Hi all here,
There are so many standard on risk management ,like ISO31000, COSO and some others.first i would like to know that
1. why there are various standard on a single subject, it lacks uniformity and transparacy. sould it be uniform and practised it globally in uniform way like similar to IFRS for accounting transaction.
2.how ISO 31000 is diffirent from COSO standard in regard to risk managemt ?
There are so many standard on risk management ,like ISO31000, COSO and some others.first i would like to know that
1. why there are various standard on a single subject, it lacks uniformity and transparacy. sould it be uniform and practised it globally in uniform way like similar to IFRS for accounting transaction.
2.how ISO 31000 is diffirent from COSO standard in regard to risk managemt ?
We had extensive discussions before...but here is a quick input !
ISO 31000 - Published by ISO TC 262, the Committee in charge of Risk Management standardization at the International Standard Organizations (ISO), a public international initiative of 163 countries
COSO ERM - Published by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), an initiative of five US-based accounting and auditing associations: AICPA, AAA, FEI, IMA, and IIA.
ISO 31000 - Public
COSO ERM - Joint private initiative of the five sponsoring organizations
ISO 31000 - International
COSO ERM - Based in the United States, but two of the organizations are international (IMA and IIA)
ISO 31000 - Created in 2009
COSO ERM - Created in 2004
ISO 31000 - Written by hundreds of experts in multiple sectors (industry, health & safety, quality management, accounting, internal audit, etc.)
COSO ERM - Written by experts in accounting, internal audit, and financial management
ISO 31000 - Main contributors: Multiple expert volunteers from 60+ countries
COSO ERM - Main contributors: PricewaterhouseCoopers (PwC), one of the "Big Four" accountancy firms. Board oversight included representatives from the sponsoring organizations, academics, consultants, and risk management practitioners
ISO 31000 - Built on international consensus on reviewing 20 years’ experience in risk management standardization of multiple countries
COSO ERM - Built as an expansion of and incorporating the COSO internal control framework
ISO 31000 - Integrate compliance as part of the external context
COSO ERM - Compliance is one of several risk areas: strategic, operations, reporting, and compliance
ISO 31000 - Global application: Objectives, context, structure, operations, processes, functions, projects, products, services, or assets
COSO ERM - Global application
ISO 31000 - Applied to any industry or sector
COSO ERM - Applied to any industry or sector with emphasis on finance
ISO 31000 - Can be used by public, private or community enterprise, association, group or individual.
COSO ERM - Can be used by organisation - public, private or community enterprise, association.
ISO 31000 - Applied to any type of risk, whatever its nature, whether having positive or negative consequences.
COSO ERM - Applied to any type of risk, whatever its nature, with negative or positive consequences. While the framework recognizes the potential positive effect of uncertainty (which it refers to as opportunity), it focuses primarily on potential negative effects.
ISO 31000 - Mainly based on 20 years’ experience of the Australian/New-Zealand Standard AS/NZS4360
COSO ERM - Based on no previous standards in risk management
ISO 31000 - Comments and reviewed before publication by thousands of risk practitioners, worldwide
COSO ERM - Public comment period before publication
ISO 31000 - Adopted by more than 40 countries as their national risk management standard
COSO ERM - Recognized by some organizations globally as a risk management framework
ISO 31000 - Translated into 23 languages
COSO ERM - Translated into 16 languages
ISO 31000 - Cost : US$ 135 (ANSI website – 30th December 2012)
COSO ERM - Cost for non-members: US$ 75 (COSO website – 30th December 2012)
No hay comentarios:
Publicar un comentario