The Committee of Sponsoring Organizations of the Treadway Commission (COSO) issued the Integrated Internal Control Framework to help businesses and other entities to assess and improve their internal control systems. Since then, this framework has been incorporated in the policies, rules and regulations, and it has been used by thousands of businesses to better control their processes and progress toward achieving their objectives.
The most critical challenges for administrations include determining the risk that the entity is prepared for and accepts. So, in 2004, enterprise risk management (ERM) was incorporated in the Integrated Internal Control Framework, in which there is a relationship between the OBJECTIVES that the organization aims to achieve, the COMPONENTS of risk management, and the LEVELS of the organization.
COSO ERM in a business allows it to: