Enterprise Risk Management

In order to ensure effective regulation, the Sarbanes-Oxley legislation contains eleven sections that describe responsibilities of corporate boards (Engel, Hayes, & Wang, 2007). In case these responsibilities are not performed, criminal penalties are applied. The need for stricter financial governance laws created the global trend and such countries as Canada, Germany, France, Australia, Israel, Turkey and others also enacted the same type of regulations (Damianides, 2005). Today, the Sarbanes-Oxley legislation continues to play a fundamental role in the process of protecting the rights of investors and supporting a high level of investment attractiveness of the United States and companies that operate in the country. That is why this particular legislation can be considered as extremely benefiting for the national economy as well as investors.

At the end all the risk are finance related, because the liability’s cost money and this will have an effect in the company’s earnings, so what is important is not only to try to avoid such events but also to be prepare in case they happen and have a plan, is like the saying “Hope for the best but be prepare for the worst”.

Prior to the advent of the Sarbanes-Oxley Act of 2002, referred to herein as “SOX,” the board of directors’ pivotal role was to advise senior leaders on the organization’s strategy, business model, and succession planning (Larcker, 2011, p. 3). Additionally, the board had the responsibility for risk management identification and risk mitigation oversight, determining executive benefits, and approval of significant acquisitions (Larcker, 2011, p. 3). Furthermore, for many public organizations, audit committees existed before SOX and provided oversight of internal processes and controls. Melissa Maleske (2012) advised that the roles and responsibilities of the board were viewed “…from a perspective that the board serves management” (p. 2). In contrast, Maleske (2012) noted that SOX regulations altered the landscape “…to a perspective that management is working for the board” (p. 2). SOX expanded not only the duties of the board and the audit committee, but also the authority of these bodies (Maleske, 2012, p. 2).

Former president and chief executive officer of the online auction site eBay stated, “A business leader has to keep their organization focused on the mission. That sounds easy, but it can be tremendously challenging in today 's competitive and ever-changing business environment. A leader also has to motivate potential partners to join” (Whitman, n.d.). These wise words expressed from a wise and highly successful business leader speak soundly in relation to motivating employees and a sustaining a competitive business advantage. Along with a competitive advantage arises the need to assess the firm’s internal risk. Departmental strengths and weaknesses,

Sarbanes-Oxley is an Act that was enacted in 2002. The enactment was undertaken by the United States Congress thus making it a federal law. In addition, this Act was supported by Michael Oxley and Paul Sarbanes, represents a gigantic change to government securities law (Franzel, 2014). The motivation behind the enactment was to ensure that there was a legal framework that could help deal with the increased number of major corporate and accounting scandals that had been witnessed in the United States. Various sections of this bill are concerned with the roles and responsibilities that have to be played by the board of directors.

Background- In its most basic sense, risk management identifies, allows assessment, and prioritizes risks that are associated and central to an individual project or organization. Risk management allows the organization to be proactive in preventing or mitigating risks, for improving certain processes within the organization, and with the hope of preventing fiscal exposure. However, in almost every organization there are risks individuals are unique and do not always perform at a high level of safety; mechanical or design failures exist, construction projects have supply or labor issues, there are uncertainties in computer or data modification, of course natural disasters, and even deliberate attacks from competitors, etc. Because this is such a common occurrence, national and even international standards have been developed in conjunction with the insurance and regulatory institutions to at least provide basic guidelines to minimize risks risk (International Organization for Standardization, 2009).

“… The era of low standards and false profits is over; no boardroom in America is above or beyond the law." (Bumiller) By way of landslide votes in both the U.S. House of Representatives and the U.S. Senate, in July of 2002, the Sarbanes-Oxley (SOX) act was approved. To understand the cause and effect of this landmark legislation, the SOX act warrants exploration of the events leading to its creation, the details of the act itself, and the impacts on responsibilities to both firms’ management teams and their auditors. While the implementation of Sarbanes–Oxley has been positive for investors, company managers and auditors, specifically, are bearing the burden of complying with SOX through significantly greater responsibilities.

