At the recent Professional Accountants in Business (PAIB) Committee meeting in the IFAC office in New York, the PAIB Strategy and Work Plan 2013-2016 was approved for public consultation. It will be issued in October and both IFAC members and other stakeholders will be invited to provide feedback.

 

As part of its proposed work plan, and following the recent guidance Evaluating and Improving Internal Control in Organizations, the committee approved the development of good practice principles, to be released in the fourth quarter of 2013, on how professional accountants in business can support their organizations with better integration of risk management and internal control into overall governance. As revealed in the IFAC Global Survey on Risk Management and Internal Control, in many organizations, risk management and internal control are often not an integrated part of overall governance arrangements. Suggestions on this project, as well as others that are being proposed in the work plan, will be gratefully received (StathisGould@ifac.org or VincentTophoff@ifac.org).

 

 

 

 

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has released the exposure draft Internal Control over External Financial Reporting: Compendium of Approaches and Examples. Released as part of the update project for COSO’s Internal Control Framework, the Compendium will assist users of the Framework in applying it to external financial reporting objectives, including compliance with the US Sarbanes-Oxley Act. The exposure draft, press release, a PowerPoint presentation, and an FAQ are available on the COSO website. The comment period closes November 20, 2012.

 

 

 

From October to December 2011, the International Organization for Standardization (ISO) conducted a risk management survey for ISO 31000, Risk Management. The results of this survey (in English, French, and Spanish) are now available on request from the ISO 31000 Conference website. Survey questions ranged from awareness level of ISO 31000 to how risk management is used in respondents’ organizations.

 

 

• Current State of Enterprise Risk Oversight: Progress is Occurring but Opportunities for Improvement Remain examines the results of a survey conducted by the American Institute of Certified Public Accountants and the North Carolina University Poole College of Management (US) to review enterprise risk management in light of recent financial and social shifts. In addition to summarizing survey results, the report also serves as a benchmarking instrument for an organization’s approach to risk oversight in relation to current trends.
 

• A Framework for Board Oversight of Enterprise Risk from the Canadian Institute of Chartered Accountants argues that boards should take a more active and direct role in the oversight of enterprise risk due to the “unsettled” economy following the economic crises of the last few years. The Framework includes questions directors should be asking in four areas—oversight, knowledge and understanding of risk, objectives for enterprise risk, and corporate capacity for risk—and provides guidance and tools to help directors fulfill their responsibilities.
 

• A hypothetical case study on evaluating enterprise risk management (ERM) maturity has been released by CGMA, a joint initiative of the American Institute of Certified Public Accountants and the Chartered Institute of Management Accountants. CGMA Case Study: How to Evaluate Enterprise Risk Management Maturity illustrates how ERM tools can be used by professional accountants to assess their organization’s approach to ERM. The case study uses eight areas to assess an effective ERM process—risk culture, risk identification, risk assessment, articulation of risk appetite, risk response, risk reporting, integration with strategic planning, and assessment of ERM effectiveness.