Embracing Enterprise Risk Management. The following material may be useful for the completion of this assignment. You may refer to the documents Embracing Enterprise Risk Management: Practical Approaches for Getting Started and Developing Key Risk Indicators to Strengthen Enterprise Risk Management at the Committee of Sponsoring Organizations of the Treadway Commission website.
Imagine you are an information technology manager employed by a business that needs you to develop a plan for an effective enterprise risk management (ERM) program. ERM has not been a priority for the organization, but failed corporate security audits, data breaches, and recent news stories have convinced the board of directors that they must address these weaknesses. As a result, the CEO has asked you to create a brief overview of ERM and provide recommendations for establishing an effective ERM program to address this area.
Write a 3–4 page paper in which you:
- Summarize the COSO Risk Management Framework and COSO’s ERM process.
- Recommend the approach management should take to implement an effective ERM program. Include the issues and organizational impact they might encounter if they do not implement an effective ERM program.
- Analyze the methods for establishing key risk indicators (KRIs).
- Suggest the approach that the organization should take to link the KRIs with the organization’s strategic initiatives.
- Use at least three quality resources in this assignment (in addition to—and which support—the documents from the COSO website referenced in this assignment). Note: Wikipedia and similar websites do not qualify as quality resources.