This research paper endeavors to expose how the Sarbanes- Oxley Act of 2002 might have led to the accountability of holding corporate executives for their actions in the past and also in the future. The paper will examine and explore the genesis of the Sarbanes-Oxley Act as well as give details on the act’s relationship to the ethics of the institution and the persons who work and manage the institution. The paper also proceeds to discuss different corporations around the globe that have been endorsed with the Sarbanes- Oxley Act and their subsequent benefits and demerits as opined by different individuals. The paper shall prove to be a relevant tool for any administrator managing a public company. Anyone going through this

- Co-ordinating the regular formal updating of Business Unit and corporate Risk Registers and Risk Treatment Action Plans and compiling a master set;

Corporate governance explains the official rule and regulative parameters for controlling and overseeing the entity (Cascarino, 2012, pg. 131). Responsibilities following the audit committee include keeping up to date safe guards and flow of communication with the auditors (Dogas, C., 2015). Corporate governance clearly explains the “rules, processes, and laws under which entities are operated, regulated, and controlled and includes such the board of directors and the audit” (Cascarino, 2012, pg. 131). After the effects were felt of the first large fraudulent crime of Enron and WorldCom, “the United States enacted the Sarbanes-Oxley Act (SOX) with the plan to widen the duties of auditors, management, audit committees, and boards of directors” (Cascarino, 2012, pg.

Despite the decline in the use of quantitative risk analysis, it is still important to note that risks still exists and risk management has a valuable function to companies. The question that should pose company officials is, “how can a company make its risk management function become more effectual and

Reforms have been created to close the gap of corporate governance and financial reporting in order to prevent the reoccurrence of corporate scandals. Congress created a federal bill named the Sarbanes-Oxley (SOX) Act in July 2002 in response to the Enron and WorldCom scandals that introduced major changes to the regulation of corporate governance and financial practice in order to protect the interest of investors and the public (“Sarbanes-Oxley Act Summary and Introduction,” 2003). The Act is extensive in corporate governance, which is a comprehensive theory concerned with the alignment of management and shareholders interest. The sections of the bill cover responsibilities of a public corporation’s board of directors, adds criminal penalties for certain misconduct, and requires the SEC to create regulations to define how public corporations are to comply with the law (Slater, 2002). The SEC has issued more than twenty rules implementing provisions of the Act pertaining to corporate governance, financial reporting, and audit functions. The SEC has worked with NYSE and NASDAQ to harmonize the new Corporate Governance Rules. Throughout the rest of this paper, the more detailed listing requirements of the NYSE and NASDAQ will be discussed. Since the reforms are extensive, these were selected for the discussion: the increased role of independent directors, independent audit committee, independent directors on the nominating/corporate governance committee, the

Enterprise Risk Management (ERM). With a second observation ERM offered several rational alternatives to the CMT, which also could assist, the organization/segment in achieving its Critical Success Factor (CSF). Since, Palmer’s concrete, seemingly displayed a weak Balance Score Card (BSC) in normal operation analyzed within the company SWOT. ERM could offer an opportunity for the success of the company, according to Blocher et al., (2013); “ERM is a framework and process that organizations use to manage the risks that could negatively or positively affect the company’s competitiveness and success” (p.14). However, ERM list several hazards, according to Blocher et al., (2013) “the operational risk related to customers, products, or employees; and other strategic risk related to top management decisions about the firm’s strategy and implementation thereof. (p.14).

While it lessens the burden on organizations, reducing and shifting the cost and risk of its IT operation, security and management issues to an external service provider or vendor, outsourcing any portions of an organization's Information System has significant risks that can sometimes become detrimental to the outsourced organization. According to the Commission on Government Outsourcing, "when outsourcing an organization exposes itself to significant risks in terms of security, accuracy, and completeness of information (Holroyd City Council, 2008)". Comprised in the rest of this document is an

Enterprise risk management is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives. (COSO, 2004) This definition, provided by Committee of Sponsoring Organizations of the Treadway Commission (COSO), captures key concepts fundamental to how companies and other organizations manage risk, providing a basis for