Skip Ribbon Commands
Skip to main content

The IIA COSO Resource Exchange 

ERM Framework

COSO Issues Important Update to ERM Framework

COSO has released its highly anticipated ERM Framework: Enterprise Risk Management–Integrating with Strategy and Performance. This new document builds on its predecessor, Enterprise Risk Management–Integrated Framework, one of the most widely recognized and applied risk management frameworks in the world.

Access the executive summary.

New Book: COSO’s Updated Framework Tackles Tomorrow’s ERM

The new Framework stresses the importance of incorporating ERM into strategic planning and embedding it throughout the entire organization. The Framework’s five easy-to-understand components are designed to help organizations prosper as they continue to face a future full of volatility, complexity, and ambiguity.

Available from the IIA Bookstore.

New Book: COSO's Updated Framework Tackles Tomorrow's ERM

Management’s Guide to Sarbanes-Oxley Section 404

​Updated Edition of Management’s Guide to Sarbanes-Oxley, Section 404, 4th edition

The IIA Bookstore recently released a 4th edition of Norman Marks’ book, Management’s Guide to Sarbanes-Oxley Section 404. Award-winning author Marks has included new material from the SEC, PCAOB, and The IIA to ensure that CEOs and CFOs charged with signing off on required internal control-related reports are well prepared to do so, and understand the consequences of running afoul of the guidelines.

Visit the IIA Bookstore to learn more about additional features of the updated edition.

Enterprise Risk Management: A Driver for Organizational Success

ERM is not a process, a tool, a department, or a list of risks – it is how an organization makes better business decisions. Shaped by COSO’s new ERM Framework and updates to ISO 31000, The IIA has refreshed its popular ERM course giving you new tools to apply the concepts of risk management organization-wide.

Check out the dates of the in-person and online options now.

Enterprise Risk Management: A Driver for Organizational Success
Members-only Webinar

Members-only Webinar Playback: Getting ERM Right: Leveraging the New COSO ERM Framework

Hear from The IIA’s two Advisory Council representatives to the COSO ERM update project on the key principles for doing ERM right, best practices and common failures of ERM, internal audit’s role in ERM, and how internal auditors can improve their risk-based auditing using concepts from the updated COSO framework.

Members have access to the Aug. 15 webinar playback.

IIA Resources

​Member Savings

As a sponsoring organization of COSO. IIA members receive exclusive access to tools/resources and member-only pricing on books.

Training and Events


Currently Available

Coming Soon

  • Assessing and Managing Strategic Risks: What, Why, How for Internal Auditors
  • Managing Risk in Uncertain Times: Leveraging COSO’s New ERM Framework
  • Practical Enterprise Risk Management: Getting to the Truth

Articles and Thought Leadership

​COSO Framework Resources

About COSO

The IIA is a member of the Committee of Sponsoring Organizations of the Treadway Commission (COSO), a joint initiative of five private sector professional associations collaborating to provide thought leadership, frameworks, and guidance on enterprise risk management, internal control, and fraud deterrence.

About the COSO Resource Exchange

The IIA COSO Resource Exchange provides the most comprehensive and up-to-date list of resources, tools, and training to support implementation of the COSO frameworks. The frameworks are the most widely recognized guidance on what constitutes effective internal control and enterprise risk management, which is vital for the success of any organization. It is broad-based and can be applied by organizations, businesses, governmental agencies, and not-for-profit enterprises of all sizes.