The world has changed significantly in the last five years. New and greater pressures and risks have dominated both the international and business news, dramatically altering the issues that corporate managers must address. The attacks of September 11, 2001 made business executives aware that they must take action to prevent acts of terrorism as well as to prepare for their occurrence at the corporate site and in the wider community. The collapse of notable companies such as Enron and WorldCom highlighted the risk of financial fraud, raised new concerns about corporate governance and internal control, and resulted in the Sarbanes-Oxley Act of 2002 (also referred to as SOX). For multinational organizations, because of globalization and the rapid development of international communications through the Internet, corporate activities related to environmental degradation, child labor, or other social issues in a developing country have been able to impact profits significantly and quickly in the home country. In addition, the risks associated with Information Technology (IT) installations, mergers, human resource policies, and other daily organizational activities have escalated.
Today, organizations must learn to manage these increased risks. In the publication entitled Enterprise Risk Management—Integrated Framework, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) described the underlying principles of risk management and its components. However, boards of directors and their audit committees, senior corporate managers, senior financial managers, auditors, and external stakeholders often need more detailed guidance with respect to the measurement and management of organizational risk.
Download Full Text 
(Members Only)