What is the performance component of the COSO ERM framework?
Performance is one of the key components of the COSO ERM framework. Risks that may impact the achievement of strategy and business objectives need to be identified and assessed. Risks are prioritized by severity in the context of risk appetite. The organization then selects risk responses and takes a portfolio view of the amount of risk it has assumed. The results of this process are reported to key risk stakeholders.
Performance refers to enterprise risk management performances that support the organization’s decisions in its search of value. The performances consist of identifying, assessing, prioritizing, responding to, and developing a portfolio view of risk.
The 5 principles relate to performance:
Identifies Risk—The organization identifies risk that impacts the performance of strategy and business objectives.
Assesses Severity of Risk—The organization assesses the severity of risk.
Prioritizes Risks—The organization prioritizes risks as a basis for selecting responses to risks.
Implements Risk Responses—The organization identifies and selects risk responses.
Develops Portfolio View—The organization develops and evaluates a portfolio view of risk.
Back To All Questions