In Line With Risk – Implementing a risk management program can better align an organization’s risk profile with its overall strategy.
Dorina Hamzo, 22 July 2019.
Dorina Hamzo, CISO, is vice president of internal audit at Covetrus in Portland, Maine.
Risk management has evolved and grown since its inception in the mid-20th century, as evidenced by the introduction of methodologies such as The Committee of Sponsoring Organizations of the Treadway Commission’s (COSO’s) Enterprise Risk Management –Integrating With Strategy and Performance, the International Organization for Standardization’s ISO 31000, and the Basel Accords.
Yet, only 23% of respondents describe their risk management program as mature in the American Institute of Certified Professional Accountants’ 2019 The State of Risk Oversight, conducted jointly with North Carolina State’s ERM Initiative. Additionally, the perceived level of maturity has declined over the past two years, and most organizations struggle to integrate their enterprise risk management (ERM) program with the strategy and objective-setting process.