Risk Management

Risk management is unique to each entity, in fact it can be unique within different areas of an entity, but overall basic common components must be present. The Norman Group offers expertise to address risk management needs throughout an organization. While needs may often be focused within a line of business due to the nature of an engagement, there is significant benefit in use of a consulting firm that can consider the immediate specific needs of the client while enabling consideration for cross-organization risk management.

COSO’s Enterprise Risk
Management (ERM)
Integrated Framework

Entity objectives can be viewed in the context of four categories:
  • Strategic
  • Operations
  • Reporting
  • Compliance
ERM considers activities at all levels of the organization:
  • Enterprise-level
  • Division or subsidiary
  • Business unit processes
ERM Roles & Responsibilities:
  • Management
  • The Board of Directors
  • Risk Officers
  • Internal Auditors