weaknesses. As a result, the CEO has tasked you to create a brief overview of ERM and provide
recommendations for establishing an effective ERM program that will be used as a basis to
address this area moving forward.
Write a three to four (3-4) page paper in which you:
1. Summarize the COSO Risk Management Framework and COSO’s ERM process.
2. Recommend to management the approach that they need to take to implement an effective
ERM program. Include the issues and organizational impact they might encounter if they do not
implement an effective ERM program.
3. Analyze the methods for establishing key risk indicators (KRIs).
4. Suggest the approach that the organization needs to take in order to link the KRIs with the
organization’s strategic initiatives.
5. Use at least three (3) quality resources in this assignment (in addition to and that support the
documents from the COSO Website referenced in this assignment). Note: Wikipedia and similar
Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
• Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all
sides; citations and references must follow APA or school-specific format. Check with your
professor for any additional instructions.
• Include a cover page containing the title of the assignment, the student’s name, the
professor’s name, the course title, and the date. The cover page and the reference page are not
included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
• Describe the COSO enterprise risk management framework.
• Describe the process of performing effective information technology audits and general
controls.
• Use technology and information resources to research issues in information technology audit
and control.