monitoring risk

How to Effectively Monitor Risk & Controls: Testing vs. Metrics

In today’s organizations, risk managers are tasked with the responsibility of effectively monitoring risk.  They need to know what to monitor and how to determine if mitigation activities are effectively preventing risks from materializing. Traditionally, organizations monitor activities through Control Testing, but this provides little more than a false sense of security for organizations. A…

COSO ERM framework update

A Quick Guide to COSO Internal Controls 2013 Changes

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its COSO Internal Control – Integrated Framework document all the way back in 1992 to assist publicly traded organizations adhere to the Sarbanes-Oxley Act (SOX) Section 404. COSO considers internal controls to be an integral part of enterprise risk management (as does LogicManager), and as…

internal audit planning

Supply Chain Risk Management

A survey conducted by APQC found that in the past two years, 75% of companies were hit by at least one major unexpected disruption to their supply chain, defined as an incident with the capability of preventing a business from fulfilling promises to its customers. And what’s more worrisome? Many of the organizations surveyed are proposed advocates…