Enterprise Risk Management   |  Compliance Risk Management: Applying the COSO ERM Framework   |    iii




                   Contents                                                      Page

                   1.  Introduction                                                  1

                   2. Governance and Culture for Compliance Risks                   7

                   3. Strategy and Objective-Setting for Compliance Risks           11

                   4. Performance for Compliance Risks                             15

                   5. Review and Revision for Compliance Risks                     22

                   6. Information, Communication, and Reporting
                     for Compliance Risks                                          27

                   Appendix 1.
                   Elements of an effective compliance
                   and ethics program                                              31

                   Appendix 2.
                   International growth in recognition
                   of compliance and ethics programs                               37

                   Acknowledgments                                                 39

                   About SCCE & HCCA                                               39

                   About COSO                                                     40













































                                                                                                          c oso . or g