Skip Ribbon Commands
Skip to main content

The IIA COSO Resource Exchange 

Creating and Protecting Value

COSO Releases New ERM Guidance: Creating and Protecting Value

Over the past few decades, enterprise risk management (ERM) has received increased attention from boards and executives, and it continues to evolve in its development and uses. To further inform organizations on its benefits, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) is releasing new guidance, “Creating and Protecting Value: Understanding and Implementing Enterprise Risk Management,” offering succinct, tangible steps to implement an effective ERM program.

Access the free download.

New COSO Guidance Addresses How Companies Can Use ERM Framework to Assess Cyber Risks

Even as companies become more digital savvy, they continue to confront new and emerging data risks that pressure financial and reputational vulnerabilities. To help address these challenges, the Committee of Sponsoring Organizations of the Treadway Commission (COSO), in collaboration with Deloitte Risk & Financial Advisory, is releasing new guidance, “Managing Cyber Risk in a Digital Age.” Written to boards of directors, audit committee members, executive management, and cyber practitioners, the new guidance addresses how companies can apply COSO’s Enterprise Risk Management–Integrating with Strategy and Performance (ERM Framework), one of the most widely recognized and applied risk management frameworks in the world, to protect against cyberattacks.

Access the free download.

COSO Managing Cyber Risk

COSO ERM Certificate Program

COSO Issues Guidance for Healthcare Providers

Amid heightened scrutiny and ever-increasing complexities in operations and regulation, healthcare organizations face unique challenges related to the design and operation of internal controls. In response, COSO, in collaboration with Crowe LLP and CommonSpirit Health, has published new guidance: “2013 COSO Integrated Framework: An Implementation Guide for the Healthcare Provider Industry.

Access the free download.

COSO Announces Guidance Addressing Environmental, Social and Governance-related Risks

COSO and the World Business Council for Sustainable Development (WBCSD) released today the final version of “Guidance for Applying Enterprise Risk Management (ERM) to Environmental, Social and Governance (ESG)-related Risks.” This guidance, which aligns with COSO’s widely accepted Enterprise Risk Management — Integrating with Strategy and Performance, is intended to bring ESG risks and opportunities into a clearer focus for mainstream business and other organizations around the world.

Access the free download.

COSO Announces Guidance Addressing Environmental, Social and Governance-related Risks

In Any Kind of Weather

In Any Kind of Weather

One year after COSO issued its updated ERM framework, many internal audit functions are working to apply the new framework to help their organizations weather risks that are on the horizon. Paul Sobel reflects on how, through its assurance and advice, internal audit can help the organization apply the framework’s principles.

Read more.

“How to” COSO ERM Framework Book Empowers Practitioners

With the updated COSO ERM Framework considering expansive changes in the risk landscape since the original framework published in 2004, ERM expert Paul Sobel wrote Managing Risk in Uncertain Times, providing actionable steps to leverage the updated framework to add immediate value to risk management reporting.

Learn more.

New COSO ERM Framework in Action! Managing Risk in Uncertain Times

COSO ERM Certificate Program

COSO ERM Certificate Program

The complexity of enterprise risk has changed; new risks and responsibilities have emerged. Earning the COSO ERM Certificate helps you navigate the unknown. Learn the concepts and principles of the newly updated ERM Framework from the experts and prepare to integrate that framework into your organization’s strategy. The ERM Framework helps management understand their duties for managing risk and drive business performance.

Register today.

COSO ERM: Getting Risk Management Right

COSO’s recent framework update, Enterprise Risk Management–Integrating with Strategy and Performance, highlights the importance of ERM in strategic planning and stresses embedding risk management processes throughout the organization.

Read more in Internal Auditor magazine.

COSO ERM: Getting Risk Management Right

IIA Resources

​Member Savings

As a sponsoring organization of COSO. IIA members receive exclusive access to tools/resources and member-only pricing on books.

Training and Events


Currently Available

Articles and Thought Leadership


​COSO Framework Resources

About COSO

The IIA is a member of the Committee of Sponsoring Organizations of the Treadway Commission (COSO), a joint initiative of five private sector professional associations collaborating to provide thought leadership, frameworks, and guidance on enterprise risk management, internal control, and fraud deterrence.

About the COSO Resource Exchange

The IIA COSO Resource Exchange provides the most comprehensive and up-to-date list of resources, tools, and training to support implementation of the COSO frameworks. The frameworks are the most widely recognized guidance on what constitutes effective internal control and enterprise risk management, which is vital for the success of any organization. It is broad-based and can be applied by organizations, businesses, governmental agencies, and not-for-profit enterprises of all sizes.