Enterprise Risk Management and COSO: A Guide for Directors, Executives and Practitioners

Front Cover
John Wiley & Sons, Nov 13, 2009 - Business & Economics - 288 pages
Praise for Enterprise Risk Management and COSO: A Guide for Directors, Executives, and Practitioners

"Enterprise Risk Management and COSO is a comprehensive reference book that presents core management of risk tools in a helpful and organized
way. If you are an internal auditor who is interested in risk management, exploring this book is one of the best ways to gain an understanding of enterprise risk management issues."
Naly de Carvalho, FSA Times

"This book represents a unique guide on how to manage many of the critical components that constitute an organization's corporate defense program."
Sean Lyons, Corporate Defense Management (CDM) professional

"This book provides a comprehensive analysis of enterprise risk management and is invaluable to anyone working in the risk management arena. It provides excellent information regarding the COSO framework, control components, control environment, and quantitative risk assessment methodologies. It is a great piece of work."
J. Richard Claywell, CPA, ABV, CVA, CM&AA, CFFA, CFD

"As digital information continues its exponential growth and more systems become interconnected, the demand and need for proper risk management will continue to increase. I found the book to be very informative, eye-opening, and very pragmatic with an approach to risk management that will not only add value to all boards who are maturing and growing this capability, but also will provide them with competitive advantage in this important area of focus."
David Olivencia, President, Hispanic IT Executive Council

Optimally manage your company's risks, even in the worst of economic conditions.

There has never been a stronger need for sound risk management than now. Today's organizations are expected to manage a variety of risks that were unthinkable a decade ago. Insightful and compelling, Enterprise Risk Management and COSO reveals how to:

  • Successfully incorporate enterprise risk management into your organization's culture

  • Foster an environment that rewards open discussion of risks rather than concealment of them

  • Quantitatively model risks and effectiveness of internal controls

  • Best discern where risk management resources should be dedicated to minimize occurrence of risk-based events

  • Test predictive models through empirical data

 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

An Introduction to Risk
9
Mitigating Operational Risks Through
39
Mitigating Risks in Internal Investigations
53
QUANTITATIVE RISK MANAGEMENT
67
Other Control Frameworks
99
Qualitative Control Concepts
113
Quantitative Control Relationships
151
Excel Applications
179
Monitoring Internal Controls
239
Accounting Policies and Procedures
257
Business Process Applications
273
General and Infrastructure Systems
285
Trusted System Providers
295
Reporting on Internal Control
303
Review and Acceptance of Assessments
311
Glossary
317

Interdependent Systems
191
Documentation
203
The Process for Assessing Internal Control
219
Internal Control Sections of the SarbanesOxley Act
319
Index
323
Copyright

Other editions - View all

Common terms and phrases

About the author (2009)

Harry Cendrowski, CPA, ABV, CFF, CFE, CVA, CFD, CFFA, is Managing Director and co-founder of Cendrowski Corporate Advisors, Cendrowski Selecky PC, and Prosperitas Group LLC. He has over twenty-five years of experience assisting firms with their corporate governance and risk management practices. Harry is also active in the private equity (PE) arena, and has assisted PE funds with their due diligence and operational activities. He frequently serves as an expert witness in the areas of forensic accounting, business valuation, and fraud investigation. He is coauthor of Private Equity: History, Governance, and Operations and The Handbook of Fraud Deterrence, both published by Wiley. Harry also serves as the Director of Fraud and Forensic Services for the International Association of Consultants, Valuators and Analysts and is coauthor of the training materials used to train every Certified Fraud Deterrence Analyst (CFD).

William C. Mair is a former partner at Touche Ross & Co. (now Deloitte), chief auditing officer, chief accounting officer, and board member of a registered investment company. He is currently a financial systems consultant. Bill has studied internal control from all angles and has written extensively on the subject. He is best known as lead author of Computer Control and Audit, a revolutionary book in the field of information systems auditing. The Information Systems Audit and Control Association (ISACA) voted Bill the fourth most influential person among the pioneers of information systems auditing in a study published by the EDP Auditor Journal.

Bibliographic information