PricingBlogAbout Us

Comparative Analysis of COSO and ISO 31000 Risk Frameworks in Finance

Verified

Added on  2020/04/13

|6
|844
|88
Essay
AI Summary
The essay explores the COSO and ISO 31000 enterprise risk management (ERM) frameworks, highlighting their origins, objectives, and implementation strategies. COSO, developed through collaborations among major accounting bodies, aims to enhance corporate governance and deter fraud by integrating internal controls into its ERM processes. ISO 31000, developed later, focuses on improving organizational performance by identifying threats and opportunities and optimizing resource allocation for risk management. Despite their shared goal of effective risk management, COSO is often preferred due to its inclusion of an internal control framework, though this can lead to unnecessary implementations. Ultimately, while both frameworks are valuable, successful risk mitigation also depends on the commitment of management and employees to foster a transparent organizational culture.
Document Page
Running head: ACCOUNTING INFORMATION SYSTEMS
Accounting Information Systems
Name of the Student:
Name of the University:
Author Note
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
1ACCOUNTING INFORMATION SYSTEMS
Table of Contents
Introduction................................................................................................................................2
COSO – as an enterprise risk management framework.............................................................2
ISO 31000 – as an enterprise risk management framework......................................................2
Comparison between COSO and ISO 31000.............................................................................3
Conclusion..................................................................................................................................3
References..................................................................................................................................5
Document Page
2ACCOUNTING INFORMATION SYSTEMS
Introduction
This particular study aims to compare and contrast the framework of COSO and ISO
31000 Enterprise Risk Management Framework. To be more precise, this particular study
provides an overview into the risk management frameworks and try to assess and examine the
applicability’s of these frameworks as to whether one is advantageous than the other.
COSO – as an enterprise risk management framework
COSO has been developed as result of the joint initiatives of the American
Accounting Association, the American Institute of Certified Public Accountants, Financial
Executives International, Institute of Management Accountants and Institute of Internal
Auditors. The primary objective of developing this particular risk management framework is
to provide thought leadership through the means of developing a comprehensive guidance
framework on corporate risk management, deterrence of fraud and internal controls. Its
further objective is to improve the operational performance of the organization and the
corporate governance to reduce the occurrence of fraudulent activities in the organization
(Bromiley et al., 2015).
ISO 31000 – as an enterprise risk management framework
ISO 31000 is another framework for the management of risk that has been developed
in order to help organizations to increase the likelihood of achieving the previously set
objectives, improve the scope of identification of threats ad opportunities in the organization
and monitor the effective allocation and utilization of the available resources for the purpose
of risk treatment (Dias, 2017).

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
3ACCOUNTING INFORMATION SYSTEMS
Comparison between COSO and ISO 31000
The framework of COSO was developed in 2004 while that of ISO 31000 in 2009.
The primary objective of COSO is to emphasize on creating a flexible standard of evaluation
upon which the current ERM processes can be evaluated rather than primarily concentrating
on the risk management process. ISO 31000 on the other hand, provides support to the
process applied for the management of risk, its particulars along with the methods applied to
establish it in the organization. To be simpler, COSO emphasizes on the implementation of
ERM framework in the organization, as it believes that ERM itself applied in strategy setting
incorporates the concept of risk appetite and aligns it with strategy. ISO 31000 on the other
hand focuses on the implementation of the risk management framework and is primarily
based on change themes and integration.
Both ISO 31000 and COSO have been developed with the similar objective and strike
the same chord of the risk management process. Both the frameworks are obtained from the
same body of knowledge and utilize the similar technique of establishing an unanimous
company goal and utilizing it as a foundation of measurement or standard for the purpose of
evaluation of the techniques used for the management of risk (Mikes et al., 2016).
In spite of both the models, being created from the same body of knowledge, the
framework of COSO is often selected over ISO 31000. This is because of the fact that the
framework of COSO incorporates the framework of internal control in it too. However, the
internal control framework may drag an organization in the unnecessary implementation of
ERM, which may not strategically suitable for all firms (Oliva, 2016).
Conclusion
Therefore, as it can be understood from the above discussion, both COSO and ISO
31000 as risk management framework are useful and effective. However, the adoption of a
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
4ACCOUNTING INFORMATION SYSTEMS
risk management framework will not completely ensure the mitigation of risk enduring
processes in business. Enough sincerity on the part of the management and the employees of
the organization is also required for promoting a culture in the organizational environment
that promotes a transparent risk free culture.
Document Page
5ACCOUNTING INFORMATION SYSTEMS
References
Bromiley, P., McShane, M., Nair, A., & Rustambekov, E. (2015). Enterprise risk
management: Review, critique, and research directions. Long range planning, 48(4),
265-276.
Dias, A. A. D. S. P. (2017). A more effective audit after COSO ERM 2017 or after ISO
31000: 2009?. Revista Perspectiva Empresarial ISSN: 2389-8194 (En línea), 4(2), 73-
82.
Mikes, A., Oyon, D., Jeitziner, J., & KPMG, G. (2016). Risk management: Towards a
behavioral perspective.
Oliva, F. L. (2016). A maturity model for enterprise risk management. International Journal
of Production Economics, 173, 66-79.

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

chevron_up_icon
1 out of 6
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.