COSO Report: Companies Need to Break Down Silos and Better Align Risk and Compliance

November 19, 2020

A new recommendation – and, one that’s becoming a more common theme – by an influential organization that guides companies on enterprise risk management advises organizations to foster closer alignment between compliance departments and risk managers.

The Committee of Sponsoring Organizations (COSO) of the Treadway Commission issued the guidance recommendation in its new report, “Compliance Risk Management: Applying the COSO ERM Framework.”

COSO’s advice, which is followed closely by public companies, is aimed at helping boards of directors and management better identify, monitor and mitigate compliance risks. The report, commissioned by COSO, was jointly published in November by the Society of Corporate Compliance and Ethics (SCCE) and the Health Care Compliance Association (HCCA).

The guidance encourages organizations to better coordinate risk management, compliance and ethics functions to strengthen protections against legal and regulatory pitfalls.

The report describes the characteristics of effective compliance and ethics programs associated with each of the five components and 20 underlying principles of COSO’s Enterprise Risk Management (ERM) framework. A significant aspect of ERM is its focus on creating, preserving and realizing value. Effective C&E programs contribute to each of these objectives.

“This publication aims to provide guidance on the application of the COSO ERM framework to the identification, assessment and management of compliance risks by aligning it with the C&E program framework, creating a powerful tool that integrates the concepts underlying each of these valuable frameworks,” Sobel said in a prepared statement.

The compliance risk management publication provides guidance for risk managers, internal auditors, compliance professionals and others directly involved in managing compliance risk, as well as to assist members of senior management and boards of director in understanding their roles in compliance risk management.

“The goal of this publication is to facilitate this synergy by creating a roadmap between required and emerging practices for C&E programs and the COSO ERM framework,” said Gerry Zack, the CEO of SCCE & HCCA.

Previous Article
Read & React: “How to Build a Company that Actually Values Integrity” by Robert Chesnut in HBR
Read & React: “How to Build a Company that Actually Values Integrity” by Robert Chesnut in HBR

SAI Global's Learning designers, content managers and product designers discuss a Harvard Business Review a...

Next Article
Interview with Anton Lissone, CTO at SAI Global
Interview with Anton Lissone, CTO at SAI Global

Anton Lissone speaks with Boris Agranovich from Global Risk Community.

Take the next step with risk management solutions that meet you where you are.

HOW TO BUY