Nindita Rahmalaudina - C1L014037
1. Internal Environment
The internal environment sets the foundation for how risk is viewed and addressed by an entity’s people.
2. Objective-Setting
ERM ensures that management has in place a process to set objectives and that the chosen objectives support and align with the entity’s mission and are consistent with its risk appetite.
3. Event Identification
Internal and external events affecting the achievement of an entity’s objectives must be identified, distinguishing between risks and opportunities.
4. Risk Assessment
Risks are analyzed, considering likelihood and impact, as a basis for determining how they should be managed.
5. Risk Response
Management selects risk responses—avoiding, accepting, reducing or sharing risk—developing a set of actions to align risks with the entity’s risk tolerances and risk appetite.
6. Control Activities
Policies and procedures are established and implemented to help ensure the risk responses are effectively carried out.
7. Information and Communication
Relevant information is identified, captured and communicated in a form and timeframe that enable people to carry out their responsibilities.
8. Monitoring
Monitoring is accomplished through ongoing management activities, separate evaluations or both.
Sources: http://info.knowledgeleader.com/bid/163293/what-is-the-coso-enterprise-risk-management-framework
Tidak ada komentar:
Posting Komentar