New CAQ Tool to Help with Cybersecurity Risk Management Oversight
The Center for Audit Quality (“CAQ”) has developed a new tool to help board members oversee enterprise-wide cybersecurity risk management. Cybersecurity Risk Management Oversight: A Tool for Board Members lists questions board members can ask meeting with management and CPA firms about cybersecurity risks and disclosures. Such questions are divided into the following areas: Understanding how the financial statement auditor considers cybersecurity risk. Understanding the role of management and responsibilities of the financial statement auditor related to cybersecurity disclosures. Understanding management’s approach to cybersecurity risk management. Understanding how CPA firms can assist boards of directors in their oversight of cybersecurity risk management. The tool also collects cybersecurity-related resources from. Read More.
Financial Executives Slowly Warming to Risk Management Planning
Despite the American Institute of Certified Public Accountants’ (“AICPA”) latest survey revealing organizations have inadequate risk management practices, the numbers compared to the inaugural survey have improved. The AICPA discovered that 31 percent of companies have created processes for enterprise risk management. That number is 22 percentage points higher than in 2009; only nine percent of organizations surveyed that year reported having risk management processes. The survey is part of the AICPA and North Carolina State University’s Enterprise Risk Management Initiative. Mark Beasley, the director of NC State’s ERM Initiative, said this year’s survey shows that more senior executives and. Read More.
Guidance Proposed on Environmental, Social and Governance Risks
The Committee of Sponsoring Organizations of the Treadway Commission (“COSO”) and the World Business Council for Sustainable Development are proposing new guidance to help companies respond to environmental, social and governance-related risks. In the draft guidance, Applying Enterprise Risk Management to Environmental, Social and Governance-Related Risks, the organizations discuss the changing global risk landscape, principles of the COSO Enterprise Risk Management Framework, and ways companies can address environmental, social and governance-related risk challenges. The draft guidance also offers examples of risk events and potential costs of failing to manage them. A press release on the draft guidance is available on the COSO website.
Study Cautions Nonprofits on Barriers to Growth
If you’re a nonprofit seeking future growth, a new study has identified several issues that your organization must consider. According to the Abila Nonprofit Finance Study, nonprofits should factor in potential difficulties dealing with personnel and risk management, an increased burden on administrative duties, and compliance matters. Of course, nonprofits, such as Make A Stand, that did not prepare for these issues fell short in their organizational growth efforts. More on the Abila Nonprofit Finance Study is available on the Nonprofit Quarterly website.
Exposure Draft for Proposed ERM Framework Update Released
The Committee of Sponsoring Organizations of the Treadway Commission (“COSO”) has issued an exposure draft addressing risks that have emerged since the 2004 release of its Enterprise Risk Management – Integrated Framework. Released as Enterprise Risk Management—Aligning Risk With Strategy and Performance (Exposure Draft), the Exposure Draft offers views on the present concepts and applications of enterprise risk management, as well as revises the definitions of risk and enterprise risk management. The Exposure Draft also introduces components and principles reflecting how risk management thinking and practices have evolved. COSO expects the updates to help organizations increase their awareness and oversight of. Read More.