Enterprise Risk Management and COSO (eBook)

Harry Cendrowski, CPA, ABV, CFF, CFE, CVA, CFD, CFFA, is Managing Director and co-founder of Cendrowski Corporate Advisors, Cendrowski Selecky PC, and Prosperitas Group LLC. He has over twenty-five years of experience assisting firms with their corporate governance and risk management practices. Harry is also active in the private equity (PE) arena, and has assisted PE funds with their due diligence and operational activities. He frequently serves as an expert witness in the areas of forensic accounting, business valuation, and fraud investigation. He is coauthor of Private Equity: History, Governance, and Operations and The Handbook of Fraud Deterrence, both published by Wiley. Harry also serves as the Director of Fraud and Forensic Services for the International Association of Consultants, Valuators and Analysts and is coauthor of the training materials used to train every Certified Fraud Deterrence Analyst (CFD). William C. Mair is a former partner at Touche Ross & Co. (now Deloitte), chief auditing officer, chief accounting officer, and board member of a registered investment company. He is currently a financial systems consultant. Bill has studied internal control from all angles and has written extensively on the subject. He is best known as lead author of Computer Control and Audit, a revolutionary book in the field of information systems auditing. The Information Systems Audit and Control Association (ISACA) voted Bill the fourth most influential person among the pioneers of information systems auditing in a study published by the EDP Auditor Journal.

About the Contributors.

Acknowledgments.

Preface.

SECTION I ORGANIZATIONAL RISK MANAGEMENT.

Chapter 1 An Introduction to Risk.

Chapter 2 Key Tenets of Enterprise Risk Management.

Chapter 3 Mitigating Operational Risks Through Strategic
Thinking.

Chapter 4 Mitigating Risk in Internal Investigations and
Insurance Coverage.

SECTION II QUANTITATIVE RISK MANAGEMENT.

Chapter 5 Recognized Control Frameworks: COSO-IC and
COSO-ERM.

Chapter 6 Other Control Frameworks.

Chapter 7 Qualitative Control Concepts.

Chapter 8 Quantitative Control Relationships.

Chapter 9 Excel Applications.

Chapter 10 Interdependent Systems.

Chapter 11 Documentation.

Chapter 12 The Process for Assessing Internal Control.

Chapter 13 Monitoring Internal Controls.

Chapter 14 Accounting Policies and Procedures.

Chapter 15 Business Process Applications.

Chapter 16 General and Infrastructure Systems.

Chapter 17 Trusted System Providers.

Chapter 18 Reporting on Internal Control.

Chapter 19 Review and Acceptance of Assessments.

Glossary.

Appendix: Internal Control Sections of the Sarbanes-Oxley
Act.

Index.

"Enterprise Risk Management and COSO, is a useful book for readers who are directly or indirectly involved in risk management. It is relevant for managers and practitioners alike as we constantly face a myriad of constraints to accomplish our work. In my opinion, the authors introduce topics in an innovative way that invites brainstorming and analytical thinking. Enterprise Risk Management is a comprehensive reference book that presents core management or risks in a helpful and organized way. If you are an internal auditor who is interested in risk management, exploring this book is one of the best ways to gain an understanding of enterprise risk management issues." (Financial Services Audit News, April 2010)