Fundamentals of Risk Management
Download 3.45 Mb. Pdf ko'rish
|
Fundamentals of Risk Management
- Bu sahifa navigatsiya:
- FIgURE 33.1 Criteria of Control (CoCo) framework Capability
|
Risk assurance
396 The rationale behind CoCo is explained in the framework as follows: A person performs a task guided by an understanding of its purpose and supported by capability. The person needs a sense of commitment to perform the task well. The person monitors his or her performance and the external environment to learn how to do the task better and any required changes. In any organization of people, the essence of control is the four components set out above. There are similarities between the CoCo approach and the LILAC measure of risk awareness or risk culture that has been mentioned previously. The LILAC approach suggests that risk management activities will be embedded when the risk culture displays leadership, involvement, learning, accountability and communication. Individual organ- izations should decide how they wish to measure the control environment/risk-aware culture within the organization. Whatever method is used to measure the risk culture, there is no doubt that it is critical to the successful implementation of risk management. CoCo is an internal control framework, but it is described in this chapter because it is an established framework. There is a strong interface between risk management activities and internal control, and the CoCo framework therefore provides a useful means of evaluating the risk culture of an organization. CoCo defines three major objectives of controls: ● ● effectiveness and efficiency of operations; ● ● reliability of internal and external reporting; ● ● compliance with applicable laws and regulations and internal policies. FIgURE 33.1 Criteria of Control (CoCo) framework Capability A sense of competence. What action do we need to take? Purpose A sense of direction. What are we here for? Download 3.45 Mb. Do'stlaringiz bilan baham: 
|