The COSO ERM framework: a critique from systems theory of management control Online publication date: Tue, 02-Oct-2007
by Dermot Williamson
International Journal of Risk Assessment and Management (IJRAM), Vol. 7, No. 8, 2007
Abstract: COSO's (2004) framework on Enterprise Risk Management (ERM) makes a valuable contribution to the emerging practice of ERM, but suffers serious limitations. It fails to provide a workable standard for identifying ERM effectiveness. Its definition of 'risk' diverts attention from opportunities and from uncertainties that fall outside its closed rational systems perspective. By taking a command and control approach, it ignores shared management of uncertainties with external parties and social implications of ERM. As a result, threats will be created if this framework is widely followed, which seems likely as ERM is institutionalised within regulations, professional practice and expected norms of good management.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Risk Assessment and Management (IJRAM):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook