Nama : Aizzatul Ismiyah

NBI : 1412000205
Matkul : Manajemen Resiko (S)

COSO METHODE
COSO (Committee of Sponsoring Organizations of the Treadway Commission) is a
framework for enterprise risk management (ERM) that was first published in 2004. It
provides a comprehensive approach to risk management that takes into account an
organization's internal environment, external environment, and risk appetite.
The COSO ERM framework consists of eight components:
1. Internal environment: The internal environment component of the COSO
ERM framework focuses on the culture, ethics, and governance of the
organization. This includes factors such as the organization's leadership,
management philosophy, and ethical values. An effective internal environment
can create a foundation for successful risk management.
2. Objective setting: The objective setting component involves establishing clear
and measurable objectives that align with the organization's mission and
strategic goals. This includes identifying key performance indicators (KPIs)
that can be used to monitor progress towards achieving these objectives.
3. Event identification: The event identification component involves identifying
events that may impact the organization's ability to achieve its objectives. This
includes both internal and external events, such as economic downturns,
natural disasters, or changes in legislation.
4. Risk assessment: The risk assessment component involves evaluating the
likelihood and impact of identified risks on the organization's objectives. This
includes considering the potential frequency and severity of the risks and the
organization's risk appetite.
5. Risk response: The risk response component involves developing and
implementing strategies to mitigate the identified risks. This includes
determining which risks should be avoided, accepted, or transferred, and
identifying appropriate control activities to manage the remaining risks.
6. Control activities: The control activities component involves implementing
control measures to ensure that the organization's objectives are achieved and
that the risk response strategies are effective. This includes developing policies
and procedures, assigning roles and responsibilities, and monitoring
performance.
7. Information and communication: The information and communication
component involves ensuring that relevant information is identified, captured,
and communicated to the appropriate parties. This includes establishing
reporting mechanisms and communication channels to ensure that relevant
information is shared in a timely and effective manner.
8. Monitoring: The monitoring component involves ongoing monitoring and
evaluation of the effectiveness of the risk management process. This includes
reviewing the results of risk assessments, evaluating the performance of
control activities, and making necessary adjustments to the risk management
framework.
 The COSO ERM framework provides a comprehensive approach to risk management
that can help organizations to identify and manage risks in a structured and effective manner.
By following this framework, organizations can reduce their exposure to risk and improve
their ability to achieve their objectives.
Point of COSO
The point of the COSO ERM framework is to provide a structured approach to risk
management that can help organizations to identify, assess, and manage risks in a systematic
and effective manner. By implementing the framework, organizations can:
1. Improve risk management processes: The COSO ERM framework provides a
comprehensive approach to risk management that can help organizations to
identify and manage risks in a more structured and effective manner. This can
help to improve the overall quality of risk management processes within the
organization.
2. Enhance decision-making: By having a clearer understanding of the risks
facing the organization, decision-makers can make more informed decisions
that take into account the potential impact of those risks.
3. Increase stakeholder confidence: An effective risk management framework
can increase stakeholder confidence in the organization's ability to manage
risks and achieve its objectives. This can include shareholders, customers,
employees, and other stakeholders.
4. Align risk management with strategic objectives: The COSO ERM framework
emphasizes the importance of aligning risk management activities with the
organization's strategic objectives. By doing so, organizations can ensure that
their risk management efforts are focused on achieving their overall goals.
The COSO ERM framework provides a comprehensive approach to risk management
that can help organizations to identify and manage risks in a structured and effective manner.
By implementing the framework, organizations can reduce their exposure to risk, improve
their decision-making processes, and increase stakeholder confidence.