types and sizes to understand and better
manage their risk environments and make better decisions through
use of the COSO ERM framework. The Second Edition discusses the
latest trends and pronouncements that have affected COSO ERM and
explores new topics, including the PCAOB's release of AS5; ISACA's
recently revised CobiT; and the recently released IIA
Standards. 
　　Offers you expert advice on how to carry out internal control
responsibilities more efficiently 
Updates you on the ins and outs of the COSO Report and its
emergence as the new platform for understanding all aspects of risk
in today's organization 
　　Shows you how an effective risk management program, following
COSO ERM, can help your organization to better comply with the
Sarbanes-Oxley Act 
　　Knowledgeably explains how to implement an effective ERM
program 
　　Preparing professionals develop and follow an effective risk
culture, COSO Enterprise Risk Management, Second Edition is the
fully revised, invaluable working resource that will show you how
to identify risks, avoid pitfalls within your corporation, and keep
it moving ahead of the competition.

显示全部信息

作者简介

　　Robert R. Moeller, CPA, CISA, CISSP, is an internal audit specialist and project manager with a strong understanding of business risk management, information systems, corporate governance, and security. He has over twenty-five years of experience in internal auditing, ranging from launching new internal audit functions in several companies to serving as audit director for a Fortune 50 corporation. Formerly national director of computer auditing at Grant Thornton and internal audit director at Sears Roebuck, he is the author of six books published by Wiley. He is the former president of the Institute of Internal Auditors' Chicago chapter and the former chair of the AICPA's Computer Audit Subcommittee.

目　　录

Preface xi
Chapter 1: Introduction: Enterprise Risk Management Today
The COSO Internal Controls Framework: How Did We Get Here?
The COSO Internal Controls Framework
COSO Internal Controls: The Principal Recognized Internal ControlsStandard
An Introduction to COSO ERM
Governance, Risk, and Compliance
Global Computer Products: Our Example Company
Chapter 2: Importance of Governance, Risk, and CompliancePrinciples
Road to Effective GRC Principles
Importance of GRC Governance
Risk Management Component of GRC
GRC and Enterprise Compliance
Importance of Effective GRC Practices and Principles

Preface xi 
Chapter 1: Introduction: Enterprise Risk Management Today 
The COSO Internal Controls Framework: How Did We Get Here? 
The COSO Internal Controls Framework 
COSO Internal Controls: The Principal Recognized Internal Controls
Standard 
An Introduction to COSO ERM 
Governance, Risk, and Compliance 
Global Computer Products: Our Example Company 
Chapter 2: Importance of Governance, Risk, and Compliance
Principles 
Road to Effective GRC Principles 
Importance of GRC Governance 
Risk Management Component of GRC 
GRC and Enterprise Compliance 
Importance of Effective GRC Practices and Principles 
Chapter 3: Risk Management Fundamentals 
Fundamentals: Risk Management Phases 
Other Risk Assessment Techniques 
Chapter 4: COSO ERM Framework 
ERM Definitions and Objectives: A Portfolio View of Risk 
COSO ERM Framework Model 
Other Dimensions of the ERM Framework 
Chapter 5: Implementing ERM in the Enterprise 
Roles and Responsibilities of an Enterprise Risk Management
Function 
Risk Management Policies, Standards, and Strategies 
Business, IT, and Risk Transfer Processes 
Risk Management Reviews and Corrective Action Practices 
ERM Communications Approaches 
CRO and an Effective Enterprise Risk Management Function 
Chapter 6: Importance of Strong Enterprise Governance
Practices 
History and Background of Enterprise Governance: A U.S.
Perspective 
Enterprise Integrity and Ethical Behavior 
Disclosure and Transparency 
Rights and Equitable Treatment of Shareholders and Key
Stakeholders 
Governance Role and Responsibilities of the Board 
Governance as a Key Element of GRC 
Chapter 7: Enterprise Compliance Issues Today 
Compliance Issues Today 
Establish a Compliance Assessment Team 
Compliance Risk Assessments and Compliance Program Reviews 
Work Unit–Level Compliance Tracking and Review Processes 
Compliance-Related Procedures and Staff Education Programs 
Enterprise Hotline Compliance and Whistleblower Support 
Assessing the Overall Enterprise Compliance Program 
Chapter 8: Integrating ERM with COSO Internal Controls 
COSO Internal Controls Background and Earlier Legislation 
Efforts Leading to the Treadway Commission 
COSO Internal Controls Framework 
COSO Internal Controls and COSO ERM: Compared 
Chapter 9: Sarbanes-Oxley and Enterprise Risk Management
Concerns 
Sarbanes-Oxley Act Background 
SOx Legislation Overview 
Enterprise Risk Management and SOx Section 404 Reviews 
Internal Controls Reporting and Materiality 
PCAOB Risk-Based Auditing Standards 
Sarbanes-Oxley: The Other Sections 
SOx and COSO ERM 
Chapter 10: Corporate Culture and Risk Portfolio Management 
Whistleblower and Hotline Functions 
Risk Portfolio Management 
Integrated Enterprise-Wide Risk Management 
Chapter 11: OCEG Capability Model GRC Standards 
GRC Capability Model ‘‘Red Book’’ 
Other OCEG Materials: The ‘‘Burgundy Book’’ 
Level and Scope of the OCEG Standards-Setting Authority 
Chapter 12: Importance of GRC Principles in the Board Room 
Board Decisions and Risk Management 
Board Organization and Governance Rules 
Corporate Charters and the Board Committee Structure 
Audit Committees and Managing Risks 
Establishing a Board-Level Risk Committee 
Audit and Risk Committee Coordination 
COSO ERM and Corporate Governance 
Chapter 13: Role of Internal Audit in Enterprise Risk
Management 
Internal Audit Standards for Evaluating Risk 
COSO ERM for More Effective Internal Audit Planning 
Risk-Based Internal Audit Findings and Recommendations 
COSO ERM and Internal Audit 
Chapter 14: Understanding Project Management Risks 
Project Management Process 
PMBOK1 Guide: A Guide to the Project Management Book of
Knowledge 
PMBOK1 Guide’s Project Manager Risk Management Approach 
Project-Related Risks: What Can Go Wrong 
Implementing ERM for Project Managers 
Chapter 15: Information Technology and Enterprise 
Risk Management 
IT and the COSO ERM Framework 
IT Application Systems Risks 
Effective IT Continuity Planning 
Worms, Viruses, and System Network Risks 
IT and Effective ERM Processes 
Chapter 16: Establishing an Effective GRC Culture 
throughout the Enterprise 
First Steps to Establishing a GRC Culture: An Example 
Promoting the Concept of Enterprise Risk 
Establishing of Enterprise-Wide Governance Awareness 
Enterprise Codes of Conduct 
Building a GRC Culture: Risk, Governance, and Compliance Education
Programs 
Keeping the GRC Culture Current 
Chapter 17: ISO 31000 and 38500 Risk Management Worldwide
Standards 
ISO Standards-Setting Process 
Understanding ISO 31000 
ISO 38500: The Corporate Governance of IT 
Implementing an ISO Standard 
Chapter 18: ERM and GRC Principles Going Forward 
ERM and GRC for the Internal Controls Professional 
COSO’s Ongoing Support Role 
COSO ERM and GRC Future Prospects 
About the Author 
Index

显示全部信息

Coso Enterprise Risk Management, Second Edition: Establishing Effective Governance, Risk, And Compliance Processes9780470912881下载

Coso Enterprise Risk Management, Second Edition: Establishing Effective Governance, Risk, And Compliance Processes9780470912881

发布书评

相关图书推荐