COSO releases new guidance, Compliance Risk Management: Applying the COSO ERM Framework, detailing the application of the Enterprise Risk Management—Integrating with Strategy and Performance (ERM Framework) to the management of compliance risks.

COSO ERM 是什么？ COSO ERM 由 美国COSO委员会 提出，本质上是一个 系统化的风险管理方法，它的核心思想是： 让风险管理融入企业战略和业务流程，帮助企业更稳健地前行。

This supplement, titled COSO Enterprise Risk Management - Integrating with Strategy and Performance: Compendium of Examples, was developed from industry practices identified through extensive research conducted when updating the Framework. Each example focuses on specific components covered in the Framework.

the complexity of risk has changed, new risks have emerged, and both boards and executives have enhanced their awareness and oversight of enterprise risk management while asking for improved risk reporting.

COSO表示的风险“组合观”即指对企业所面临相关业务目标风险的一种综合观点。 这种角度使管理层和董事会得以考虑风险的性质、可能性、相对大小、彼此相互依存的关系，以及它们会如何影响绩效。

2018年9月17日 · Originally developed in 2004 by COSO, the COSO ERM – Integrated Framework is one of the most widely recognized and applied risk management frameworks in the world. Over the past decade the complexity of risk has changed and new risks have emerged.

2017年1月15日 · 2016年6月，美国反欺诈财务报告委员会（The Committee of Sponsoring Organizations of the Treadway Commission, COSO）发布了新版企业风险管理框架“企业风险管理-服务于企业战略和绩效的实现” （Enterprise Risk Management- Aligning risk with strategy and performance）征求意见稿，这是继2004年 ...

2017年，新版框架对ERM的定义为：组织在创造、保存、实现价值的过程中赖以进行风险管理的，与战略制定和实施相结合的文化、能力和实践。 三、企业全面风险管理框架 （一）2004版企业全面风险管理框架：8大基本要素

2024年5月10日 · 在COSO公布的《常见问题》解释上，COSO表明两个体系并不是相互代替或取代，而是侧重点各不相同相互补充的作用，但同时也强调了内部控制作为一种经历时间考验的企业控制体系，是企业风险管理工作的一个基础和组成部分。

COSO originally created an enterprise risk management (ERM) model in 1992 which was shaped like a pyramid and focused on the evaluation of existing controls. This was updated in 2013 to the COSO cube, which focused on the design and implementation of a risk management framework.