Gerry Zack on a New Tool for Applying the COSO ERM Framework to Compliance [Podcast]


Post By: Adam Turteltaub

There has been much discussion over the years about the relationship between enterprise risk management (ERM) and compliance risk management. Making the discussions more complex has been a tendency to approach risk management from very different perspectives. Risk managers have long looked to the COSO ERM Framework, while compliance teams have turned to the Federal Sentencing Guidelines and other documents. Adding to the complexity are language issues. “Risk appetite” is a common term for risk managers and one that is oft-misunderstood and provokes great concern among compliance professionals.

To help bridge the gap  the Society of Corporate Compliance and Ethics & Health Care Compliance Association, working under the auspices of COSO (the Committee of Sponsoring Organizations of the Treadway Commission) developed a new publication, entitled Compliance Risk Management: Applying the COSO ERM Framework. As SCCE & HCCA CEO Gerry Zack explains in this podcast, this new guidance is designed to help apply the COSO ERM framework to the management of compliance risks  and better align it with the framework used by compliance and ethics professionals in the design of effective compliance and ethics programs.

There are numerous benefits from better integration between compliance and enterprise risk management, Gerry reports. For one, it can start breaking down the silos that often lead to inefficiencies and confusion.

For risk management professionals it brings greater understanding of the complexities and nuances of compliance, including the fact that not all matters of compliance risk can be easily quantified.

For compliance professionals, it enables them to better speak in the language of risk professionals and management in general. It also creates an opportunity to move compliance from being perceived as a cost center to being recognized as a protector and creator of value for the organization, a concept that is central to the COSO ERM framework.

Listen in to learn more about this valuable new tool for compliance teams and its many uses, including as a self-assessment tool.