CIS 558 RANK Great Stories/cis558rank.com CIS 558 RANK Great Stories/cis558rank.com | Page 2

The following material may be useful for the completion of this
assignment. You may refer to the documents titled “Embracing
Enterprise Risk Management: Practical Approaches for Getting
Started” and “Developing Key Risk Indicators to Strengthen
Enterprise Risk Management”, located at http://www.coso.org/-
ERM.htm.
Imagine you are an Information Technology Manager employed by
a business that needs you to develop a plan for an effective
Enterprise Risk Management (ERM) program. In the past, ERM
has not been a priority for the organization. Failed corporate
security audits, data breaches, and recent news stories have
convinced the Board of Directors that they must address these
weaknesses. As a result, the CEO has tasked you to create a brief
overview of ERM and provide recommendations for establishing an
effective ERM program that will be used as a basis to address this
area moving forward.
Write a three to four (3-4) page paper in which you:
1. Summarize the COSO Risk Management Framework and
COSO’s ERM process.
2. Recommend to management the approach that they need to take
to implement an effective ERM program. Include the issues and
organizational impact they might encounter if they do not
implement an effective ERM program.
3. Analyze the methods for establishing key risk indicators (KRIs).