Pivotal Change Needed to Take COSO’s ERM Framework from Risk to Strategic-Objective Based

Vincent Tophoff | October 12, 2016 |

The IFAC Professional Accountants in Business Committee recently submitted a response to the Committee of Sponsoring Organizations of the Treadway Commission (COSO)’s Exposure Draft of its updated integrated framework, Enterprise Risk Management—Aligning Risk with Strategy and Performance. The Framework is designed to help all organizations improve their approach to managing new and existing risks as a way to help create, preserve, sustain, and realize value.

IFAC has actively participated in the COSO Board’s Advisory Council for this update, which has allowed us to actively contribute to all stages of the update process. In that respect, we are happy to see that our views on the effective management of risk—expressed in IFAC’s recent thought paper, From Bolt-on to Built-in—are closely aligned with the intentions of the ERM Framework: “integrating enterprise risk management into an organization helps to accelerate growth and enhance performance by more closely linking strategy and objectives to both risk and opportunity.”

The biggest challenge that we encountered, however, is that the actual ERM Framework itself does not yet sufficiently live up to the intentions, or aspirations, as described in the Executive Summary. In our response, we provided many examples to demonstrate this point. For example, that the thrust of the draft is still about risk management as a separate activity, speaking predominantly in terms of identifying and managing individual risks, as opposed to an activity that’s integrated within the decision-making process.

In our opinion, the most pivotal change needed to align the ERM Framework with COSO’s intentions is to reverse the perspective from risk based to strategic-objective based: placing organizational strategy and execution at the forefront and then showing how organizations could actually integrate the management of risk into their already existing “culture, capabilities, and practices.”

Once this has taken place, the various elements of the ERM Framework will almost automatically fall into their new place: not as separate, add-on activities but as important pointers to influence the managerial processes that already exist—to enhance and improve them but not necessarily replace or increase them.

Such an approach would also correspond with the main objective of an organization, which is not to effectively manage risk nor to have effective controls, but to ensure that it makes the best decisions and achieves its strategic objectives.

We hope that our feedback, as well as that from many other interested parties (available on the COSO ERM Comments web page) helps create an updated ERM Framework that can truly support you in evaluating and improving the management of risk in your organization.

Vincent Tophoff

Senior Technical Manager

Vincent Tophoff is senior technical manager with the Professional Accountants in Business (PAIB) Committee of IFAC. Previously, he was a partner at INTE-Q Integration Management, a management accountancy consulting firm in The Netherlands and senior lecturer at the postgraduate accountancy program of the Vrije University in Amsterdam.  See more by Vincent Tophoff

Join the Conversation

To leave a comment below, login or register with IFAC.org

Thank you for your interest in our publications. These valuable works are the product of substantial time, effort and resources, which you acknowledge by accepting the following terms of use. You may not reproduce, store, transmit in any form or by any means, with the exception of non-commercial use (e.g., professional and personal reference and research work), translate, modify or create derivative works or adaptations based on such publications, or any part thereof, without the prior written permission of IFAC.

Our reproduction and translation policies, as well as our online permission request and inquiry system, are accessible on the Permissions Information web page.

For additional information, please read our website Terms of Use. ALL RIGHTS RESERVED.