COSO Enterprise Risk Management: Establishing Effective Governance, Risk, and Compliance Processes

Front Cover
John Wiley & Sons, Jul 26, 2011 - Business & Economics - 384 pages
A fully updated, step-by-step guide for implementing COSO's Enterprise Risk Management

COSO Enterprise Risk Management, Second Edition clearly enables organizations of all types and sizes to understand and better manage their risk environments and make better decisions through use of the COSO ERM framework. The Second Edition discusses the latest trends and pronouncements that have affected COSO ERM and explores new topics, including the PCAOB's release of AS5; ISACA's recently revised CobiT; and the recently released IIA Standards.

  • Offers you expert advice on how to carry out internal control responsibilities more efficiently
  • Updates you on the ins and outs of the COSO Report and its emergence as the new platform for understanding all aspects of risk in today's organization
  • Shows you how an effective risk management program, following COSO ERM, can help your organization to better comply with the Sarbanes-Oxley Act
  • Knowledgeably explains how to implement an effective ERM program

Preparing professionals develop and follow an effective risk culture, COSO Enterprise Risk Management, Second Edition is the fully revised, invaluable working resource that will show you how to identify risks, avoid pitfalls within your corporation, and keep it moving ahead of the competition.


What people are saying - Write a review

We haven't found any reviews in the usual places.


Introduction Enterprise Risk Management Today
Our Example Company
Risk Management Fundamentals
COSO ERM Framework
Other Dimensions of the ERM Framework
Importance of Strong Enterprise Governance Practices
Enterprise Compliance Issues Today
Integrating ERM with COSO Internal Controls
OCEG Capability Model GRC Standards
Importance of GRC Principles in the Board Room
Role of Internal Audit in Enterprise Risk Management
Understanding Project Management Risks
Information Technology and Enterprise Risk
Establishing an Effective GRC Culture throughout
ISO 31000 and 38500 Risk Management Worldwide
ERM and GRC Principles Going Forward

SarbanesOxley and Enterprise Risk Management
Enterprise Risk Management and SOx Section 404 Reviews
The Other Sections
About the Author

Other editions - View all

Common terms and phrases

About the author (2011)

Robert R. Moeller, CPA, CISA, CISSP, is an internal audit specialist and project manager with a strong understanding of business risk management, information systems, corporate governance, and security. He has over twenty-five years of experience in internal auditing, ranging from launching new internal audit functions in several companies to serving as audit director for a Fortune 50 corporation. Formerly national director of computer auditing at Grant Thornton and internal audit director at Sears Roebuck, he is the author of six books published by Wiley. He is the former president of the Institute of Internal Auditors' Chicago chapter and the former chair of the AICPA's Computer Audit Subcommittee.

Bibliographic information