Big4Guy
Big4GuyWelcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.
|
Post details: COSO Risk Categories - Categories of Business Risk Strategic Operations Compliance & Reporting
01/11/06
COSO Risk Categories - Categories of Business Risk Strategic Operations Compliance & Reporting
In COSO's Internal Control - Integrated framework, risk assessment forms one of the key components. Before making a risk assessment, one has to be clear as to the various types of risk that exist. One of my client Chief Audit Executive CAE questioned me the same in an internal meeting. COSO framework lays down certain important risk categories. I am listing the four important risk categories under COSO and some examples under each category.
1. Strategic Risk - Some examples include governance related issues, strategic business objectives not being met, a wrong or incorrect business model, external forces etc.
2. Operational Risk - Operational risk may be due to weak controls in business processes, financial risk, risk in supply chain operations etc.
3. Reporting Risk - Reporting risk normally includes, financial reporting risk, information technology disclosures, reputation, intellectual property etc.
4. Compliance risk - Compliance risk, often the most talked about includes, non-comploance to statutes, environmental laws, non complaince to sarbanes oxley, legal etc.
Section 404 Project Scoping , Sarbanes Oxley Investor Protection
Comments:
Please kindly describe the similarity or difference between business risk and strategic risk according to the way COSO classifies.
thanks and regards,
Bram
04/24/06 @ 02:46 Please kindly describe the similarity or difference between business risk and strategic risk according to the way COSO classifies.
thanks and regards,
Bram
04/24/06 @ 02:49
Categories
Archives
Search
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
|---|---|---|---|---|---|---|
| << < | > >> | |||||
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 | |
Misc
All content copyright © 2005-2008
Big4Guy.com
Do not reproduce either in part or full without the express permission of the
Webmaster
