COSO'S





          ENTERPRISE




          RISK





          MANAGEMENT




          FRAMEWORK








          COSO                                                2013 to the COSO cube, which focused on the design and
                                                              implementation of a risk management framework. The COSO
          The Committee of Sponsoring Organisations of the Treadway
                                                              cube became a widely-accepted framework for organisations
          Commission (COSO) was established in the mid-1980s, initially
                                                              to use and it became established as a model that could be
          to sponsor research into the causes of fraudulent financial
                                                              used in different environments worldwide.
          reporting. Its current mission is to: 'help organizations improve
          performance by developing thought leadership that enhances
          internal control, risk management, governance and fraud
          deterrence.'

          Although COSO's guidance is non-mandatory, it has been
          influential because it provides frameworks against which risk
          management and internal control systems can be assessed
          and improved. Corporate scandals, arising in companies
          where risk management and internal control were deficient,
          and attempts to regulate corporate behaviour as a result of
          these scandals have resulted in an environment where
          guidance on best practice in risk management and internal
          control has been particularly welcome.

          The ERM model

          COSO originally created an enterprise risk management (ERM)
          model in 1992 which was shaped like a pyramid and focused
          on the evaluation of existing controls. This was updated in  The ERM model

          24  The  Insurance  Times,  September  2022