How might the framework assist organizations in structuring their entities to best manage exposure to risk?
• By formally organizing risk management responsibilities and activities, an organization is much better positioned to achieve its objectives. To achieve its business objectives, management will want to ensure that sound risk management processes are in place and functioning. Board and audit committees have an oversight role to determine that appropriate risk management processes are in place and that these processes are adequate and effective. The COSO Enterprise Risk Management – Integrated Framework provides comprehensive guidance on each of these points and includes numerous examples of approaches used by risk management practitioners in a diverse group of organizations. Is there such a thing as being overly conscientious about risk? • The purpose of an entity is to provide goods and services that people value. The pursuit of that goal is paramount in most organizations. An organization that focuses more on risk management than on pursing its primary goals is likely to underperform