[31 Oct 2016] Open with your browser  
Featured images

Exposure Draft of Enterprise Risk Management Framework by the Committee of Sponsoring Organizations of the Treadway Commission

Written by: Mr. Donovan Cheung – Senior Risk Consultant

The Committee of Sponsoring Organizations of the Treadway Commission (“COSO”) released the exposure draft of the updated Enterprise Risk Management (“ERM”) Framework for public comments in June 2016. The comment period is closed on 30 September 2016. The ERM Framework draft would help to make ERM more effective. It recognizes the awareness and oversight of risk management of the boards and executives. It also suggests improving risk information to support strategic decision-making. In this newsletter, we are going to highlight the important changes to the ERM Framework.

The ERM Framework draft is proposed to be reconstructed into 5 components and 23 principles. Each component is explained by several core principles, which are modeled according to the Internal Control – Integrated Framework adopted by COSO in 2013. Apart from the reconstruction of the framework, the major changes are as follows:

Relate risk with strategy
The framework draft explores ERM and strategy not only from risk to strategy, but also from two other dimensions which are the possibilities of strategy not aligning with the corporate values and the implications from the strategy. All three dimensions are required to be considered during the selection of strategies, instead of managing the risks afterwards.


Align risk with performance
To make the ERM more accessible to the management, the framework draft changes risk tolerance to acceptable variation in performance which refers to the boundaries of acceptable outcomes relating to achieving business objectives and trying to make the risk concrete to decision makers. Risk profile is introduced, in which risk, performance, risk appetite and risk capacity are incorporated, to provide a comprehensive view of risks and raise awareness of risks when making decisions.

Address the importance of culture
Culture determines the behaviors of the organization and reflects the values and attitudes of the organization towards risks. The framework draft addresses the importance of culture and explores the relationship between culture and risk governance. It also considers several principles in the framework to promote the risk governance and culture as the strong foundation for effective ERM.

Integrate with internal control
The framework draft recognizes the importance of internal control as it is crucial to have an effective internal control for successful enterprise risk management and performance. Neither internal control nor ERM alone can facilitate better strategic results and optimize the performance of an organization. The framework draft also encourages the readers to refer to the Internal Control – Integrated Framework 2013 for a more comprehensive view of internal control.


The project team for the ERM Framework draft is analyzing all the comments from the public and would revise the framework accordingly. The revised ERM Framework is expected to be available to the market in 2017 after the COSO board approves the final framework.

The Revised COSO ERM Framework Exposure Draft, issued by COSO on June 15, 2016


If there are any aspects which we may assist, please do not hesitate to contact:

Managing Partner - Mr. Roy Lo
roy.lo@shinewing.hk (Tel. 3583 8048) or

Senior Risk Manager - Ms. Gloria So
gloria.so@shinewing.hk (Tel. 3583 8517)


SHINEWING Risk Services Limited

Contact Us

SHINEWING Risk Services Limited
43/F., Lee Garden One, 33 Hysan Avenue Causeway Bay, Hong Kong,

T. (852) 3583 8000

F. (852) 3583 8532

W. www.shinewing.hk

E. risk@shinewing.hk


product image


SHINEWING Risk Services Limited is an industry leader with many years of experience in risk management and internal control review services in China and Hong Kong. SHINEWING has maintained its leadership position in the market over the years.

Headquartered in Beijing and with branch offices in Hong Kong, Singapore, Japan, Australia, Pakistan, Egypt, Shenzhen, Chengdu, Shanghai, Xi’an, Tianjin, Qingdao, Changsha, Changchun, Yinchuan, Jinan, Dalian, Kunming, Guangzhou, Fuzhou, Nanjing, Urumqi, Wuhan, Hangzhou, Taiyuan, Chongqing, Nanning and Hefei. SHINEWING is ideally positioned to provide services for our valued clients.


Copyright © 2016 SHINEWING Risk Services Limited. All rights reserved.

This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited.


Home | Open in browser | Unsubscribe