01 Feb Enterprise Risk Management – Integrated Framework

Year of Publication: 2004
Member Price: RM 355
Non Member Price: RM 495

In response to a need for principles-based guidance to help entities design and implement effective enterprise-wide approaches to risk management, COSO issued the Enterprise Risk Management – Integrated Framework in 2004. This framework defines essential enterprise risk management components, discusses key ERM principles and concepts, suggests a common ERM language, and provides clear direction and guidance for enterprise risk management. The guidance introduces an enterprise-wide approach to risk management as well as concepts such as: risk appetite, risk tolerance, portfolio view. This framework is now being used by organisations around the world to design and implement effective ERM processes.

Despite all that has been written about ERM, COSO recognised a need for:

  • A broadly accepted ERM framework in order to establish common definitions.
  • A direction for organisations to use in determining how to enhance their risk management.
  • Criteria to enable them to evaluate whether their risk management is effective.


Initiated in 2001, the project included significant primary and secondary research, extensive analysis of alternative approaches, and consideration of comments received during a comprehensive public comment period. Enterprise Risk Management is one of the few ERM frameworks that has gone through such a rigorous public review process.

Enterprise Risk Management details:

  • The essential components of ERM.
  • The context in which they are effectively implemented.
  • Key concepts that relate to effective application of the components, such as establishing an ERM philosophy, a risk appetite, and a portfolio view of risk.


The ERM framework builds on COSO’s previously issued framework, Internal Control — Integrated Framework, and identifies the interrelationships among ERM, internal control, and entity management.

This two-volume set includes:

  • Executive Summary and Framework
  • Application Techniques


All individuals who work with governance, risk management, or compliance matters will benefit from this important resource.