Quantitative COSO Risk Management defines a quantitative approach to risk assessment and internal control validation to that allows management to assess, measure, and score compliance and risk mitigation activities. The use of a quantitative approach offers several advantages: The risks and controls can be modeled to predict the specific level of residual risk in the circumstances, The prediction model can be validated by back-solving or comparison to current observations, The prediction model can be used for “what if” scenarios to select key controls, optimize costs and benefits, and consider alternatives for improved design, The logic behind the assessment is documented in the model for review, Quantitative measures can help settle debates arising from differing assessments.
Book Details:
- Author: Harry Cendrowski
- ISBN: 9780470460658
- Year Published: 2010
- Pages: 335
- BISAC: BUS003000, BUSINESS & ECONOMICS/Auditing
About the Book and Topic:
Quantitative COSO Risk Management defines a quantitative approach to risk assessment and internal control validation to that allows management to assess, measure, and score compliance and risk mitigation activities. The use of a quantitative approach offers several advantages: The risks and controls can be modeled to predict the specific level of residual risk in the circumstances, The prediction model can be validated by back-solving or comparison to current observations, The prediction model can be used for “what if” scenarios to select key controls, optimize costs and benefits, and consider alternatives for improved design, The logic behind the assessment is documented in the model for review, Quantitative measures can help settle debates arising from differing assessments.
Risk assessment and control validation are hot topics with regulators, shareholders, senior management, and external advisors. Traditionally, risk assessment is viewed as an imprecise art, the relative success of which cannot be measured or quantified. The methods revealed in this book allow an objective and verifiable assessment of the internal control structures within the organization, and the development of quantified, measurable scores of the effectiveness of those critical activities.
Includes verifiable risk assessment results Covers development of scores for risk assessment and control effectiveness Includes measurable predictions for risk occurrence Improved senior management oversight of control structures through quantified scores Increased risk assessment results with reduced cost of assessment Responds to SEC prescription of a “qualitative and quantitative framework” Fully compatible with COSO, but guidance for application of principles Links IT infrastructure controls to business applications
About the Author
William C. Mair is a former “Big-8” partner, former Chief Auditing Officer, former Chief Accounting Officer, former Board Member of a registered investment company, and currently a financial systems consultant. He has studied internal control from all angles. He has written extensively and has contributed to many professional journals. He is best known as lead author of Computer Control & Audit, a revolutionary book in the 1970’s and 80’s. Harry Cendrowski, a frequent speaker on forensic accounting and litigation, is author of two Wiley titles, Private Equity and The Handbook of Fraud Deterrence. He teaches NACVA (National Association of Certified Valuation Analysts) training programs and has written many journal articles. He is President of Cendrowski Corporate Advisors that produces two newsletters on fraud: The Fraud Files and Corporate Governance Edition.