Ask Joey ™ a Question

What is the performance component of the COSO ERM framework?

Performance is one of the key components of the COSO ERM framework. Risks that may impact the achievement of strategy and business objectives need to be identified and assessed. Risks are prioritized by severity in the context of risk appetite. The organization then selects risk responses and takes a portfolio view of the amount of risk it has assumed. The results of this process are reported to key risk stakeholders.

Performance refers to enterprise risk management performances that support the organization’s decisions in its search of value. The performances consist of identifying, assessing, prioritizing, responding to, and developing a portfolio view of risk. 

The 5 principles relate to performance:

Identifies Risk—The organization identifies risk that impacts the performance of strategy and business objectives.

Assesses Severity of Risk—The organization assesses the severity of risk.

Prioritizes Risks—The organization prioritizes risks as a basis for selecting responses to risks.

Implements Risk Responses—The organization identifies and selects risk responses.

Develops Portfolio View—The organization develops and evaluates a portfolio view of risk.


You might also be interested in...

  • What are the components of the COSO ERM framework?

    The COSO Enterprise Risk Management (ERM) framework applies a risk-based approach as opposed to a control-based approach. The overall objective of the ERM framework is to attain reasonable assurance that the company objectives and goals are achieved, and that the company meets performance expectations. The main components of ERM include governance and culture, review and […]

  • What is the governance and culture principle of ERM?

    Governance and culture is one of the key components of the COSO ERM framework. Governance sets the organization’s tone, reinforcing the importance of, and establishing oversight responsibilities for, enterprise risk management. Culture pertains to ethical values, desired behaviors, and understanding of risk in the entity. The 5 principles related to governance and culture consist of: […]

  • What is the strategy and objective setting component of ERM?

    Strategy and objective setting is one of the key components of the COSO ERM framework. Enterprise risk management, strategy, and objective-setting work together in the strategic-planning process. A risk appetite is established and aligned with strategy; business objectives put strategy into practice while serving as a basis for identifying, assessing, and responding to risk. Strategy […]