Page 640 - COSO Guidance
P. 640
Glossary
Glossary
Adaptability: The capacity of an entity to adapt and respond to risks.
Actual residual risk: The risk remaining after management has taken action to alter its severity.
Business context: The trends, events, relationships and other factors that may influence, clarify or change an
entity’s current and future strategy and business objectives.
Business objectives: Those measurable steps the organization takes to achieve its strategy.
Complexity: The scope and nature of a risk to the entity’s success.
Core values: The entity’s beliefs and ideals about what is good or bad, acceptable or unacceptable, which
influence the behavior of the organization.
Corporate governance: The set of relationships between the company’s management, board, shareholders
and other stakeholders that provide the structure through which objectives of the company are set.
Culture: The attitudes, behaviors and understanding about risk, both positive and negative that influence the
decisions of management and personnel and reflect the mission, vision and core values of the organization.
Data: Raw facts that can be collected together to be analyzed, used or referenced.
Dependencies: Resources (e.g., human, social, natural) that businesses need in order to create and sustain value.
Enterprise risk management (ERM): The culture, capabilities and practices, integrated with strategy-setting
and its performance, that organizations rely on to manage risk in creating, preserving and realizing value.
Entity: Any form of for-profit, not-for-profit or governmental body. An entity may be publicly listed, privately
owned, owned through a cooperative structure, or any other legal structure.
Environmental, social and governance (ESG): Encompasses the environmental, social and governance
a
issues that are prominent on investors’ and other stakeholders’ agendas.
ESG-related risks: Commonly referred to as sustainability, non-financial or extra-financial risks, the
environmental, social and governance risks and/or opportunities that may impact an entity.
b
External environment: Anything outside of the entity that influences the ability to achieve strategy and
business objectives.
External stakeholders: Any parties not directly engaged in the entity’s operations but who are affected by the
entity; directly influence the entity’s business environment, or influence the entity’s reputation, brand and trust.
Extra-financial: A wide range of issues that are likely to have short-, medium- and long-term effect on
business performance. Extra-financial issues typically exist beyond the traditional range of variables that are
considered as part of investment decision-making processes. Extra-financial factors include, but are not limited
to, corporate governance, intellectual capital management, human rights, occupational health and safety and
human capital practices, innovation, research and development, customer satisfaction, climate change, and
natural resource management, consumer and public health, reputation risk and the broader environmental and
social impacts of corporate activity such as biodiversity impacts and community impacts.
c
Financial capital: The traditional yardstick of performance; includes funds obtained through financing or
generated by means of productivity.
Governance: The systems and processes that ensure the overall effectiveness of an entity – whether a
business, government or multilateral institution.
Governing body: The process used by an organization to engage relevant stakeholders for the purpose of
achieving agreed outcomes (may include board, supervisory board, board of trustees, general partners or owner).
Human capital: The knowledge, skills, competencies and other attributes embodied in individuals that are
relevant to economic activity.
d
. . . . . . . . . . . . . . . .
a KPMG (2017). “ESG, strategy and the long view: A framework for board oversight.”
Retrieved from assets.kpmg.com/content/dam/kpmg/lu/pdf/lu-en-esg-strategy-framework-for-board-oversight.pdf
b Although these terms are used interchangeably, this guidance has adopted the term ESG, as it is currently the term commonly used by the investor community and
captures the range of criteria to generate long-term competitive financial returns and positive social impact. The term related risks has been adopted to account for
non-ESG risks that may have ESG-related causes or impacts. For example, the risk of raw material price fluctuations may be exacerbated by an environmental cause,
such as flooding or droughts, which was not previously considered by the organization.
c Radley Yeldar. (2012). “The value of extra-financial disclosure: What investors and analysts said.” Commissioned by Accounting for Sustainability, GRI and
Radley Yeldar. Retrieved from globalreporting.org/resourcelibrary/The-value-of-extra-financial-disclosure.pdf
d This is the OECD definition of human capital, which is used in the draft “Social & Human Capital Protocol” due for publication in 2019. This definition of human capital
is similar to that used by the <IR> Framework, which is defined as “people’s competencies, capabilities and experience, and their motivations to innovate.”
Enterprise Risk Management | Applying enterprise risk management to environmental, social and governance-related risks • October 2018 93
